Senior Vulnerability

About Arm
Arm's foundational technology is defining the future of computing. A future built by the greatest technology ecosystem in the world. A future built on Arm.

Job Description

We are looking for a Cyber Defense Vulnerability & Incident Response Senior Analyst to join our growing Cyber Defense Operations (CDO) Centre. This role provides an outstanding opportunity to lead the response to critical vulnerabilities while also contributing to security incident handling and response. The ideal candidate will have a solid background in vulnerability management, with additional expertise in incident response. This is a great opportunity for someone who wants to deepen their understanding of the overlap between vulnerability management (VM) and incident response (IR).

We are at an exciting moment in our transformation Arm has a bold vision to develop technology that invisibly enables opportunity for a globally connected population. To achieve this, Arm is growing rapidly and developing new products. With new business capabilities, Arm is encountering new security challenges that require a thoughtful, adaptable approach to strengthen its cyber defences and detect & respond strategy.

Responsibilities:

Vulnerability Management (Main Focus)

• Lead operational vulnerability management activities across infrastructure, applications, cloud, and third-party platforms.
• Validate findings and prioritize remediation based on business risk and threat intelligence.
• Collaborate with global IT, Engineering, and Security teams to drive vulnerability remediation efforts.
• Optimize and manage ServiceNow Vulnerability Management workflows.
• Act as technical lead in remediation planning, providing guidance and support to stakeholders.
• Collaborate with Red Team, Threat Intelligence, and Product Security to identify high-risk vulnerabilities.
• Lead Major vulnerability Incident response efforts in accordance with the response plan and policies.

Incident Response (Secondary Focus)

• Support team in incident triage and response efforts as needed, particularly those involving vulnerability exploitation.
• Assist in forensic investigations and log analysis for potential Security Incidents.
• Contribute to the development of playbooks for vulnerability incident response.
• Deliver training and mentorship to junior analysts.

Required Skills & Experience:

• Demonstrable experience in vulnerability management, including implementation of scanning tools like Tenable, Qualys, or similar platforms.
• Hands-on experience with ServiceNow Vulnerability Management workflows and integrations.
• Experience with remediation coordination, risk-based prioritization, and vulnerability lifecycle management.
• Exposure to incident handling, including forensic and malware analysis basics.
• Solid understanding of cloud and container security vulnerabilities (AWS, Azure, GCP).
• Sufficient understanding of web technologies to manage Web vulnerabilities.
• Ability to articulate risk and technical topics clearly to non-technical stakeholders.
• Scripting and automation skills (e.g., Python, PowerShell) to streamline workflows.
• Deep understanding of the cyber threat landscape and emerging exploitation trends.

Nice-to-Have Skills & Certifications:

• BSc or higher in Cybersecurity, Computer Science, or related field
• Professional certifications: GIAC (GCIH, GCFA, GPEN), OSCP, or CISSP.
• Exposure to penetration testing or Red Teaming methodologies.
• Understanding of ITIL processes and project management principles

#LI-PC1

Accommodations at Arm

At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email ************** To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran

---