Vulnerability Analyst
TalentTrade RecruitmentVulnerability Analyst
6 month + contract
£600 per day OUTSIDE IR35
London/Remote
*Please note you will need to be holding or eligible to hold UK Security Clearance for this role.*
This role sits within a high-volume enterprise vulnerability programme where risk prioritisation matters just as much as vulnerability discovery.
The team specifically needs analysts with hands-on experience using enterprise risk-based vulnerability management platforms such as Qualys Enterprise TruRisk, Qualys VMDR, Tenable Exposure Management/TruRisk, or equivalent contextual risk-scoring capabilities.
Candidates with only traditional Nessus scanning exposure are unlikely to be suitable for this environment.
TalentTrade is supporting a financial services client anticipating a significant increase in vulnerabilities and remediation activity across a large-scale Microsoft and cloud estate.
You'll join the team responsible for identifying, prioritising, and driving remediation of vulnerabilities across infrastructure, cloud, endpoint, and application environments.
The environment combines exposure management, threat intelligence, asset criticality, and operational remediation workflows rather than relying solely on CVSS scoring.
You'll be working across technologies and platforms including:
Qualys Enterprise TruRisk Platform and VMDR.
Tenable Exposure Management/TruRisk capabilities or equivalent.
ServiceNow Vulnerability Response Module.
Microsoft Defender.
Azure and AWS environments.
Container, endpoint, and cloud exposure management tooling.
What you'll be doing:
Performing vulnerability analysis across enterprise infrastructure, cloud, endpoint, and application estates.
Using contextual risk scoring and exposure management capabilities to prioritise remediation activity.
Working with Enterprise TruRisk concepts including asset criticality, exploitability, threat intelligence, and business impact analysis.
Supporting remediation coordination with Infrastructure, Engineering, DevOps, Cloud, and Security teams.
Validating vulnerabilities and reducing false positives within enterprise scanning environments.
Managing remediation workflows through ServiceNow Vulnerability Response.
Producing operational reporting, remediation tracking, and risk trend analysis.
Applying emerging threat intelligence and exploit data into vulnerability prioritisation decisions.
Supporting continuous improvement across enterprise vulnerability management processes and automation initiatives.
Essential experience:
Strong hands-on experience with Qualys Enterprise TruRisk, Qualys VMDR, Tenable Exposure Management/TruRisk, or equivalent enterprise exposure management platforms.
Experience working within mature enterprise vulnerability management programmes.
Strong understanding of contextual risk scoring beyond standard CVSS methodologies.
Experience with ServiceNow Vulnerability Response Module.
Experience across cloud, infrastructure, endpoint, and server estates.
Ability to engage technical stakeholders and drive remediation activity effectively.
Experience within financial services or other regulated environments would be advantageous.