VulnerabilityManagement & Risk Specialist – London hybrid - £70,000 - £80,000 + Benefits Locke & McCloud are looking for an experienced VulnerabilityManagement Risk Specialist to join our clients growing Cyber Security function. In this role you will work with our clients various vendors and 3rd party suppliers … to manage security risks internally and externally, in addition to participating in incident response and vulnerabilitymanagement activities. We are looking for people who have a strong background in managing risks with vendors, incident response, vulnerabilitymanagement, and stakeholder management. Main Responsibilities: Collaborate across various teams … to establish and maintain an effective vulnerabilitymanagement program. Identify, prioritise, and assess vulnerabilities across our clients infrastructure, systems, and applications. Develop and implement strategies to mitigate risks associated with identified vulnerabilities. Coordinate with vendors to assess and manage risks associated with third-party products and services. Lead more »
managing cyber risks across our client and their vendors/3rd party suppliers. Our client is looking for candidates who hold strong skills in vulnerabilitymanagement, vendor relationship management, incident response, and possess a deep understanding of cyber risk. Main Responsibilities: Develop and implement cyber risk management strategies, policies, and procedures. Lead vulnerabilitymanagement efforts, including identifying, assessing, prioritising, and remediation of vulnerabilities. Establish and maintain strong vendor relationships to ensure third-party vendors comply with cybersecurity requirements and standards. Oversee incident response activities, including incident detection, analysis, containment, eradication, and recovery. Conduct risk … specialist to our client and their vendors. To be considered for this role, you should have: Must have a strong background in cyber risk management, vulnerabilitymanagement, vendor relationship management, and incident response. Strong understanding of standards such as PCI-DSS, NIST, ISO27001, GDPR, and similar. more »
Greater London, England, United Kingdom Hybrid / WFH Options
Franklin Fitch
are looking for an enthusiastic and innovative IT Security Engineer. Security Engineer main responsibilities will include, but are not necessarily limited to, the following: VulnerabilityManagement o Take lead on the daily vulnerabilitymanagement activities, including but not limited to application vulnerability and infrastructure vulnerability assessments. o Manage prioritisation of vulnerabilities through a risk-based approach, to meet patch management policies, regulatory compliance, and audit findings. o Management and configuration of vulnerabilitymanagement tools (Microsoft Azure and Qualys) o Support the InfoSec function in proactively identifying and leveraging threat intelligence … sources to inform strategic vulnerability mitigation measures. Threat Management o Take lead on the daily threat management activities o Maintain and update incident response playbooks and automation o Monitor security dashboards and reports for alerts and threats o 2nd line support to IT Service Desk for cyber more »
assessing, managing, and mitigating cyber risks, manage various vendor and third-party supplier relationships, and act as a key point of contact when overseeing vulnerabilitymanagement and incident response processes. This role requires a deep understanding of cyber risk, stakeholder and vendor management skills, and expertise in … vulnerabilitymanagement and incident response processes. Main responsibilities: Conduct cyber risk assessments to identify vulnerabilities and threats. Analyse existing security measures and recommend enhancements to mitigate identified risks. Collaborate closely with internal stakeholders across various departments to understand their unique cybersecurity needs and requirements. Evaluate third-party vendors … and assess their cybersecurity practices to ensure they meet our clients security standards. Implement and oversee vulnerabilitymanagement processes to proactively identify and remediate security vulnerabilities. Coordinate with relevant teams to prioritise and address vulnerabilities. Develop and maintain incident response plans and procedures to effectively respond to cybersecurity more »
Greater London, England, United Kingdom Hybrid / WFH Options
Thomson Keene
leading Equity-focused broker-dealer based in London, who are currently looking to hire a Senior Security Analyst to join their Information Security exposure management group. They’re looking for experts in vulnerabilitymanagement & attack surface management tooling who can hit the ground running in a … global team split largely between UK & USA, who have big responsibilities within their centralised InfoSec group, covering security & risk solutions and managing exposure/vulnerability tolling across the whole of the firm. The successful applicant will have: Extensive experience working in Exposure & Vulnerabilitymanagement environments Considerable experience … using VulnerabilityManagement tools Experience with Web Application Security frameworks Knowledge of framework & methodologies such at CVSS, CIS Benchmarking, OWASP, MITRE, etc. Nice to have: Knowledge of software development methodologies such as DevSecOps & Secure Architecture Hands on knowledge of tools such as BurpSuite, Metasploit, Nmap Experience with data more »
Job Overview: Join a dynamic and high-performing team as a Senior Analyst in VulnerabilityManagement & Security Testing. This role offers the unique opportunity to enhance a best-in-class Threat Defence capability and make significant contributions to our security operations. Ideal candidates will bring a strong background … in threat management, vulnerability assessment, and security testing, aiming to drive innovation and excellence in our security practices. Key Responsibilities: Conduct thorough vulnerability assessments across various platforms, including networks, systems, applications, and devices. Analyze risks associated with vulnerabilities, provide detailed reporting, and recommend actionable remediation strategies. Work … across IT, IoT, and OT environments. Coordinate and oversee remediation efforts to ensure timely and effective resolution of security vulnerabilities. Requirements: Extensive experience in vulnerabilitymanagement and remediation, including hands-on experience with vulnerability scanning tools. Good knowledge of Exabeam, Tenable.io and Tenable.sc would be considered a more »
