1 to 9 of 9 Threat and Vulnerability Management Jobs in the South East

Cyber Threat & Vulnerability Analyst - Reading 2 days PW, to £50k Are you ready to dive into the world of cyber security and protect critical digital landscapes? We are looking for a passionate and skilled Cyber Threat & Vulnerability Analyst to join a great team and help us safeguard systems … and data. Why You'll Love This Role: Play a pivotal role in our digital transformation journey. Collaborate with a dynamic team to enhance security measures. Engage in proactive threat hunting and vulnerability management. Key Responsibilities: Support enterprise-wide vulnerability management, ensuring effective identification, categorization, and mitigation. … Develop and maintain threat assessment and vulnerability management (TVM) documentation, policies, and procedures. Integrate advanced cyber security solutions with existing systems and infrastructure. Investigate and mitigate newly identified cyber security vulnerabilities. Coordinate with stakeholders on cyber security patching and vulnerability management. Participate in major incident response when more »

Threat & Vulnerability Manager London – Hybrid Salary: DoE Gresham Hunt is currently partnered with a leading financial services client in the search for an experienced Vulnerability Management professional for their London based team. This is an exciting opportunity to help drive the vulnerability management programme as … years experience across different technical disciplines within the Cybersecurity landscape. Experience using vulnerability scanning tools such as Nessus, Qualys, Rapid7, Wiz, OpenVAS, and penetration testing frameworks like Metasploit. Knowledge of security and risk frameworks, plus regulatory compliance frameworks e.g. NIST, Cobit, ISO 27001. Understanding of OWASP, MITRE, CVSS and … other standards/frameworks relevant to application security and vulnerability management. Experience with cloud technologies, preferably Azure and AWS. Familiarity with security methodologies: Attack and Defensive, Threat Hunting, etc. Scripting experience would be beneficial i.e. Python, Shell, Ansible, Jenkins, etc. Hold relevant industry certifications such as CISSP, CISM, CRISC more »

OpticoreIT is a specialist IT services consultancy offering various opportunities to work within challenging and exciting environments across our client base varying from Large Enterprises to FTSE 100 spanning across multiple verticals including Finance, Media, Telecommunications, and much more. Currently, we are searching for a Security Operations Engineer to join … ll also be expected to come into the office three days a week. What you’ll be doing: System improvements Vulnerability management Threat management Threat analysis Reporting Process/Documentation writing, aligning to Azure benchmarking, aligning to CIS benchmarking Improvements to AppSec (including SAST, DAST, and CICD … configuration) Network security improvements Azure cloud platform security improvements Incident/investigation and resolution. What you’ll bring: Experience in Microsoft Azure and Defender Engineering. Application security experience including DAST & SAST. Microsoft threat analysis experience and EASM tools. Strong security testing experience including penetration testing. Strong security baseline knowledge In more »

Cyber Incident Response Manager Cyber Incident Respond Principal/Manager will own all cyber security events throughout the incident life-cycle, ensuring all reporting and escalation flows are performed in adherence to agreed documentation and SLA’s. You will work side by side with the Cyber Detect Team. Cyber Detect … manage all security alerts undertaking triage analysis and technical incident response. Incident readiness is the first step of the incident life-cycle, preparing for the next incident if of the upmost importance. As Respond Manager you will be expected to deliver a strong incident readiness program. This is based in … days a week, x3 remote. £70 – 90,000 + Financial Industry Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, Vulnerability Management, Attack Surface Reduction, Software Engineering, Security more »

The role: • Provide guidance on advanced engineering methods to safeguard the network from security threats associated with various architectures, including web, mobile, and client/server. • Evaluate the security measures of third-party systems and applications to ensure compliance with bank policies and standards, including authentication, authorization, and error handling. … Collaborate with teams across different regions to address technology and cybersecurity regulations not covered by the global framework. • Lead the implementation of security measures across different platforms by collaborating with technology infrastructure teams, demonstrating expertise and leadership in information and cybersecurity. • Investigate potential security incidents to determine their severity and … whether they constitute a breach. • Work with stakeholders to enhance the cyber program, including refining detection tools and improving access to data sources. • Serve as a point of contact for stakeholders during security incidents and investigations, including those outside the technology team. • Respond to regulatory inquiries regarding security incidents and more »

Lead. This role will be responsible for establishing an Application Security function from the ground up, which will involve the implementation of tooling, processes and frameworks. As the first Application Security hire, you will work closely with Application, Platform, and Support teams, to embed a shift left culture within SDLC. … Responsibilities: Lead on application threat and vulnerability management for prioritising and fixing vulnerabilities. Cultivate strong relationships with IT and Security stakeholders. Monitor application security tools and metrics against SLAs. Collaborate with the wider Security and development teams on deploying scanning tech. Partner with Security teams to assess and … mitigate application vulnerabilities. Coordinate with IT and Enterprise Security for deploying and maintaining scanning solutions. Requirements: Experience in building Application Security programmes. Previous hands-on experience as an AppSec Engineer, Software Security Engineer or Software Engineer will be advantageous. Experience in implementing SAST/DAST/SCA tooling. Knowledge of more »

be centred on ensuring security is delivered into a wide range of projects. There will be a focus on working closely with DevOps teams and embedding security throughout a software development life cycle. Responsibilities: Act as the main security point of contact & SME for required projects Manage security risk for … the whole project life cycle Perform security activities, including but not limited to, security design reviews, risk assessments, threat modelling, and vulnerability management and risk mitigation on internally & externally developed software Embedding security within DevOps (eg CI/CD pipelines), developing security requirements On-demand Security assessment of … various components like Web apps, Containers, Platforms etc Reviewing security assessment reports and create a remediation pipeline Experience in web application security assessments like SAST, DAST etc. Act as the Security subject matter expert within Agile/waterfall project planning, development, and execution Obtain and review all required artefacts as more »

Senior Security Engineer (UK-based, Perm (Hybrid)) is required by a leading financial trading organisation. The firm is currently experiencing a period of expansion and is looking to appoint a senior Security technologist to join the team in London. The role is a blend of security engineering (design-build) and … SecOPs (operations-mitigation) ostensibly across the organisations' corporate systems and (security) vendor products, and would suit an experienced engineer with deep knowledge of security principles in line with the CISSP CBK domains such as security monitoring, intrusion prevention & detection, network security, endpoint management & protection, identity management, threat detection … vulnerability management. Whilst the position entails significant exposure to vendor products and tooling, the incoming engineer should demonstrate an open-source mentality and an appetite to automate where possible, strong coding skills are preferable. Culturally, the organisation can be described as collegiate with a data-driven approach to trading more »

a leading international bank who are seeking a well-rounded Cyber professional, to work alongside the CISO as a senior member of the team and trusted advisor on a range of cyber challenges and issues. The successful candidate will have: Strong Security governance, risk and compliance (GRC) with knowledge of … information security standards such as Cyber Essentials, ISO 27001, NIST. Experience developing and implementing operational policies and standards. Demonstrable experience in a variety of areas such as cloud security, IAM, 3rd party risk, threat assessments and vulnerability management. Strong knowledge of cyber security architecture. Relevant certifications would be beneficial … e.g. TOGAF, SABSA). Ability to interact with and challenge technical teams and the methodologies they are implementing. Experience working with the Financial Services industry. Strong interpersonal skills and experience of developing strong relationships and significant influencing abilities, within a large corporate environment. Relevant cyber qualifications, e.g. CISSP, CISM, CRISC. more »