VulnerabilityManagement & Risk Specialist – London hybrid - £70,000 - £80,000 + Benefits Locke & McCloud are looking for an experienced VulnerabilityManagement Risk Specialist to join our clients growing Cyber Security function. In this role you will work with our clients various vendors and 3rd party suppliers … to manage security risks internally and externally, in addition to participating in incident response and vulnerabilitymanagement activities. We are looking for people who have a strong background in managing risks with vendors, incident response, vulnerabilitymanagement, and stakeholder management. Main Responsibilities: Collaborate across various teams … to establish and maintain an effective vulnerabilitymanagement program. Identify, prioritise, and assess vulnerabilities across our clients infrastructure, systems, and applications. Develop and implement strategies to mitigate risks associated with identified vulnerabilities. Coordinate with vendors to assess and manage risks associated with third-party products and services. Lead more »
managing cyber risks across our client and their vendors/3rd party suppliers. Our client is looking for candidates who hold strong skills in vulnerabilitymanagement, vendor relationship management, incident response, and possess a deep understanding of cyber risk. Main Responsibilities: Develop and implement cyber risk management strategies, policies, and procedures. Lead vulnerabilitymanagement efforts, including identifying, assessing, prioritising, and remediation of vulnerabilities. Establish and maintain strong vendor relationships to ensure third-party vendors comply with cybersecurity requirements and standards. Oversee incident response activities, including incident detection, analysis, containment, eradication, and recovery. Conduct risk … specialist to our client and their vendors. To be considered for this role, you should have: Must have a strong background in cyber risk management, vulnerabilitymanagement, vendor relationship management, and incident response. Strong understanding of standards such as PCI-DSS, NIST, ISO27001, GDPR, and similar. more »
Greater London, England, United Kingdom Hybrid / WFH Options
Franklin Fitch
are looking for an enthusiastic and innovative IT Security Engineer. Security Engineer main responsibilities will include, but are not necessarily limited to, the following: VulnerabilityManagement o Take lead on the daily vulnerabilitymanagement activities, including but not limited to application vulnerability and infrastructure vulnerability assessments. o Manage prioritisation of vulnerabilities through a risk-based approach, to meet patch management policies, regulatory compliance, and audit findings. o Management and configuration of vulnerabilitymanagement tools (Microsoft Azure and Qualys) o Support the InfoSec function in proactively identifying and leveraging threat intelligence … sources to inform strategic vulnerability mitigation measures. Threat Management o Take lead on the daily threat management activities o Maintain and update incident response playbooks and automation o Monitor security dashboards and reports for alerts and threats o 2nd line support to IT Service Desk for cyber more »
assessing, managing, and mitigating cyber risks, manage various vendor and third-party supplier relationships, and act as a key point of contact when overseeing vulnerabilitymanagement and incident response processes. This role requires a deep understanding of cyber risk, stakeholder and vendor management skills, and expertise in … vulnerabilitymanagement and incident response processes. Main responsibilities: Conduct cyber risk assessments to identify vulnerabilities and threats. Analyse existing security measures and recommend enhancements to mitigate identified risks. Collaborate closely with internal stakeholders across various departments to understand their unique cybersecurity needs and requirements. Evaluate third-party vendors … and assess their cybersecurity practices to ensure they meet our clients security standards. Implement and oversee vulnerabilitymanagement processes to proactively identify and remediate security vulnerabilities. Coordinate with relevant teams to prioritise and address vulnerabilities. Develop and maintain incident response plans and procedures to effectively respond to cybersecurity more »
Greater London, England, United Kingdom Hybrid / WFH Options
Thomson Keene
leading Equity-focused broker-dealer based in London, who are currently looking to hire a Senior Security Analyst to join their Information Security exposure management group. They’re looking for experts in vulnerabilitymanagement & attack surface management tooling who can hit the ground running in a … global team split largely between UK & USA, who have big responsibilities within their centralised InfoSec group, covering security & risk solutions and managing exposure/vulnerability tolling across the whole of the firm. The successful applicant will have: Extensive experience working in Exposure & Vulnerabilitymanagement environments Considerable experience … using VulnerabilityManagement tools Experience with Web Application Security frameworks Knowledge of framework & methodologies such at CVSS, CIS Benchmarking, OWASP, MITRE, etc. Nice to have: Knowledge of software development methodologies such as DevSecOps & Secure Architecture Hands on knowledge of tools such as BurpSuite, Metasploit, Nmap Experience with data more »
Cyber Security function. Our client is looking for candidates who have a proven track record in managing security risks associated with third-party vendors, vulnerabilitymanagement, stakeholder engagement, and remediation efforts. This role requires a deep understanding of cybersecurity principles, strong communication skills, and the ability to collaborate … effectively across various departments and external partners. Main responsibilities: Manage and oversee all aspects of third-party vendor security risk management, including assessment, monitoring, and mitigation strategies. Develop and implement third-party risk management programs to ensure compliance with regulatory requirements and industry best practices. Conduct regular risk … vulnerabilities and track progress to resolution. Establish and maintain effective communication channels with stakeholders to provide updates on security risks and mitigation efforts. Lead vulnerabilitymanagement activities, including the identification, prioritisation, and remediation of security vulnerabilities across our client and their vendors and suppliers. Work with various teams more »
