The purpose of this role is to work as part of the cyber security team to implement an organised approach to addressing and managing application security vulnerabilities. Performing vulnerability assessments and providing reports on required mitigation work, which will be used by the business application teams to aid their strategic programs of work and improve the overall security assurance of DAN.
- Working with key stakeholders to identify and prioritise internal applications that require a full security assessment.
- Perform application vulnerability and risk assurance assessments. Review outputs and refining the findings to understand the real risk to DAN, before allocating remediation tasks to the support teams.
- Engage with other teams to mitigate cyber security threats, improve processes, and improve security posture, analysing threat intelligence for relevancy, impact, and exposure.
- Interprets internal/external business challenges and recommend best practices. Provide expert advice on findings and track the program of works to mitigate and resolve vulnerabilities.
- Escalate critical findings to the incident response team, working closely with colleagues to protect the environment.
- Be point of contact for application security activities performed by cyber security. Ensuring DAN processes are followed at all times.
- Take ownership of cyber applications incident queue ensuring tickets are closed based on defined SLAs. Assist management in making improvements to the ticket system (ServiceNow) to streamline processes.
- Gather key metrics and KPIs for inclusion in detailed reports to the Head of Cyber Operations
Who are we looking for?
- Previous experience in performing vulnerability management programs of work
- Previous knowledge of Tenable IO Web Application Scanning tool
- Fundamental understanding of web application security concepts such as the OWASP Top 10 Vulnerabilities
- Good understanding of security fundamentals and best practices.
- Must possess excellent technical, analytical and problem-solving skills.
- Possess a high level of interest in security research and be a self-motivated learner.
- Able to handle multiple deadlines, and to effectively perform during high pressure or stressful situations.
- Good presentation skills both verbal and written on both technical and non-technical information. With a strong eye for detail
- Very good organisational, time management and communication skills, with the ability to build relationships with peers.
- Experience producing security documentation and other technical analysis reports
- Experience working in a team-oriented, collaborative environment.
What you’ll get from us
Dentsu Aegis Network is a fantastic place to work with many great benefits on offer including 25 days’ annual holiday, Pension, Cycle to Work Scheme, and get your Birthday day off!
Not only is it an incredibly fun place to work but as part of a multinational organisation there are many opportunities to advance your career within the wider business once you have proven yourself.
About Dentsu Aegis Network (DAN)
DAN is headquartered in London and operates in 145 countries worldwide with more than 45,000 dedicated specialists. Dentsu Aegis Network is Innovating the Way Brands Are Built for its clients through its best-in-class expertise and capabilities in media, digital and creative communications services. Dentsu Aegis Network consists of a number of market leading brands including; Carat, Dentsu Media, Isobar, iProspect, Posterscope, Vizeum, Amplifi, D2D and PSLive
Our values and behaviours:
Agile – Anticipate business needs, continuous process improvement, be flexible whilst maintain high standards
Pioneering – Being constantly curious, be bold in challenging the status quo, support a culture of openness
Ambitious – Strive for excellence, drive hard to achieve, learn from experiences
Responsible – Uphold the highest levels of integrity, lead by example, be courageous in raining concerns
Collaborative – Operate as one finance team locally and globally by sharing best practice and following standard practices and processes
Inclusion & Diversity
We value the strength diversity brings to our business and are working hard to build a more inclusive workplace through partnerships with Stonewall, Business Disability Forum and Business in the Community’s race and gender equality campaigns. We are happy to discuss all flexible and agile approaches to working for all our roles – we can’t promise we will be able to offer you everything you want or need but we do promise to discuss it with you openly and honestly.
If you have any reasonable adjustment needs arising from a disability or medical condition to fully participate in the recruitment process, please discuss this with the recruiter who contacts you.