Vulnerability Analyst

Job Description – Vulnerability Analyst About Hiscox:

At Hiscox we care about our people. We hire the best people for the work, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We embrace hybrid-working practices, balancing the ability to work remotely with the culture and energy we experience when we are face-to-face in our offices. Our focus on collaboration and cross‑functional working is supported with virtual tools that minimise physical travel, hot‑desking neighbourhoods that create a physical sense of community and Team Charters that our teams co‑create to set out how they’ll work together.

This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues. As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things.

We insure the unique and the interesting. And we search for the same when it comes to talented people. Hiscox is full of smart, reliable human beings that look out for customers and each other. We believe in doing the right thing, making good and rebuilding when things go wrong. Everyone is encouraged to think creatively, challenge the status quo and look for solutions.

Scratch beneath the surface and you will find a business that is solid, but slightly contrary. We like to do things differently and constantly seek to evolve. We might have been around for a long time (our roots go back to 1901), but we are young in many ways, ambitious and going places. Some people might say insurance is dull, but life at Hiscox is anything but.

If that sounds good to you, get in touch. You can follow Hiscox on Linked In, Glassdoor and Instagram (@Hiscox Insurance).

• Support and deputise (where applicable) for the TVM lead across all strategic and operational activities.
• Support and play an active role in future TVM release cycles achieving full estate coverage and configuring additional Tenable modules.
• Create TVM standard operating procedures to support release cycles and BAU activity.
• Analyse and prioritise the outputs from TVM platforms and translate into mitigation actions for our Fusion Centre CI/CD pipelines.
• Perform routine vulnerability assessments of our infrastructure and applications working with the group functions and business unit technology teams to resolve vulnerabilities and configuration weaknesses inline with defined SLAs.
• Track open security weaknesses and vulnerabilities of concern in our estate and manage them through the lifecycle to closure.
• Support in-flight security incidents by providing insight into our vulnerability exposure and what potential threat vectors a malicious actor may be trying to target.
• Experience of working across multi‑cloud environement and resolving vulnerabilities and weaknesses across all.

• 1 to 3+ years’ experience in a cyber analyst role, preferably with a focus on TVM technologies.
• Excellent working knowledge of the vulnerability management lifecycle.
• Excellent analytical skills with the ability to work under own initiative.
• Experience of working in a fast‑moving environment.
• Good Tenable One product knowledge.
• Good communication skills.
• Good presentation and report writing skills.
• BSc or MSc in Cybersecurity is desirable.
• Industry recognised qualifications such as CompTIA Pen Test+ and GIAC GPEN are desirable.