Vulnerability Manager

Iress Limited

See yourself being part of a large, transformational change? This could be the role for you!

At Iress, we make things happen

We believe technology should help people perform better every day. Since our beginning in 1993, people across financial services have trusted us to take their performance to the next level. More than 10,000 businesses and 500,000 people use our software, from the world’s most iconic financial services brands to advice firms of all sizes, banks, insurers, investment managers, traders and brokers. Iress is one of Australia’s largest technology companies and employs more than 1,100 people across Australia, The United Kingdom, Africa, Canada, New Zealand and Asia.

Role Purpose

Reporting to the Head of Application Security, you will be responsible for the day-to-day operation and continuous improvement of Iress’s Vulnerability Management program. Your goal is to ensure that security risks within our global infrastructure and applications are identified, analysed, and most importantly remediated. You will act as the vital link between our automated security tools and the Engineering teams who implement the fixes.

Lead expert investigations into cyber vulnerabilities. Partner with business units to prioritise and agree on fast, effective remediation that hits our security KPIs.

Direct the analysis of security risks and present clear, actionable solutions to the CISO and senior stakeholders to keep Iress systems resilient.

Take ownership of emerging threats by translating their potential impact into robust security strategies that strengthen our global defenses.

Analyse and challenge security data to ensure our leadership receives an accurate picture of emerging risks.

Mentor and guide Engineering teams, ensuring they have the support and knowledge to follow world-class security procedures.

Lead cross-functional efforts to track new threats and build mitigation strategies before they can impact the business.

Core Skills, Knowledge and Attributes:

Communication: Clearly explain complex risks to both technical and non-technical stakeholders. Use your expertise to provide actionable recommendations that drive risk-based decisions.

Infrastructure Experience: Proven experience managing security across cloud, hybrid, and on-premises environments. You should have a strong grasp of cloud-hosted security principles.

Vulnerability Assessment: Strong knowledge of the tools and methods used to assess large, complex IT infrastructures.

Threat Analysis: Skilled at analysing new cybersecurity threats and developing practical mitigation strategies.

Global Collaboration: Ability to work effectively with colleagues across different functions and time zones, including our Australian teams.

Strategic Insights: Use your insight into threat actor behaviour and capabilities to enrich our security data. You will help prioritise remediation across multiple systems based on potential impact.

Accountabilities & Deliverables

Produce regular, accurate vulnerability heatmaps and progress reports for the Head of AppSec.

Provide Engineering teams with "clean," prioritised lists of vulnerabilities to ensure their time is spent on high-impact fixes.

Assist in the drafting and updating of vulnerability management standards and remediation SLAs.

Track and report on remediation timelines to ensure risks are closed within agreed windows.

Key Relationships

InfoSec Heads (Application Security, Security Engineering, Security Operations and Global Risk & Compliance)

Chief Information Security Officer

Chief Technology Officer

Business Unit Heads of Engineering (Group, Trading & Market Data, Sourcing and Wealth)

Why work with us?

8 paid days per year to extend your weekends + 25 days annual leave

State-of-the-art offices

Free on-site gym in our Cheltenham office open 24/7

New Short-Term Incentive and Recognition program

Casual dress, flexible work policy

Access to learning and development programs through LinkedIn Learning

3 days’ leave per year for charity initiatives

Starting school leave - 8.5 days of leave to assist your kids with the transition to school

Life Insurance & Private Medical

Up to 26 weeks’ paid parental leave for primary carers (up to 4 weeks for secondary carers), and the ability to work part-time when returning to work

Iress is committed to fostering a welcoming and inclusive culture. We strongly believe that diversity is what makes our teams and our products succeed. Our people have different experiences, skills, perspectives and beliefs and everyone’s uniqueness is valued and celebrated.

Our hiring decisions are never based on sexual orientation, race, gender identity, religion, disability, citizenship, marital or family status and age. Even if you feel you don’t meet all of the requirements of the role, we would still like to hear from you!