Office 365, Defender for Cloud, Defender for Cloud Apps (CASB) Preferrable: Defender for Identity, Azure MFA), IBM QROC/QRadar. Desirable: Any experience of VulnerabilityManagement Optimisation at scale in an enterprise environment. (eg, Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis other similar … VulnerabilityManagement Optimisation platforms also considered) RESPONSIBILITIES: Working within a high-calibre team environment, your role will include: -Performing vendor assessments and technical security risk reviews -Day-to-day administration of numerous security platforms used by SOC and Security Engineering teams. You will contribute to the technical design more »
for Cloud, Defender for Identity, Defender for Cloud Apps (CASB), Azure MFA, Azure, QROC/QRadar, Microsoft Defender for Office 365 Any experience of: VulnerabilityManagement Optimisation at scale, this is an enterprise environment. (e.g., Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis – other … similar VulnerabilityManagement Optimisation platforms also considered) AND/OR Mimecast Email security gateways OnDMARC/DKIM/SPF, Varonis DatAdvantage, Darktrace is beneficial. Responsibilities; Working within a high calibre team environment, your role will include: -Performing vendor assessments and technical security risks reviews -Day to day administration more »
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
of Digital Operations is a newly created role within the NAO's Digital Services (DS) function. Leading a newly created team bringing together; Service Management, technology & cloud operations, the management of all digital strategic support managed service providers, including service desk, 2nd-4th line support, End User & Infrastructure … Computing (EUIC), network & connectivity management and leading an internal technical operations team. The Head of Digital Operations is responsible for the operational effectiveness of all the NAO's digital estate. This includes ensuring the availability, accessibility, reliability, security and operational effectiveness of all NAO digital systems, services, and networks. … requires regular attendance to the office in Victoria, London, and occasional attendance in the NAO's office in Newcastle. Function Responsibilities - • To oversee the management, delivery and performance of all DS operations including support, maintenance, vulnerabilitymanagement, service management, end user & infrastructure computing services, networking & all more »
operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerabilitymanagement activities, collaborating with the vulnerabilitymanagement team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. more »
and services to ensure that CLS is equipped with appropriate industry best tools and solutions Operational Operate and maintain controls related to SIEM, DLP, VulnerabilityManagement, DLP, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations. Conduct IT Security risk assessments for all … help design, implement and maintain security Prepare for, identify (hunt) and remediate cyber threats Operate and maintain IT Security controls related to SIEM, DLP, VulnerabilityManagement, Cyber Threat Intelligence, DLP, Endpoint Protection, etc. Participate in an on-call rotation to act as an escalation point for events requiring … collaborate effectively with others to drive forward key security objectives Strong documentation and report writing skills (to both technical and business audiences) Excellent time management and organizational skills combined with technical IT Security acumen Expert knowledge of Firewalls, TCP/IP, IPS, DLP, proxies, SIEM, & Endpoint Protection software Financial more »
career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and Incident Response as well as VulnerabilityManagement and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect to independently resolve complex issues. … security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerabilitymanagement, MITRE attack framework, and Incident response. Strong stakeholder engagement skills and the ability to promote a secure mindset within an organisation. Previous more »
InfraView - Specialist Cloud & IT Infrastructure Technology Recruitment
leading and developing a team of Cyber Security experts. Building, maturing and providing Security services to multiple customers in multiple sectors. This is a management position but this person must also be able to lead from the front from a technical perspective. We need a “people manager” as well … business is excited about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerabilitymanagement, major incident response, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and … SC-200, AZ-500, MS-500). Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft stack, vulnerabilitymanagement tools, SIEMs including Sentinel. Previous experience of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials more »
and security assurance testing, as well as configuring and fine tuning cyber security tools and solutions including preventative and detective measures for example firewalls, vulnerabilitymanagement tools, and EDR. Skills You will have worked as a Cyber Security Engineer or in a similar position. You will have experience … in a broad variety of technology including AWS, Microsoft 365, internet protections, vulnerabilitymanagement, SIEM, EDR. Experience securing on premises infrastructure and cloud services. Experience working with Systems Engineering teams, DevSecOps, CI/CD Senior Security Engineer - Onsite - £100K more »
