London, England, United Kingdom Hybrid / WFH Options
Starling Bank
from home, that's to be agreed upon between you and your manager. About the Role We are seeking a highly motivated and experienced Vulnerability Manager to lead a growing vulnerabilitymanagement team. A successful candidate will work with the team to analyse emerging vulnerabilities provided by … threat intelligence sources and penetration testing. The vulnerability manager will collaborate with various technology and engineering teams to share vulnerability findings, provide guidance, and assist through the remediation process. This person will help present this information in a simple digestible format, and coordinate remediation and mitigation efforts with … teams across remote and office locations. There will be opportunities to guide continual improvement of the vulnerabilitymanagement process. Responsibilities Lead a team of information security professionals to: Assess, investigate and provide guidance on emerging vulnerabilities, incorporating information from threat intelligence sources, internal software and infrastructure scans. Collate more »
VulnerabilityManagement & Risk Specialist – London hybrid - £70,000 - £80,000 + Benefits Locke & McCloud are looking for an experienced VulnerabilityManagement Risk Specialist to join our clients growing Cyber Security function. In this role you will work with our clients various vendors and 3rd party suppliers … to manage security risks internally and externally, in addition to participating in incident response and vulnerabilitymanagement activities. We are looking for people who have a strong background in managing risks with vendors, incident response, vulnerabilitymanagement, and stakeholder management. Main Responsibilities: Collaborate across various teams … to establish and maintain an effective vulnerabilitymanagement program. Identify, prioritise, and assess vulnerabilities across our clients infrastructure, systems, and applications. Develop and implement strategies to mitigate risks associated with identified vulnerabilities. Coordinate with vendors to assess and manage risks associated with third-party products and services. Lead more »
Office 365, Defender for Cloud, Defender for Cloud Apps (CASB) Preferrable: Defender for Identity, Azure MFA), IBM QROC/QRadar. Desirable: Any experience of VulnerabilityManagement Optimisation at scale in an enterprise environment. (eg, Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis - other similar … VulnerabilityManagement Optimisation platforms also considered) In addition you must have Prior experience in Security Engineering and track record in carrying out technical security risk assessments. Good understanding for how to assess third-party suppliers of cloud/SaaS based technology platforms. Experience in vulnerabilitymanagement optimisation (eg, Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis - other similar VulnerabilityManagement Optimisation platforms also accepted). Data Classification and Labelling, Microsoft Purview. Bachelor's degree in a security related field is preferred (ie, Security Analysis, Penetration Testing, Malware Analysis, Digital more »
Officer & wider compliance team to promote good security practices amongst stakeholders. The successful candidate will cover the full information security spectrum, from questionnaires to vulnerabilitymanagement & everything in between. Main duties include: Be approachable and provide subject matter expert knowledge to colleagues, increasing their awareness of good security … to our policy schedules Support in the creation and maintenance of an FAQ for security and compliance questionnaires to allow the sales and account management teams to be self-servicing where appropriate Assist in producing the response to any client information security and compliance questionnaires, working with key stakeholders … within the group to ensure all accreditation requirements are fulfilled and any remediations are tracked through to completion Day-to-day management of the vulnerabilitymanagement programme Review applications, suppliers, and proposed features from a security perspective What We Are Looking For The Information Security Officer will more »
About the Role Tesco Technology are looking for a Security Engineer reporting into the VulnerabilityManagement and Pentesting team. This is an exciting opportunity for a highly motivated security focused engineer to join our expanding organisation. The role will involve being hands on with a focus on the … alongside other security colleagues bringing your experience to help. You will be responsible for: Building our detection, data correlation and response capabilities in the VulnerabilityManagement space. As a team we also feed into the standards and patterns for our engineering community. Create tooling and reporting to help … manage our external attack surface. Build a range of capabilities to inform our stakeholders on the status and progress of VulnerabilityManagement remediation efforts across the company. Automate integrations between platforms and tooling. Use your observations from security incidents and reporting about relevant security threats to contribute to more »
