Vulnerability Management Analyst - 12 Months Contract

Who we are

We are an organisation that exists to drive progress. That's the “red thread” that connects everyone at The Economist Group (TEG). Our businesses share a devotion to innovation, independence and rigour in their fields of expertise. We empower people to understand and tackle the critical challenges and changes facing the world. Our analytical rigour, global expertise and evidence-based insights enable individuals and organisations to make sense of these shifts and chart a course through them.

We deliver analysis and insights in many formats to subscribers and clients in 170 countries through our four businesses, The Economist, Economist Impact, Economist Intelligence and Economist Education, which uphold our global reputation for excellence and integrity. 

Job Summary:

We are seeking a Vulnerability Management Analyst to lead the identification, assessment, and remediation of security vulnerabilities across our organization. The ideal candidate will have expertise in vulnerability scanning tools, risk assessment, and coordination with IT and security teams to improve our security posture.

Key Responsibilities:

Vulnerability Assessment & Remediation:

• Perform regular vulnerability scans using tools like Tenable Nessus, Crowdstrike, AWS.
• Analyze scan results to identify and prioritize vulnerabilities based on risk impact.
• Work with IT, DevOps, and Security teams to remediate vulnerabilities in a timely manner.
• Monitor patching and configuration compliance across systems and applications.

Threat Intelligence & Risk Analysis:

• Stay updated on emerging vulnerabilities, exploits, and zero-day threats.
• Perform root cause analysis on security weaknesses and recommend mitigation strategies.
• Collaborate with Threat Intelligence, Incident Response, and SOC teams to address vulnerabilities proactively.

Compliance & Reporting:

• Ensure vulnerability management processes comply with ISO 27001, NIST, CIS, PCI-DSS, GDPR, or HIPAA standards.
• Generate vulnerability reports and dashboards for security leadership and executive stakeholders.
• Track and document remediation efforts, exceptions, and compensating controls.

Automation & Security Improvements:

• Automate vulnerability scanning and reporting using Python, PowerShell, or Bash scripting.
• Improve scanning coverage by integrating vulnerability management tools into CI/CD pipelines.
• Recommend security configuration changes for cloud environments (AWS, Azure, GCP), endpoints, and networks.

Required Qualifications & Skills:

Technical Skills:

• Hands-on experience with vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.).
• Strong knowledge of network protocols, operating systems (Windows, Linux, MacOS), and cloud security.
• Understanding of CVSS scoring, OWASP Top 10, and MITRE ATT&CK framework.
• Basic programming/scripting knowledge (Python, PowerShell, Bash, or SQL) for automation.
• Familiarity with SIEM, EDR, and firewall security policies.

Soft Skills:

• Strong analytical and problem-solving abilities.
• Ability to work cross-functionally with IT, Security, and DevOps teams.
• Excellent communication and report-writing skills.

Education & Certifications (Preferred but Not Mandatory):

• Bachelor’s/Master’s in Cybersecurity, Information Technology, or related field.
• Certifications (CISSP, CEH, OSCP, Security+, CRTP, or GIAC-related certifications).

Nice to Have:

• Experience with Cloud Security Posture Management (CSPM) tools.
• Understanding of DevSecOps and Secure Software Development Life Cycle (SDLC).
• Knowledge of container security (Docker, Kubernetes).

#LI-Hybrid 

What we offer

Benefits
We offer excellent benefits including an incentive programme, generous annual and parental leave policies, volunteering days and well-being support throughout the year, as well as free access to all Economist content. Country specific benefits are also offered.

Our Values
Our values are a collective set of beliefs and behaviours that strengthen The Economist Group's purpose and demonstrate where we want to be as an organisation. They reflect on our mission to pursue progress for individuals, organisations and the world.

Independence
We are not bound to any party or interest and encourage exploration and free-thinking. We champion freedom, both within our organisation and around the world.

Integrity
We are bold in our efforts to uncover the truth and stand up for what we believe in. We inspire trust through our rigour, fact-checking and transparency.

Excellence
We aspire to the highest standards in all we do. We are ambitious and inquisitive in our pursuit of continuous progress and innovation.

Inclusivity
We value diversity in thought and background and encourage healthy debate with a breadth of perspectives. We treat our colleagues and customers fairly and respectfully.

Openness
We foster a collaborative and empathetic culture conducive to the interests, wit and initiative of our colleagues. New ideas are our lifeblood.

The Economist Group values diversity. We are committed to equal opportunities and creating an inclusive environment for all our colleagues and potential colleagues regardless of ethnic origin, national origin, gender, gender identity, race, colour, religious beliefs, disability, sexual orientation, age, marital status or any other status.