Cyber Security function. Our client is looking for candidates who have a proven track record in managing security risks associated with third-party vendors, vulnerabilitymanagement, stakeholder engagement, and remediation efforts. This role requires a deep understanding of cybersecurity principles, strong communication skills, and the ability to collaborate … effectively across various departments and external partners. Main responsibilities: Manage and oversee all aspects of third-party vendor security risk management, including assessment, monitoring, and mitigation strategies. Develop and implement third-party risk management programs to ensure compliance with regulatory requirements and industry best practices. Conduct regular risk … vulnerabilities and track progress to resolution. Establish and maintain effective communication channels with stakeholders to provide updates on security risks and mitigation efforts. Lead vulnerabilitymanagement activities, including the identification, prioritisation, and remediation of security vulnerabilities across our client and their vendors and suppliers. Work with various teams more »
Office 365, Defender for Cloud, Defender for Cloud Apps (CASB) Preferrable: Defender for Identity, Azure MFA), IBM QROC/QRadar. Desirable: Any experience of VulnerabilityManagement Optimisation at scale in an enterprise environment. (eg, Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis other similar … VulnerabilityManagement Optimisation platforms also considered) RESPONSIBILITIES: Working within a high-calibre team environment, your role will include: -Performing vendor assessments and technical security risk reviews -Day-to-day administration of numerous security platforms used by SOC and Security Engineering teams. You will contribute to the technical design more »
for Cloud, Defender for Identity, Defender for Cloud Apps (CASB), Azure MFA, Azure, QROC/QRadar, Microsoft Defender for Office 365 Any experience of: VulnerabilityManagement Optimisation at scale, this is an enterprise environment. (e.g., Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis – other … similar VulnerabilityManagement Optimisation platforms also considered) AND/OR Mimecast Email security gateways OnDMARC/DKIM/SPF, Varonis DatAdvantage, Darktrace is beneficial. Responsibilities; Working within a high calibre team environment, your role will include: -Performing vendor assessments and technical security risks reviews -Day to day administration more »
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
Engineer role will support the systems and applications that deliver enterprise security services for a global organisation. With a focus on identity and access management, the Security Engineer will provide expert knowledge to support the planning, design, development, and deployment of centralized IAM and PAM solutions and the delivery … of the enterprise-level Privileged Access Management program. The role will also support the implementation and management of all cyber security technologies and services in use at the company Role & Accountabilities Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an … in-depth knowledge in the areas of authentication and authorization systems, identity lifecycle management, and identity governance. Build the IAM strategy, and ensure its implementation is a success across the business. Staying up-to-date on current IAM threats and industry solutions, and ensuring IAM measures are appropriate. Support more »
Reading, England, United Kingdom Hybrid / WFH Options
Vallum Associates
experience in Cybersecurity. Responsibilities Help develop an Enterprise Security Architecture Framework, including patterns for identity & authentication, authorization and access control, cryptographic key and certificate management, auditing and security monitoring, data leakage prevention, privacy enhancement & protection and other standards in alignment with Enterprise Architect platforms. • Establish metrics and monitoring to … Strong knowledge of IT infrastructure, IP networking, security best practices, and automation technologies. • Application security: including but not limited to: authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerabilitymanagement and secure code development methodologies. • Infrastructure … security, device security, VPNs & SSLs, secure file transfers, security event monitoring, malware security and cyber security. • Operational security: including but not limited to: incident management, change & patch management, data centre & physical security, backups, DR & BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate managementmore »
Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, VulnerabilityManagement, Attack Surface Reduction, Software Engineering, Security Architecture, Platform Support both locally and globally. You will have experience … in: Leading the response to complex incidents in a large-scale environments. Years of relevant experience in cyber security operations, incident management or risk management within an enterprise environment. Self-motivated interest in the latest cyber security threats and vulnerabilities and is able to integrate threat intelligence into more »
Strong knowledge of IT infrastructure, IP networking, security best practices, and automation technologies. Application security: including but not limited to authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerabilitymanagement and secure code development methodologies. Infrastructure … device security, VPNs and SSLs, secure file transfers, security event monitoring, malware security, and cyber security. Operational security: including but not limited to incident management, change and patch management, data centre and physical security, backups, DR and BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys … and certificate management, PCI DSS and DPA compliance, and ISO 27001/2. Analysing network security controls, including firewall and router security configuration; Preferred: Delivering the security review processes and frameworks with a full audit trail. Managing multiple security assessments and changing priorities simultaneously Ensuring Security Architecture Review is more »
