Job Scope Attack Surface Monitoring, Vulnerability Scanning, and Triage Monitor and triage findings surfaced by our Attack Surface Management (ASM) and Vulnerability Management tools Assess each finding for validity, severity, and exploitability before escalating or acting on it Distinguish genuine exposures from false positives and contextualise findings against our asset inventory Prioritise remediation efforts based on risk Remediation Workflow Management Work with system owners to follow up on outstanding findings Track remediation progress and ensure findings are resolved in a timely manner Manage exceptions and risk acceptance where remediation is not immediately feasible Communicate clearly with non-technical stakeholders, translating technical findings into actionable guidance Reporting & Insights Consolidate vulnerability data and remediation metrics for reporting Identify trends and surface systemic issues across the organisation's attack surface and internal asset landscape Provide recommendations to improve our overall exposure management programme Process Improvement Contribute to the refinement of ASM and vulnerability management processes, tooling configurations, and escalation playbooks over time Support the development and maintenance of vulnerability management policies, standards, and procedures in alignment with industry best practices Prerequisites Bachelor’s Degree in Computer Science/Information Security or equivalent Professional certifications, including GWEB, OSCP, CRISC, CISA or other relevant certifications will be preferred Familiar with IM8 Cybersecurity policies will be preferred Preferably 5 years of experience in a relevant cybersecurity function, such as vulnerability management, attack surface management, security operations, or IT risk Strong understanding of cybersecurity concepts, particularly around vulnerability management, patch management, common vulnerability scoring frameworks (eg CVSS), and external-facing attack surface risks Familiarity with ASM or vulnerability management tools (such as Tenable, Qualys, Censys, or similar) Proficiency in programming languages such as Python will be advantageous Strong analytical and judgement skills, with the ability to think critically and make sound recommendations Good communication and interpersonal skills, with the ability to multitask, prioritise, and translate technical findings Meticulous, with a high degree of integrity, initiative, and energy