ASPIRE Global Service Centre – Vulnerability & Security Compliance Lead

• Onsite role Belfast
• Full time position Full time hybrid position 2 days per week in office (not shift)
• Department: ASPIRE Managed Services
• Practice: Services Reliability Group
• Vetting Requirements: SC Clearance/CTC Clearance level is mandatory.

Role Summary:

Our ASPIRE Global Service Centre is the central hub of our Service Management operations. Beyond a traditional Service Desk it stands as the central authority and shared service delivery hub orchestrating all operational workflows processes procedures and tooling. Its a core delivery component of the Version 1 ASPIRE Managed Services offering that places AI continuous improvement and business innovation at the heart of everything Version 1 does. With a focus on supporting self-service and automation we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers.

We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify assess and mitigate vulnerabilities ensuring systems and applications are updated with the latest patches and compliance requirements. The role combines technical expertise process leadership and strategic planning to maintain strong security hygiene and safeguard our customers technology assets from potential threats. As this is a leadership role you will ensure the service desk team leader and their analysts have the suitable tools schedules and skills to perform the routine maintenance activities. The role will also look to support the development of the wider security operations capability under continual improvement.

Vetting Requirements: SC Clearance/CTC Clearance level is mandatory for the role.

Key Responsibilities:

• Develop and execute a comprehensive patch management strategy across all IT systems and applications.
• Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations.
• Coordinate the testing of patches prior to deployment to validate functionality and compatibility.
• Utilize vulnerability scanning tools to identify weaknesses in the IT environment.
• Analyze and prioritize vulnerabilities based on risk impact and business-criticality.
• Oversee and enforce best practice for security hygiene; access reviews vulnerability assessment key rotation etc
• Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner.
• Ensure compliance with regulatory requirements internal policies and industry standards related to patching and vulnerability management
• Generate reports on vulnerability status patching progress and key metrics for senior leadership and audit purposes.
• Act as a point of expertise for patching and vulnerability management within the organization.
• Work closely with cross-functional teams including IT Operations Security and Application teams to align patching and remediation activities with business objectives.
• Identify inefficiencies in processes and workflows recommending and implementing improvements to enhance service quality.
• Collaborate with third-party vendors for tools and solutions ensuring optimal performance and cost-effectiveness.
• Perform and maintain risk assessments gap analysis and risk register(s).
• Supporting external assessments.
• Supporting security Incident responses.
• Supporting the development of security policies and procedures.

Qualifications :

Skills Education & Qualifications:

• Proven experience in IT patch management vulnerability assessment or IT security.
• Familiarity with security hygiene/compliance standards.
• Strong understanding of operating systems (Windows Linux etc.) applications and network security principles.
• Proficiency in vulnerability scanning and patch deployment tools (e.g. Qualys Tenable SCCM WSUS SCOM Manage Engine SolarWinds Linux distributions (Ubuntu CentOS RedHat etc) Ansible AWS Patch Manager/Azure Update Manager.
• Proficiency in command line interface.
• Proficiency in Security and Vulnerability tools (e.g. Microsoft Defender for Endpoint AlertLogic Web Application Scanning Tripwire Tenable Nessus).
• Strong problem-solving analytical reporting and organizational skills.
• Experience or understanding of of security compliance frameworks; ISO27001 NIST SOC2 Cyber Essentials etc.
• Relevant certifications (e.g. CISSP CISM CompTIA Security or similar) are highly desirable.
• Detail-oriented with a proactive approach to problem-solving.
• Ability to prioritize tasks effectively in a fast-paced and dynamic environment.
• Committed to driving continuous improvement in cybersecurity processes and practices.
• Experience with ITSM tools (e.g. ServiceNow).
• Knowledge of ITIL frameworks and best practices.
• Strong communication interpersonal and problem-solving abilities.
• Customer-focused mindset with a commitment to delivering high-quality service.
• Strategic thinking and decision-making.
• Ability to manage multiple priorities and meet deadlines.
• Adaptability to evolving technologies processes and security guidances.
• Excellent communication and stakeholder management skills.

Additional Information :

At Version 1 we believe in providing our employees with a comprehensive benefits package that prioritises their well-being professional growth and financial stability.

One of our standout advantages is the ability to work with a hybrid schedule along with business travel allowing our employees to strike a balance between work and life.

We prioritise the health and safety of our employees providing private medical and life insurance coverage as well as free eye tests and contributions towards glasses. Our team members can also stay ahead of the curve with incentivized certifications and accreditations including AWS Microsoft Oracle and Red Hat.

Our employee-designed Profit Share scheme divides a portion of our companys profits each quarter amongst employees. We are dedicated to helping our employees reach their full potential offering Pathways Career Development Quarterly a programme designed to support professional growth.

Remote Work :

No

Employment Type :

Full-time