IT Service Providers and partners to implement and optimise cyber security technical assurance capabilities across four main services; Technical Security Compliance, Product Security Assurance, VulnerabilityManagement (VM), and Disaster Recovery and Business Continuity. Key responsibilities: Define and deliver the cyber security technical assurance strategy, setting out clear policies … variety of technologies and platforms. Ensure the IT estate is compliant with The Client's policies and technical standards to protect company assets having management responsibility for driving the necessary remediation actions and countermeasures to mitigate identified weaknesses and vulnerabilities. Establish and improve a regular red and purple team … penetration testing program aligned to main threat information and industry cyber security intelligence. Establish a VulnerabilityManagement process to ensure that all known security vulnerabilities and weaknesses are identified, contextually assessed, prioritised and tracked to remediation against The Client's policy. Ensure that an IT Disaster Recovery and more »
Cardiff, Wales, United Kingdom Hybrid / WFH Options
Intaso
Interviews available immediately Intaso’s long standing client are seeking a dynamic individual to join their Security Operations team as the Security Vulnerability Manager, a pivotal role within their organization. This position will focus on identifying, monitoring, analysing, and facilitating the remediation of vulnerabilities across their systems. Key Responsibilities … Develop and document a comprehensive vulnerabilitymanagement strategy aligned with stakeholder and business need Create intuitive reporting and dashboarding mechanisms to convey threat and risk profiles associated with vulnerabilities to stakeholders Ensure regular vulnerability scans cover all IT and OT assets, maintaining up-to-date coverage. Collaborate … with IT and OT asset owners to execute vulnerability and compliance scans in a controlled manner. Partner with both technical and non-technical stakeholders to devise effective mitigation plans for identified vulnerabilities. Lead cross-functional teams in responding to high-risk or complex vulnerabilities, leveraging technical expertise. Stay informed more »
ATT&CK framework, and lead the charge in containing and remediating security incidents. Collaborate across teams to outsmart threats and keep our defences impenetrable. • Vulnerability Slayer: Hunt down weaknesses with vulnerability scans and assessments, prioritise risks like a hawk, and orchestrate swift remediation with IT teams. Keep the … outbound emails with encryption. Become the gatekeeper of our inboxes. • Platform Maestro: Deploy, configure, and command a symphony of security tools - EDR/XDR, vulnerabilitymanagement, email gateways, you name it. Fine-tune rules and detections, optimising threat detection and reducing false alarms. • Network Security Sage: Possess a … Incident response methodologies (MITRE ATT&CK, D3FEND) • Microsoft 365 Security • DMARC, SPF, DKIM • Strong Scripting (e.g., PowerShell or Python) • Security automation frameworks • Security platform management • Vulnerabilitymanagement tools • Privilege Access Management • Industry-standard frameworks (NIST, SANS) and best practices controls (CIS) About Us ComfortDelGro is one more »
design. Involved in a wide range of computer security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. Prepares security reports for government agencies. Performs a wide range of computer security duties … including architectures, firewalls, electronic data traffic, and network access. Participates in the certification and accreditation processes; performs technical vulnerability assessments of computer security. Provides business continuity and disaster recovery support. Engages in intrusion detection and prevention; provides incident reporting and response support. Conducts ongoing monitoring of computer security requirements … system security plans and risk mitigation plans. Trains clients in proper computer security measures and prevention. Specifically, this position will: Provide support for all vulnerability and compliance scan tool applications and modules (pre-built and customized). Develop workflows and customize, implement, and maintain the aforementioned applications. Develop and more »
Job Overview: Join a dynamic and high-performing team as a Senior Analyst in VulnerabilityManagement & Security Testing. This role offers the unique opportunity to enhance a best-in-class Threat Defence capability and make significant contributions to our security operations. Ideal candidates will bring a strong background … in threat management, vulnerability assessment, and security testing, aiming to drive innovation and excellence in our security practices. Key Responsibilities: Conduct thorough vulnerability assessments across various platforms, including networks, systems, applications, and devices. Analyze risks associated with vulnerabilities, provide detailed reporting, and recommend actionable remediation strategies. Work … across IT, IoT, and OT environments. Coordinate and oversee remediation efforts to ensure timely and effective resolution of security vulnerabilities. Requirements: Extensive experience in vulnerabilitymanagement and remediation, including hands-on experience with vulnerability scanning tools. Good knowledge of Exabeam, Tenable.io and Tenable.sc would be considered a more »
