12 Threat and Vulnerability Management Jobs in London

Our established client in the financial services sector are expanding their security function and are looking for an enthusiastic and innovative IT Security Engineer. Security Engineer main responsibilities will include, but are not necessarily limited to, the following: Vulnerability Management o Take lead on the daily vulnerability management activities, including but not limited to application vulnerability and infrastructure vulnerability assessments. o Manage prioritisation of vulnerabilities through a risk-based approach, to meet patch management policies, regulatory compliance, and audit findings. o Management and configuration of vulnerability management tools (Microsoft … Azure and Qualys) o Support the InfoSec function in proactively identifying and leveraging threat intelligence sources to inform strategic vulnerability mitigation measures. Threat Management o Take lead on the daily threat management activities o Maintain and update incident response playbooks and automation o Monitor security dashboards and more »

Xpertise are working with a client in the Insurance industry who are searching for a talented Threat and Vulnerability Lead to join their team. Job Title: Threat and Vulnerability Lead Salary: £75,000 - £90,000 Location: 3 days a week in Central London office About the role: You … will work closely with the company's Information Technology and Security teams to assess the vulnerabilities and reduce the Cyber related risks. My client is looking for people with the following skillset: - Familiarity with vulnerability scanning and detection technologies. - Familiarity with MITRE ATT&CK framework - Excellent ability to present … information and results to the business - Pen testing experience Key responsibilities in this role will include: - This role will involve working closely with the Enterprise Security team - Great understanding of Threat and vulnerability management practises - Working closely with, and reporting into the BISO If keen please apply more »

super exciting growth project across their established Cyber Security function! As a Cyber Risk Manager, you will play a key role in assessing, mitigating, and managing cyber risks across our client and their vendors/3rd party suppliers. Our client is looking for candidates who hold strong skills in vulnerability management, vendor relationship management, incident response, and possess a deep understanding of cyber risk. Main Responsibilities: Develop and implement cyber risk management strategies, policies, and procedures. Lead vulnerability management efforts, including identifying, assessing, prioritising, and remediation of vulnerabilities. Establish and maintain strong vendor relationships … to ensure third-party vendors comply with cybersecurity requirements and standards. Oversee incident response activities, including incident detection, analysis, containment, eradication, and recovery. Conduct risk assessments to identify potential cyber threats and vulnerabilities. Manage various relationships with our clients vendors and 3rd party suppliers, acting as a cyber risk specialist more »

Job Title: SOC Manager Company Overview: Our client, a leading organization in the financial services sector, is seeking a dedicated and experienced SOC Manager to join their team. This pivotal role will contribute to safeguarding the organization's digital assets and infrastructure from cybersecurity threats, ensuring a robust security posture … and effective incident response. Starting ASAP, paying up to £90,000 per annum. Role Overview: As the SOC Manager, you will be responsible for providing strategic leadership, technical expertise, and operational oversight to the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel … overseeing security monitoring and analysis, incident response, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the external SOC team and a small internal team, ensuring alignment with organizational security objectives. Review output from the external more »

Threat & Vulnerability Manager London – Hybrid Salary: DoE Gresham Hunt is currently partnered with a leading financial services client in the search for an experienced Vulnerability Management professional for their London based team. This is an exciting opportunity to help drive the vulnerability management programme as … years experience across different technical disciplines within the Cybersecurity landscape. Experience using vulnerability scanning tools such as Nessus, Qualys, Rapid7, Wiz, OpenVAS, and penetration testing frameworks like Metasploit. Knowledge of security and risk frameworks, plus regulatory compliance frameworks e.g. NIST, Cobit, ISO 27001. Understanding of OWASP, MITRE, CVSS and … other standards/frameworks relevant to application security and vulnerability management. Experience with cloud technologies, preferably Azure and AWS. Familiarity with security methodologies: Attack and Defensive, Threat Hunting, etc. Scripting experience would be beneficial i.e. Python, Shell, Ansible, Jenkins, etc. Hold relevant industry certifications such as CISSP, CISM, CRISC more »

a UK-wide MSP in hiring an IT Engineer to their IT Function due to excited growth. This role is pivotal to delivering, maintaining, and supporting the internal IT infrastructure. The main purpose of the role is to provide 1st and 2nd line support to the business through end-user … support, whilst also supporting the on-going maintenance and improvement of systems. There will also be opportunities to deliver digital transformation projects across the business. This is an amazing opportunity for an Junior Engineer who is looking to join a high-performing team, and an organisation that will support and … propel future career opportunities. Duties and Responsibilities: - Work as part of a fast-paced and vibrant team - Support internal and external end users - 1st and 2nd Line Support to analyse queries and customer incidents - Establishing and maintaining high standards of incident ownership throughout the full lifecycle Essential: - Proven track record more »