Birmingham, West Midlands, West Midlands (County), United Kingdom
ARM
Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas … for this role, the ideal candidate will have experience in each of the below; Threat & VulnerabilityManagement Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to … provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerabilitymanagement (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing more »
of Digital Operations is a newly created role within the NAO's Digital Services (DS) function. Leading a newly created team bringing together; Service Management, technology & cloud operations, the management of all digital strategic support managed service providers, including service desk, 2nd-4th line support, End User & Infrastructure … Computing (EUIC), network & connectivity management and leading an internal technical operations team. The Head of Digital Operations is responsible for the operational effectiveness of all the NAO's digital estate. This includes ensuring the availability, accessibility, reliability, security and operational effectiveness of all NAO digital systems, services, and networks. … requires regular attendance to the office in Victoria, London, and occasional attendance in the NAO's office in Newcastle. Function Responsibilities - • To oversee the management, delivery and performance of all DS operations including support, maintenance, vulnerabilitymanagement, service management, end user & infrastructure computing services, networking & all more »
Greater Cheshire West and Chester Area, United Kingdom Hybrid / WFH Options
psd group
Job Title: Cyber Security Vulnerability and Threat Engineer Location: Cheshire (Hybrid - 2 days per week on-site) Benefits: (Full list of benefits available on application) psd group are delighted to bring this newly created job opportunity to market, partnered with a truly industry-leading organisation as they embark on … a journey to improve their current Cloud Infrastructure/Cyber Security. We are looking for an experienced Cyber Security Threat and Vulnerability Engineer, to take ownership of identifying signs of compromise in cyber security services, IT systems, and related infrastructure. This will be a hands-on approach to vulnerabilitymanagement reduction across all IT Systems and you will work with the SOC to assist in the coordination and management of cyber incident response activities. The ideal candidate will have come from a Cloud Infrastructure background, have moved into Cyber Security, and will hold a current/ more »
operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerabilitymanagement activities, collaborating with the vulnerabilitymanagement team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. more »
Analyst will oversee risk assessment and communication related to infrastructure vulnerabilities. They will collaborate with teams to identify vulnerabilities, prioritise risks, and improve the vulnerabilitymanagement process. The right candidate for the Cyber Security Analyst position will have the following: Enjoy working in a fast-paced, customer-centric … colleagues, and a genuine interest in Cyber Security are key Have experience in similar roles, Cyber Security qualifications, and a track record of enhancing VulnerabilityManagement processes through communication and relationship-building The required skills for the Cyber Security Analyst include but are not limited to: A comprehensive … grasp of security vulnerabilities, their categorization, remediation methods, and associated risks is imperative Proficiency in prioritising vulnerability remediation based on threat intelligence and business context is crucial Strong skills in generating meaningful reports and communicating effectively with relevant stakeholders are a must Familiarity with security tools Proficiency in using more »
Oxford, Oxfordshire, United Kingdom Hybrid / WFH Options
Planet Recruitment
installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerabilitymanagement, identify risk tolerances, recommend treatment plans … and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best … in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/ more »
ensuring that effective governance and technical assurance can be performed. Maintain and improve the use of artefact templates. Ensure that there is effective capacity management and planning in place for the security services and solutions assigned to you and ensure that the solution is incorporated into the 18-month … technical and budget roadmap for capacity expansion and service improvement. Support the Programme and Project Manager in project planning, risk and issue management and the budgeting process. Candidates should demonstrate: Must have at least 3 years of experience working in Cyber Security within a technical field. Must have a … or difficult it will be to exploit these vulnerabilities. Must be well versed in the application of security policies and standards, governance, compliance, risk management and technical assurance practices. Should have experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the more »
and services to ensure that CLS is equipped with appropriate industry best tools and solutions Operational Operate and maintain controls related to SIEM, DLP, VulnerabilityManagement, DLP, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations. Conduct IT Security risk assessments for all … help design, implement and maintain security Prepare for, identify (hunt) and remediate cyber threats Operate and maintain IT Security controls related to SIEM, DLP, VulnerabilityManagement, Cyber Threat Intelligence, DLP, Endpoint Protection, etc. Participate in an on-call rotation to act as an escalation point for events requiring … collaborate effectively with others to drive forward key security objectives Strong documentation and report writing skills (to both technical and business audiences) Excellent time management and organizational skills combined with technical IT Security acumen Expert knowledge of Firewalls, TCP/IP, IPS, DLP, proxies, SIEM, & Endpoint Protection software Financial more »