Threat & VulnerabilityManagement Specialist Salary: Up to £60,000 + Bonus + Benefits Location: UK based - Remote One of the leading energy distribution organizations have just had a huge wave of funding and are looking to create a state-of-the-art cyber defence function and are seeking … to add a Vulnerabilitymanagement specialist to help grow out their Cyber Defence practice. You will be working directly with the current head of cyber defence as escalation point on a range of complex incidents whilst getting exposed to brand new emerging threat within the OT cyber security … Responsibilities Early informer of critical vulnerabilities and exposures relevant to safeguarding the company’s information assets. Communicating with stakeholders to prioritize and execute risk management initiatives and drive remediation of process and technology gaps. Lead critical vulnerability identification and response exercises Requirements Experience of working within a large more »
Engineer role will support the systems and applications that deliver enterprise security services for a global organisation. With a focus on identity and access management, the Security Engineer will provide expert knowledge to support the planning, design, development, and deployment of centralized IAM and PAM solutions and the delivery … of the enterprise-level Privileged Access Management program. The role will also support the implementation and management of all cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEM and Vulnerability … a subject matter expert on key principles of (IAM) with an in-depth knowledge in the areas of authentication and authorization systems, identity lifecycle management, and identity governance. Build the IAM strategy, and ensure its implementation is a success across the business. Staying up-to-date on current IAM more »
Government including, but not limited to, cybersecurity security and engineering principles and design and implementation of National Security Manager guidance Analyze continuous monitoring, configuration management, vulnerabilitymanagement, asset management, software management and self-reported data to identify trends and anomalies cybersecurity performance and mitigation of more »
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
Leatherhead, England, United Kingdom Hybrid / WFH Options
Zest
to processing personal data with the highest level of diligence, and you’ll play a pivotal role in maintaining and enhancing our robust infosec management system, acquiring and upholding security certifications, fulfilling the role of our Data Protection Officer and ensuring we have appropriate controls to mitigate risk. You … Simultaneously, your comfort with detail will see you managing the day-to-day operations, keeping our platform and business secure. Key responsibilities Information Security Management & Certifications ISMS Oversight: Maintain and enhance Zest’s Information Security Management System. This includes maintaining documentation, conducting and documenting risk assessments, driving improvements … latest cybersecurity threats and trends to inform strategic security planning. Security Infrastructure: Oversee the installation and maintenance of security systems, controls and infrastructure. Incident Management: Take charge of the response to all information security and data protection incidents and collaborate with various business units to understand, document and learn more »
Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, VulnerabilityManagement, Attack Surface Reduction, Software Engineering, Security Architecture, Platform Support both locally and globally. You will have experience … in: Leading the response to complex incidents in a large-scale environments. Years of relevant experience in cyber security operations, incident management or risk management within an enterprise environment. Self-motivated interest in the latest cyber security threats and vulnerabilities and is able to integrate threat intelligence into more »
Birmingham, West Midlands, West Midlands (County), United Kingdom
ARM
Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas … for this role, the ideal candidate will have experience in each of the below; Threat & VulnerabilityManagement Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to … provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerabilitymanagement (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »
or US Person with the ability to obtain a Public Trust Clearance. Responsibilities: Lead a team of security engineers for delivery of Cybersecurity project management, continuous diagnostics and mitigation, threat mitigation and incident response, security architecture support, critical infrastructure protection, patch management, vulnerabilitymanagement, risk management … IDS), Network Access Control (NAC), Domain Name Systems (DNS), Remote Access VPN (RA-VPN), Application Delivery/Load Balancing, Secure Sockets Layer (SSL) Certificate Management solutions Lead implementation of new security projects including estimation, design, development, testing and deployment and track status throughout Support operations team with cybersecurity guidance … capabilities Demonstrated experience working in large Federal agency preferably in HHS. Possess the knowledge of security best practices, security solutions, and methodologies for risk management Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques more »