Vulnerability Management
Role Overview
The role of Vulnerability Management is to triage vulnerabilities by relevance and criticality to the organisation. Vulnerability Management then identify mitigations for those vulnerabilities and advise on implementing them.
Role level
Typical role expectations
- Analyse complex information systems to understand the associated Cyber Security risks, audit requirements, and data value
- Support the creation and implementation of vulnerability assessments of enterprise assets to a predefined scope and schedule using predetermined templates and test scripts, including but not limited to:
- application vulnerability assessments
- infrastructure vulnerability assessments
- Assist in the prioritisation of those vulnerabilities through a risk-based approach
- Triage and prioritise vulnerabilities, implement mitigating measures, and support in the life cycle of vulnerability management, providing standardised advice on ways to improve control mechanisms and mitigate risk
- Collaborate with stakeholders to manage vulnerabilities and undertake remediation activities
- Communicate common mitigation strategies such as patching and basic configuration change (system hardening)
- Understand how local protective security measures can be applied to reduce vulnerability exposure
- Demonstrate knowledge of common approaches and tooling to perform vulnerability assessment and to validate system configuration
- Perform vulnerability assessments of enterprise assets with limited supervision to a predefined scope and schedule using predetermined templates and test scripts
- Develop and implement schedules for performing vulnerability assessments to meet organisational objectives and compliance requirements
Typical role expectations
- Manage complex information systems to understand and prioritise actions on Cyber Security risks, audit requirements and data value, and provide guidance to vulnerability management team members
- Manage the creation and implementation and lead development of vulnerability assessments for IT estates, including but not limited to application vulnerability assessments and infrastructure vulnerability assessments
- Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions
- Manage the triage of vulnerabilities, ensuring mitigation measures are implemented, and managing the life cycle of vulnerability management for a set of assets, providing tailored advice on ways to improve control mechanisms and mitigate risks
- Recommend remediation strategies and provide advice on complex configuration changes in support of vulnerability remediation
- Proactively identify and leverage threat intelligence sources to inform strategic vulnerability mitigation measures
- Manage collaboration with stakeholders to create tactical plans relating to managing vulnerabilities, and oversee subsequent activities
- Demonstrate developed knowledge and understanding of approaches and tooling for performing vulnerability assessment against large and complex infrastructure
- Validate system configuration across multiple and complex interlinking systems
- Translate vulnerability management standards and best practice into organisation-specific policies, procedures and guidelines and champion standards and best practice outside security functions
- Explain the need for effective vulnerability management processes and implications of poor performances
- Lead development and implementation of effective vulnerability management programs across the enterprise to meet organisational and regulatory and compliance requirements
- Develop vulnerability assessment templates and test scripts to meet common organisational objectives such as regulatory compliance and internal audit function
Typical role expectations
• Lead complex information systems to understand and prioritise actions on Cyber Security risks, audit requirements and data value, and provide specialist or complex guidance to vulnerability management teams and external senior stakeholders
• Lead the development and implementation of multiple vulnerability assessments and enterprise-wide scanning strategies across multiple complex environments, while leading in prioritising those vulnerabilities through a risk-based approach
• Lead the triage of vulnerabilities, ensuring mitigation measures are implemented, and oversee the life cycle of vulnerability management for a set of assets, providing tailored specialist or complex advice on ways to improve control mechanisms and mitigate risks
• Lead senior stakeholder engagement across government to create strategic plans for managing vulnerabilities and remediation activities
• Create organisational principles and vision that will provide the basis for triaging vulnerabilities
• Provide advice to senior leadership on ways to improve control mechanisms, identify, evaluate, and mitigate risks
• Develop bespoke templates and test scripts to meet uncommon or complex organisational objectives
• Set the organisation’s vulnerability management strategy including people, process and technology elements
• Ensure organisation-specific vulnerability management policies, procedures and guidelines are aligned with organisational objectives and risk appetite
• Set direction and approve investment in strategic tooling and capability to address strategic enterprise-wide risk
• Develop bespoke templates and test scripts to meet uncommon or complex organisational objectives
Skills
| Skill | Associate | Lead | Principal |
|---|---|---|---|
| Penetration testing | Working | Practitioner | Expert |
| Information risk assessment and risk management | Working | Practitioner | Practitioner |
| Threat intelligence and threat assessment | Working | Practitioner | Practitioner |
| Cyber Security Operations | Working | Practitioner | Practitioner |
| Threat Understanding | Working | Practitioner | Practitioner |
| Legal and regulatory environment and compliance | Awareness | Awareness | Awareness |
| Protective security | Awareness | Awareness | Awareness |
Core learning
Entry level
Foundation Certificate in Cyber Security
BCS Certificate in Information Security Management Principles (CISMP)
Microsoft 365 Fundamentals (MS-900)
Associate level
CompTIA Security+
Microsoft 365 Fundamentals (MS-900)
LDR516: Building and Leading Vulnerability Management Programs
Lead level
CompTIA Cybersecurity Analyst (CySA+)
FOR578: Cyber Threat Intelligence
LDR516: Building and Leading Vulnerability Management Programs
Principal level
CompTIA Advanced Security Practitioner (CASP+)
FOR518: Mac and iOS Forensic Analysis and Incident Response
LDR516: Building and Leading Vulnerability Management Programs