Lead. This role will be responsible for establishing an Application Security function from the ground up, which will involve the implementation of tooling, processes and frameworks. As the first Application Security hire, you will work closely with Application, Platform, and Support teams, to embed a shift left culture within SDLC. … Responsibilities: Lead on application threat and vulnerability management for prioritising and fixing vulnerabilities. Cultivate strong relationships with IT and Security stakeholders. Monitor application security tools and metrics against SLAs. Collaborate with the wider Security and development teams on deploying scanning tech. Partner with Security teams to assess and … mitigate application vulnerabilities. Coordinate with IT and Enterprise Security for deploying and maintaining scanning solutions. Requirements: Experience in building Application Security programmes. Previous hands-on experience as an AppSec Engineer, Software Security Engineer or Software Engineer will be advantageous. Experience in implementing SAST/DAST/SCA tooling. Knowledge of more »

Security & Network Operations Analyst is wanted by an established FinTech software company, who are undertaking a large digital transformation into AI, Automation and Chat GPT. This role will play a vital role in supporting, maintaining, and monitoring tooling and business application logs that ensure protection against cyber security threats, and … remain compliant. This analyst will help develop and mature security/operational functions whilst rubbing shoulders with other incredible tech talent. Someone with strong knowledge of Network Security and Security Operations is desired. We’re seeking a Analyst that is able to demonstrate skills/knowledge such as; Ability to … react to high pressure dynamic changing environments Demonstrable experience SIEM & Network technologies using Sentinel. Detailed experience of log analysis including KQL and SQL queries. An understanding of Threat and Vulnerability Management. Experience with Defender XDR, Defender Endpoint Identity, Defender for Cloud and Cloud Apps. Strong understanding of Azure and more »

we are looking for is Security Operations Senior with experience working within a Cloud/Devsecops environment, you will have experience in the development and operation of the cyber defence function. as part of this you will play a crucial role in the monitoring of malicious activity within the organisation. … you will be working closely with key stakeholders and the security team to ensure the safety and preparedness of the organisation against current and future security risks Key skills and Experience -you will have prior experience as acting as either a lead or an escalation point to the SOC -prior … experience with incident response, threat and vulnerability management -development of incident response plans, processes and procedures -Working with Security frameworks MITRE, cyber kill chain and APT campaigns - cloud environment experience such AWS, Kubernetes, Cloudflare, Terraform and Python -working knowledge of the centre for Internet security ( CIS) if this more »

Senior Security Engineer (UK-based, Perm (Hybrid)) is required by a leading financial trading organisation. The firm is currently experiencing a period of expansion and is looking to appoint a senior Security technologist to join the team in London. The role is a blend of security engineering (design-build) and … SecOPs (operations-mitigation) ostensibly across the organisations' corporate systems and (security) vendor products, and would suit an experienced engineer with deep knowledge of security principles in line with the CISSP CBK domains such as security monitoring, intrusion prevention & detection, network security, endpoint management & protection, identity management, threat detection … vulnerability management. Whilst the position entails significant exposure to vendor products and tooling, the incoming engineer should demonstrate an open-source mentality and an appetite to automate where possible, strong coding skills are preferable. Culturally, the organisation can be described as collegiate with a data-driven approach to trading more »

a leading international bank who are seeking a well-rounded Cyber professional, to work alongside the CISO as a senior member of the team and trusted advisor on a range of cyber challenges and issues. The successful candidate will have: Strong Security governance, risk and compliance (GRC) with knowledge of … information security standards such as Cyber Essentials, ISO 27001, NIST. Experience developing and implementing operational policies and standards. Demonstrable experience in a variety of areas such as cloud security, IAM, 3rd party risk, threat assessments and vulnerability management. Strong knowledge of cyber security architecture. Relevant certifications would be beneficial … e.g. TOGAF, SABSA). Ability to interact with and challenge technical teams and the methodologies they are implementing. Experience working with the Financial Services industry. Strong interpersonal skills and experience of developing strong relationships and significant influencing abilities, within a large corporate environment. Relevant cyber qualifications, e.g. CISSP, CISM, CRISC. more »

My client, a high-end systematic trading firm is on the lookout for a Senior Security Engineer to join a growing team and play a key role in shaping the security function. You'll have the opportunity to take lead on a variety of projects utilising the latest technology to … help protect the company through implementing a number of robust controls. Requirements: Deep understanding of security engineering and implementing security controls Hands on experience of SecOps and security systems Understanding of threat detection, Vulnerability management Cloud & network security Scripting experience - Preferably Python Ability to lead projects and resolve more »