Vulnerability Management Analyst

You’re only human.   

It’s a strange thing to say, because us humans are capable of incredible things. And at Medibank, we know our greatest potential lies in the people who work with us.   

We strive to make real, fundamental change, driven by a simple purpose: to create the best health and wellbeing for all of Australia.  

The Role

We’re looking for a Vulnerability Management Analyst to be responsible for managing processes across our security environment. You will play an important role in securing systems that host sensitive health data, enhancing security through seamless and secure identification, reporting and management of vulnerabilities with regulatory obligations such as APRA CPS 234, ISO 27001, and the Australian Privacy Principles (APPs).

You will use existing technical solutions across the vulnerability management lifecycle—including scanning, patching, reporting and testing —ensuring tools are used correctly and stakleholders are managed effectively, while identifying anomalies and continuously identifying opportunities for improvement. You will support the team responsible for investigating and mitigating vulnerability related incidents, applying your technical knowledge to manage operational risks and drive a proactive vulnerability management security posture.

The Responsibilities:

• Use regularly conducted vulnerability scans on systems, networks, and applications using tools such as Tenable, Nessus or Qualys to identify security weaknesses to provide detailed reports to business to mitigate risks from vulnerabilities.
• Input to the selection, implementation, and maintenance of vulnerability management systems, tools, and technologies.
• Manage vulnerability reporting platforms to help prioritise and mitigate vulnerabilities.
• Developed understanding of cybersecurity principles, vulnerability assessment tools (e.g., Nessus, Tenable, Qualys), and IT infrastructure to effectively assess and mitigate vulnerabilities.
• Collaborate with various stakeholders, such as IT teams, business units, and external partners, to communicate the Enterprise vulnerability management requirements and develop systems and processes to meet these requirements.
• Inputting into the response of security incidents related to vulnerabilities, coordinating with relevant teams to contain and mitigate threats promptly.
• Utilise vulnerability scanning and reporting tools, and ensure they are up-to-date and effectively integrated into the security infrastructure.
• Producing reports for management on vulnerability status and trends.
• Proactively identifying areas for enhancing vulnerability management processes, suggesting improvements, and implementing best practices for ongoing optimization.

About You

• 3+ years of experience in a similar or related role, demonstrating understanding of Vulnerability Management processes and capabilities in a medium to large organization.
• Demonstrated experience in Vulnerability Management, covering the full lifecycle— scan results, identify trends, generate detailed reports, and develop strategies to address systemic issues within the organization's IT environment.
• Stakeholder management skills, with the ability to communicate complex Vulnerability Management concepts effectively and present data-driven narratives.
• Experience in operational IT security focused on vulnerability management
• Analytical and mature problem-solving skills.
• Strong communication, skills written and verbal.

Strongly Desirable:

• Experience in the finance, health insurance or healthcare industry, specifically related to vulnerability management practices.
• Understanding of relevant regulations and standards in the healthcare and insurance sectors (e.g., APRA CPS 234, Privacy Act) to ensure adherence to compliance requirements

Imagine working with us 

We understand that work means different things to everyone...  We know happy, healthy people make great teams, and great teams put more heart into each customer and patient interaction. And that’s why we’re reinventing work.    

Imagine a workplace where work didn't feel like work. A workplace where you could shape when and where you work to have more impact. Where flexible working isn’t a buzzword, it’s a reality.  

Imagine a workplace that helps you and your family thrive.  Where connection, personal development and health and wellbeing are front of mind. To learn more about our benefits go to https://careers.medibank.com.au/culture/rewards-benefits/

For you, work should help you Live Better. It should bring you fulfillment and joy. And with Medibank, it could. 

Inclusion and Accessibility  

We believe in everyone's potential and strive to make Medibank inclusive for all because different perspectives make us better. We encourage applications from everyone, including Aboriginal and Torres Strait Islander candidates, those with disabilities, and LGBTQIA+ community including transgender and gender diverse applicants. 

For any adjustments or alternative formats during the recruitment process, please contact us at careers@medibank.com.au. To learn about our commitments and employee experiences, go to https://careers.medibank.com.au/culture/diversity-inclusion/