Job Description

How You'll Support Our Mission

ESO's teams are growing, and our software is in demand globally by firefighters, paramedics, hospitals and governments. To meet this demand, we are continuing to build an industry-leading cyber security team in Belfast to protect our customers and data from a variety of fast moving and constantly evolving threats.



We are looking for a Senior Vulnerability Manager to join our Belfast and US teams, to work alongside our IT, Fire, Hospital and EMS Engineering teams, who need assistance to secure our mission-critical applications. These applications are used to help our customers go about their daily job of protecting their communities and saving lives.



You will be working across our entire estate to lead in identifying, evaluating and prioritising vulnerabilities across a diverse range of technologies and contexts. Domains will include software development and dependency-based vulnerabilities, operating system and enterprise application vulnerabilities, penetration test findings and automated scan results from various in-house tooling.



We want our colleagues throughout ESO to operate securely, but with a high degree of autonomy and minimal security constraints; we're therefore building out the use of automation around controls, approvals and governance to facilitate this. You will be part of a high functioning, motivated and forward-thinking team. You have the chance to join a growing and passionate team, working on critical products, whilst being supported with training opportunities and mentoring.




Joining our team will be an amazing and truly rewarding experience.

What

You'll

Be Doing

- the day to day

Prioritisation of vulnerabilities across the organisation - taking a risk-based approach to priority, and being across vendor and community disclosures, 0days, threat intelligence and credible information sources to assist in protecting our environment. Managing and measuring key performance indicators (KPIs) and key risk indicators (KRIs) related to scan coverage, vulnerability and exception counts, across our various platforms. Identifying and resolving gaps related to scanning, vulnerability remediation, and reporting issues. Reviewing and managing vulnerability and patching exception requests from a risk perspective and provide advice to application and asset owners. Coordinating, scoping and managing penetration tests of key systems globally. Coordinating time-sensitive vulnerability response to remediate the highest criticality vulnerabilities across systems. Leading campaigns to systematically and strategically reduce business risk by closing open vulnerabilities with the help of application owners, asset owners, and support groups. Producing informative, easy-to-understand and useful dashboards and metrics. Helping ESO colleagues get answers to security questions and be a key part of our cyber security team, with tangible impact on the security of our people and systems. Respond to security and compliance issues generated via analysis or automated tools. Work collaboratively cross-team, to impart your expertise across the organisation. Be in the detail, working shoulder-to-shoulder with our technology teams.

Who You Are - some of the essential things required to be successful in the role

3+ years' experience in IT or security, including vulnerability management, IT risk assessment, assurance or control testing processes. Great communication skills to be able to communicate to technical and non-technical stakeholders. Proven ability to coordinate and influence large groups, including strong planning & project management skills. Good analytical skills, attention to detail and ability to methodically troubleshoot complex issues



Your experience should include:


Working with hardware, software and vendor vulnerabilities. Establishing policies, procedures and SLAs for vulnerability management and remediation. Working with toolsets for vulnerability management (e.g. Tenable, Qualys, Rapid7, Microsoft native), patch management (e.g. Microsoft native, Jamf, NinjaOne) and cloud-specific (e.g. Defender product suite, CrowdStrike). You should also have a passion for what you do and understand how your work impacts ESO's success.

Who You Are - it's desirable if you have any of the following

Enterprise vulnerability management experience to include patch management and remediation activities in a large company. Experience in the implementation, reporting from and management of Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tooling in a large enterprise environment. Experience with CMDB / asset management tooling and implementations. Experience with code repositories and management in general, including GitHub and BitBucket, as well as tool integration into associated build / CI/CD pipelines.

Benefits & Perks! You will have fantastic benefits at ESO including but not limited to;

Life insurance (4 x base salary) Income protection insurance A generous pension contribution Private medical insurance including optical and dental A health cash plan Modern City Centre office and a flexible hybrid working policy AwardCo Recognition Program Enhanced paternity leave and pay, enhanced adoptive pay, enhanced maternity pay - 12 weeks full pay after 6 months' service. Enhanced short and long-term sick pay 25 days holiday which increases year on year until you reach 5 years of service + 14 additional days

About ESO

ESO is a fast-paced, growing data, technology and research company passionate about improving community health and safety through the power of data. We pioneer innovative, user-friendly software to meet the changing needs of today's EMS agencies, fire departments, and hospitals. We're small enough to be nimble and fun, but big enough to be a great place to work. We serve thousands of customers out of our offices across the US, Canada and Northern Ireland.

Are you ready to Make a Difference?

ESO is committed to creating a diverse and inclusive work environment and is proud to be an equal opportunity employer. We invite you to consider opportunities at ESO regardless of your gender; gender identity; gender reassignment; age; religious or similar philosophical belief; race; national origin; political opinion; sexual orientation; disability; marital or civil partnership status or other non-merit factor.

Our Equal Opportunity Statement of Policy for Northern Ireland is available on request.

Applicant Privacy Notice - please click here to review the privacy policy which details how your data is collected, used and protected.