We’re also proud to be globally recognised as a WORK180 Endorsed Employer that promotes and supports all women in the workplace.

For more information about what we do, our people and values, please visit our website - https://www.iress.com/join-us/careers/

See yourself being part of a large, transformational change? This could be the role for you!

At Iress, we make things happen

Role Purpose

Lead expert investigations into cyber vulnerabilities. Partner with business units to prioritise and agree on fast, effective remediation that hits our security KPIs.

Direct the analysis of security risks and present clear, actionable solutions to the CISO and senior stakeholders to keep Iress systems resilient.

Take ownership of emerging threats by translating their potential impact into robust security strategies that strengthen our global defenses.

Analyse and challenge security data to ensure our leadership receives an accurate picture of emerging risks.

Mentor and guide Engineering teams, ensuring they have the support and knowledge to follow world-class security procedures.

Lead cross-functional efforts to track new threats and build mitigation strategies before they can impact the business.

Core Skills, Knowledge and Attributes:

Communication: Clearly explain complex risks to both technical and non-technical stakeholders. Use your expertise to provide actionable recommendations that drive risk-based decisions.

Infrastructure Experience: Proven experience managing security across cloud, hybrid, and on-premises environments. You should have a strong grasp of cloud-hosted security principles.

Vulnerability Assessment: Strong knowledge of the tools and methods used to assess large, complex IT infrastructures.

Threat Analysis: Skilled at analysing new cybersecurity threats and developing practical mitigation strategies.

Global Collaboration: Ability to work effectively with colleagues across different functions and time zones, including our Australian teams.

Strategic Insights: Use your insight into threat actor behaviour and capabilities to enrich our security data. You will help prioritise remediation across multiple systems based on potential impact.

Accountabilities & Deliverables

Produce regular, accurate vulnerability heatmaps and progress reports for the Head of AppSec.

Provide Engineering teams with "clean," prioritised lists of vulnerabilities to ensure their time is spent on high-impact fixes.

Assist in the drafting and updating of vulnerability management standards and remediation SLAs.

Track and report on remediation timelines to ensure risks are closed within agreed windows.

Key Relationships

InfoSec Heads (Application Security, Security Engineering, Security Operations and Global Risk & Compliance)

Chief Information Security Officer

Chief Technology Officer

Business Unit Heads of Engineering (Group, Trading & Market Data, Sourcing and Wealth)

Why work with us?

8 paid days per year to extend your weekends + 25 days annual leave

State-of-the-art offices

Free on-site gym in our Cheltenham office open 24/7

New Short-Term Incentive and Recognition program

Casual dress, flexible work policy

Access to learning and development programs through LinkedIn Learning

3 days’ leave per year for charity initiatives

Starting school leave - 8.5 days of leave to assist your kids with the transition to school

Life Insurance & Private Medical

Up to 26 weeks’ paid parental leave for primary carers (up to 4 weeks for secondary carers), and the ability to work part-time when returning to work

Iress is committed to fostering a welcoming and inclusive culture. We strongly believe that diversity is what makes our teams and our products succeed. Our people have different experiences, skills, perspectives and beliefs and everyone’s uniqueness is valued and celebrated.

Our hiring decisions are never based on sexual orientation, race, gender identity, religion, disability, citizenship, marital or family status and age. Even if you feel you don’t meet all of the requirements of the role, we would still like to hear from you!

We’re also proud to be globally recognised as a WORK180 Endorsed Employer that promotes and supports all women in the workplace.

For more information about what we do, our people and values, please visit our website - https://www.iress.com/join-us/careers/

#LI-DNI - Do not Advertise on LinkedIn

#LI-Onsite - Automatically upload role as On-site location

#LI-Hybrid - Automatically upload role as Hybrid working

#LI-Remote - Automatically upload role as Remote working

Employment Type

Time Type