Threat & Vulnerability Manager

London, LND, GB, SW11 7BW

Bertelsmann

International media company and it’s divisions; information for all interested people, journalists and applicants; financial data and business details

View all jobs at Bertelsmann

 

 

Are you ready to play a pivotal role in safeguarding Penguin?

 

Our Security Operations team, an integral part of the Technology and Information Security community here at Penguin, is recruiting for a Threat & Vulnerability Manager. Our Security Operations team, located across London and Essex, is dedicated to monitoring and protecting the security and integrity of our systems against technical risks, which aim to preserve the values and reputation of the Penguin brand.

 

You will step into a senior role where your expertise will shine as you support the Head of Security Operations in fortifying our cyber defences. As the Threat & Vulnerability Manager, you'll be at the forefront of maintaining and enhancing our cyber security landscape through swift and effective threat assessments and remediation processes. Your work will be pivotal in minimising business disruption, safeguarding our reputation, and protecting our consumers from the risks posed by unpatched or vulnerable systems. You'll lead the charge in driving continuous improvement in our threat and vulnerability management, collaborating extensively with diverse stakeholder groups across the business.

 

In this role, you will:

 

  • Ensure vulnerability detection and remediation controls are properly configured and effective.

  • Quickly assess new vulnerabilities and lead efforts to resolve or mitigate them based on severity and applicability

  • Act as the product owner for enterprise VM tools, collaborating with infrastructure and security architects.

  • Lead the team in driving continuous improvements in vulnerability management processes.

  • Co-ordinate penetration test remediation activity and provide qualitative reviews of proposed resolutions.

  • Develop processes and procedures to maximise our use of multiple threat intelligence feeds.

  • Provide guidance on vulnerability management and mitigation across endpoints, servers, networks and applications.

  • Collaborate with internal and external teams to enhance our security posture through effective vulnerability remediation.

  • Produce regular metrics and KPIs to track vulnerability trends and priorities and produce regular informed threat intelligence reporting.

  • Chair Patching and Vulnerability Management forums to ensure best practices.

  • Oversee BAU vulnerability management processes managed by our Security Operations or our MSSPs.

  • Drive technical integrations between VM platforms to enhance automation and threat intelligence.

 

You will bring:

 

  • Demonstrable experience using VM tools at an enterprise level and leading VM programs.

  • Experience with patch management processes.

  • Broad and deep vulnerability knowledge across Infrastructure, Cloud, Applications, and Networks.

  • Ability to build and maintain collaborative relationships with stakeholders, advocating for risk-based vulnerability management.

  • Good understanding of Web Application Security frameworks, common vulnerabilities, and remediations.

  • Excellent administrative and multitasking skills.

  • Strong stakeholder management skills with experience utilising security related KPIs and executive reporting.

  • Effective relationship building skills to form partnerships with diverse teams.

  • Excellent verbal, written, and interpersonal communication skills, with the ability to explain technical information to non-technical colleagues.

  • An agile mindset, focused on delivery and achieving regular incremental successes.

  • A commitment to professionalism, setting high personal standards, and leading by example.

  • High energy, drive, and ownership for improving technical security controls.

About Security Operations

 

The Security Operations team is part of the wider Information Security community across Penguin Random House UK, ensuring our systems are monitored and protected against technical risk. Our Security Operations team are based in London and are part of our larger Technology division based across London and Essex.

 

About Technology

 

Following the successful completion of our recent technology, data and process merger, our Technology division is charging ahead with our strategic plan to amplify the voices of our organisation. This includes leveraging the potential of Cloud solutions, continuously enhancing our security measures, revitalising legacy applications, and enhancing our interactions with strategic partners and suppliers. Our Technology Division spans across two vibrant office locations in London and Colchester, where approximately 200 colleagues are dedicated to empowering our mission – we make books for everyone, because a book can change anyone.

 

We are also on a journey to create a workplace that is truly inclusive, empowering and equitable for all. Our recent successes have seen a significant increase in our division’s engagement and sense of belonging. We are committed to fostering an environment where every voice is valued and every individual has the opportunity to make a meaningful impact.

 

Our approach to hybrid working:

 

While our offices are places for you to connect, collaborate and celebrate with colleagues, having flexibility about where you work is just as important for doing your best work and for your wellbeing. So, we don’t have a one-size-fits-all approach when it comes to how we work across Penguin Random House UK.

 

For this role, there are regular weekly meetings and activities that you will need to attend in person mainly at our offices in London weekly. Outside of these moments, you can choose to work remotely.

 

Application process: Please apply with your CV by 11:59PM on Thursday 24th October. We anticipate a two-stage interview process which will include a virtual first-stage interview and in-person second stage interview.

 

 

What you can expect from us:

 

Salary: £65,000 - £70,000 dependent on how your skills and experience align to the role, plus bonus and benefits.


Our people are the heart of our business, and we work hard to support a culture of responsibility and recognition. Our benefits include:

 

  • Financial – income protection, life assurance, childcare allowance

  • Wellbeing - healthcare cash plan, critical illness cover, health checks

  • Lifestyle – enhanced parental leave, tech scheme, free and discounted books

 

For our full benefits list please visit: https://www.penguinrandomhousecareers.co.uk/what-we-offer/


The recruitment process: You can read about our recruitment process at https://www.penguinrandomhousecareers.co.uk/how-we-hire/

 

As a Disability Confident Committed organisation, we're part of the offer an interview scheme. This is where disabled applicants who meet the essential criteria for the role can opt in to get to the next recruitment stage. There may be some situations where volume of applicants means we can't take all eligible candidates to interview.

 

We encourage you to tell us about any reasonable adjustments you may need by emailing PRHCareersUK@penguinrandomhouse.co.uk. Remember, you only need to share what you are comfortable to for us to support your request.

 

Please note, we are not able to accept agency CVs for this role. Any CVs sent speculatively will not be eligible for a fee.

 

Company: Penguin Books Limited 

Country: United Kingdom 

State/Region: London 

City: London 

Postal Code: SW11 7BW 

Job ID: 274494

Job stats:  1  2  0

Tags: Agile Application security Automation Cloud KPIs Monitoring Threat intelligence Vulnerabilities Vulnerability management

Perks/benefits: Health care Parental leave Salary bonus Team events

Region: Europe
Country: United Kingdom

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.