Lorien
Job Title:Vulnerability management SME
Job Location: Havant
Duration: 6 months
Description:
Vulnerability management SME
The Vulnerability Management Subject Matter Expert (SME) is responsible for the design, delivery, and continuous improvement of the organisation's vulnerability management service for End User Compute devices. The role focuses on utilising tools such as Qualys to identify, assess, prioritise, and support the remediation of vulnerabilities across infrastructure, endpoints, and cloud environments.
The SME ensures that vulnerabilities are effectively managed in line with organisational risk appetite and security standards, supporting a proactive approach to reducing cyber risk. This includes maintaining accurate vulnerability data, driving remediation activities, and ensuring alignment with governance, compliance, and audit requirements across the organisation.
Key Accountabilities
- Deliver and support vulnerability management capabilities using Qualys, including asset discovery, vulnerability scanning, and risk prioritisation
- Analyse and interpret End User Compute vulnerability data, providing actionable insights and remediation recommendations
- Collaborate with endpoint management and application management SMEs to action remediation activities
- Monitor and report on vulnerability posture, risk exposure, and remediation performance across the organisation
- Develop and maintain automation and reporting capabilities to improve efficiency and visibility of vulnerability management activities
- Collaborate with cyber security, risk, and service management teams to ensure alignment with governance, compliance, and risk frameworks
Skills, Knowledge & Experience
Essential
- Proven experience operating vulnerability management tools (e.g. Qualys) in an enterprise environment
- Strong understanding of vulnerability management lifecycle, including scanning, prioritisation, and remediation
- Knowledge of common security vulnerabilities, risk scoring (e.g. CVSS), and remediation approaches
- Experience working with endpoint management tools like Intune and SCCM to support vulnerability remediation
- Understanding of cyber security principles, risk management, and ITIL-based service management practices
Desirable
- Experience integrating vulnerability management tools with enterprise platforms (e.g. ServiceNow)
- Familiarity with cloud environments (e.g. Azure) and associated security considerations
- Knowledge of patch management processes and tools
- Scripting or automation experience (e.g. PowerShell, Python)
- Experience supporting audit, compliance, or regulatory requirements
Guidant, Carbon60, Lorien & SRG – The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.
To apply for this job please visit www.reed.co.uk.
Make this application stronger
Use these quick checks before applying so your CV, interview preparation and job search are better matched to this vacancy.
Before you apply
Check the key details and make sure the role matches what you are looking for.
- Review the job title, company, location, salary and working pattern if provided.
- Check the skills, experience or qualifications requested by the employer.
- Make sure the commute, hours and contract type are realistic for you.
Tailor your CV
For IT Jobs, highlight the most relevant skills, experience and achievements linked to this type of work. Keep it honest, clear and focused on what the employer is asking for.
Use the CV Builder or browse Career Advice.
Prepare for interview
If your application is successful, prepare simple examples that show your motivation, strengths and suitability.
Keep searching smarter
Do not rely on one application. Keep searching similar roles and set up alerts so new vacancies reach you faster.