Vulnerability Management Analyst

**You’re only human.**

It’s a strange thing to say, because us humans are capable of incredible things. And at Medibank, we know our greatest potential lies in the people who work with us.

We strive to make real, fundamental change, driven by a simple purpose: to create the best health and wellbeing for all of Australia.

**The Role**

We’re looking for a Vulnerability Management Analyst to be responsible for managing processes across our security environment. You will play an important role in securing systems that host sensitive health data, enhancing security through seamless and secure identification, reporting and management of vulnerabilities with regulatory obligations such as APRA CPS 234, ISO 27001, and the Australian Privacy Principles (APPs).

**The Responsibilities**:

- Input to the selection, implementation, and maintenance of vulnerability management systems, tools, and technologies.
- Manage vulnerability reporting platforms to help prioritise and mitigate vulnerabilities.
- Developed understanding of cybersecurity principles, vulnerability assessment tools (e.g., Nessus, Tenable, Qualys), and IT infrastructure to effectively assess and mitigate vulnerabilities.
- Collaborate with various stakeholders, such as IT teams, business units, and external partners, to communicate the Enterprise vulnerability management requirements and develop systems and processes to meet these requirements.
- Inputting into the response of security incidents related to vulnerabilities, coordinating with relevant teams to contain and mitigate threats promptly.
- Utilise vulnerability scanning and reporting tools, and ensure they are up-to-date and effectively integrated into the security infrastructure.
- Producing reports for management on vulnerability status and trends.
- Proactively identifying areas for enhancing vulnerability management processes, suggesting improvements, and implementing best practices for ongoing optimization.

**About You**
- 3+ years of experience in a similar or related role, demonstrating understanding of Vulnerability Management processes and capabilities in a medium to large organization.
- Demonstrated experience in Vulnerability Management, covering the full lifecycle— scan results, identify trends, generate detailed reports, and develop strategies to address systemic issues within the organization's IT environment.
- Stakeholder management skills, with the ability to communicate complex Vulnerability Management concepts effectively and present data-driven narratives.
- Experience in operational IT security focused on vulnerability management
- Analytical and mature problem-solving skills.
- Strong communication, skills written and verbal.

**Strongly Desirable**:

- Experience in the finance, health insurance or healthcare industry, specifically related to vulnerability management practices.
- Understanding of relevant regulations and standards in the healthcare and insurance sectors (e.g., APRA CPS 234, Privacy Act) to ensure adherence to compliance requirements

**Imagine working with us**

We understand that work means different things to everyone... We know happy, healthy people make great teams, and great teams put more heart into each customer and patient interaction. And that’s why we’re reinventing work.

Imagine a workplace where work didn't feel like work. A workplace where you could shape when and where you work to have more impact. Where flexible working isn’t a buzzword, it’s a reality.

For you, work should help you Live Better. It should bring you fulfillment and joy. And with Medibank, it could.

**Inclusion and Accessibility