Vulnerability Management Advisor

Are you looking for an awesome place to work, where you can proudly be your authentic self, and be part of #oneteam?
We are looking for apassionateteam player whoaligns with our valuesand culture, takes pride in their unique contributions, and can challenge the status quo with disruptive thinking. If this sounds like you, come and join us
The Opportunity
Join our cybersecurity team as a Vulnerability Management Analyst, where you'll play a critical role in safeguarding Vocus’s digital infrastructure. This position is responsible for identifying and mapping the organisation’s attack surface, serving as the central point for vulnerability management activities.
You’ll lead the end-to-end vulnerability management process—ensuring timely triage and remediation of security issues using a risk-based approach aligned with Vocus’s risk management framework, policies, and standards. This includes evaluating vulnerabilities based on CVSS and Known Exploitable Vulnerabilities (KEV) scores to prioritise threats effectively.
What you’ll be doing day-to-day
As Vulnerability Management Analyst you’ll be responsibilities will also include the below.
- Perform regular vulnerability scans across Vocus’s environments using industry-standard tools and techniques
- Analyse scan results to identify and assess vulnerabilities, aligning findings with current threat intelligence
- Prioritise and triage vulnerabilities based on risk, leveraging frameworks such as CVSS and KEV
- Collaborate with platform and system owners to coordinate timely and effective remediation efforts
- Develop and deliver clear, actionable reports to stakeholders, highlighting risk trends and remediation progress
- Stay up to date with emerging threats, vulnerabilities, and security trends to continuously strengthen Vocus’s security posture

Additional Role Requirements
- Flexibility to occasionally work outside standard hours in response to critical vulnerability alerts or during cybersecurity incident response
- Willingness to travel interstate as needed to engage with stakeholders, vendors, or industry peers
- Ability to adapt quickly to evolving threats, vulnerabilities, and changes in technology landscapes

What you’ll bring to this role
Required Skills & Competencies
- Proven experience conducting vulnerability assessments to identify and evaluate control weaknesses
- Familiarity with monitoring vulnerability intelligence feeds from commercial, open-source, and social media sources
- Strong understanding of the current threat landscape, including active vulnerabilities, exploits, and attack vectors
- Hands-on experience with real-time monitoring in an Enterprise Network Operations Centre (NOC) or Security Operations Centre (SOC)
- Ability to influence stakeholders and drive remediation actions across technical and non-technical teams
- Skilled in translating complex technical findings into clear, risk-based statements for business audiences
- Demonstrated capability in coordinating remediation activities through collaboration with operational teams
- Proficient in researching emerging threats and security alerts, and recommending appropriate mitigation strategies

Desirable Skills & Competencies
- Knowledge of emerging threats, attacker tactics, techniques, and procedures (TTPs)
- Awareness of nation-state threat actors, particularly those relevant to the Australian telecommunications sector
- Experience engaging with industry bodies, regulatory agencies, and professional networks to enhance external credibility
- Hands-on experience with vulnerability scanning tools such as Qualys and Rapid7, and asset discovery platforms
- Familiarity with enterprise environments including Windows, Linux, containerized platforms, and cloud services (AWS, Azure, GCP)
- Understanding of vulnerability management frameworks including CVSS, EPSS, KEV (CISA), and business risk alignment
- Bachelor’s degree in Cybersecurity, Information Technology, Networking, Risk Management, or a related field
- Industry certifications (e.g., CRISC, CISSP, SANS, Microsoft, Networking) are preferred but not mandatory, demonstrating commitment to professional development

What We Offer
Working at Vocus will give you rewarding experiences and the opportunity to do extraordinary work. You will enjoy:

- Diverse and dynamic teams with a supportive and inclusive culture.
- Supportive career development plans with comprehensive ongoing training, support, and development opportunities.
- Flexible hours and a hybrid working environment
- Generous discounts on power, gas, mobile and internet; plus, discounts to over 400 retailers.
- Competitive leave options, including anniversary leave, purchased leave, parental leave, volunteering leave, study leave, and 5 extra days of Vocus leave each year, plus more.
- Study assistance programs to excel your personal growth, learning and development.
- Health and wellness offerings, including access to our wellbeing initiatives that can help you from a financ