assurance capabilities across various platforms and technologies. • Ensure that the IT estate complies with technical standards and the company policies to safeguard company assets. Management oversees directing the required remediation actions and countermeasures to lessen vulnerabilities and weaknesses that have been identified. • Create and enhance a regular penetration testing … programme for the red and purple teams that are in line with industry cyber threats and primary threat intelligence. • Create a VulnerabilityManagement procedure to guarantee that all security flaws and vulnerabilities that are known to exist are located, evaluated in context, given priority, and tracked for remediation … task requiring cross-partner cooperation at varying degrees of technical security proficiency. • In-depth knowledge and comprehension of operational excellence in programmes related to vulnerabilitymanagement and cloud security posture management. • A working knowledge of compliance and regulatory frameworks, including GDPR, ISA/IEC 62443, ISO/IEC more »
computer infrastructure, information systems and to ensure the organization maintains an acceptable risk posture. The Senior Information Security Analyst is highly engaged in risk management and mitigation, including evaluating vendor risk, examining vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves … detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, business systems, data leakage protection systems, patching, encryption, vulnerability scanning, application code scanning, remediation as well as defining configuration for a variety of security tools. Prior experience in an international enterprise environment is … delivery is on-time, within budget, and adopted to meet the company's information protection requirements. Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA more »
London, England, United Kingdom Hybrid / WFH Options
ITRS
with all staff and clients to implement appropriate IT infrastructure balanced against regulation requirements, risks, and cost. As part of the IT global senior management team, you will lead a global team of Infrastructure Technicians, ensuring that efficient and high-quality IT services and projects are delivered to support … available and fit for purpose to meet our needs as we scale our business. As a Global IT Infrastructure Manager, you will: Provide line management for the Global infrastructure staff. Lead the strategy, scalability, innovation, and best practices for local and global infrastructure solutions with service improvement reviews and … infrastructure services delivered. Directly contribute to ITRS Group's goal for achieving and maintaining ISO 27001 accreditation across the group. Be responsible for Problem management and helping in finding solutions. Integrate future acquisitions into the existing ITRS Group Infrastructure, systems, and processes Identity and Access Management (IAM) for more »
and maintaining the integrity, confidentiality, and availability of our information systems. Your expertise in Microsoft technologies and experience with SIEM (Security Information and Event Management) tools will be instrumental in identifying and mitigating security threats proactively. Responsibilities: 1. Security Monitoring and Incident Response: - Utilize SIEM tools such as Microsoft … analyse root causes, and implement necessary remediation actions. - Develop and maintain incident response procedures to ensure timely and effective handling of security breaches. 2. VulnerabilityManagement: - Conduct regular vulnerability assessments and penetration tests to identify weaknesses in our systems and infrastructure. - Collaborate with system administrators and developers more »
Enfield, London, United Kingdom Hybrid / WFH Options
Johnson Matthey Plc
and JMIT, particularly Security Operations Centre (SOC) and CISO functions. T ake a lead role in monitoring unusual activity across OT environments utilising asset management and vulnerabilitymanagement tools, reporting incidents/vulnerabilities and working with SOC and Site functions for assessment, investigation and resolution. Requirements for more »
East London, London, United Kingdom Hybrid / WFH Options
MECS Communications Ltd
out Splunk software across the platforms & infrastructure managed by the Engineering & Run & Operate teams. The DevSecOps Engineer will also oversee logging & Security Information & Event Management (SIEM) aspects of infrastructure, collaborating with application development teams to resolve issues & enhance security measures within the CI/CD pipeline. If you have … day London office, 4 days remote working, work from home Key Skills: Continuous Integration (CI), Continuous Deployment (CD), Infrastructure as Code (IaC), Security Automation, VulnerabilityManagement, Threat Intelligence, Secure Software Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps Practices, Security Scanning & Testing, Security Incident Response, Identity & Access Management (IAM), Secure Cloud Environments, Secure Code Reviews Nature: Permanent, Full Time Hours: Monday - Friday 09.00 -17.30 Gross pay rate: £55,000 - £70,000 basic + 20% bonus, Health Care, Discounts & other benefits Key Activity: * Develop more »
re looking for a dynamic Cloud Infrastructure Analyst to become an integral part of this client Cloud Infrastructure Support team, offering technical support and management across our client's cloud and infrastructure systems. This role is perfect for someone passionate about ensuring security, availability, and reliability in the Azure … a Cloud Infrastructure Analyst, you will: Maintain and secure cloud and infrastructure services, ensuring top-notch security, availability, and reliability. Handle incident and problem management, maintaining the smooth BAU operation of our infrastructure services daily. Manage changes to cloud and network infrastructure, keeping systems up to date and running … efficiently. Ensure delivery and implementation of technical solutions and support IT disaster recovery and business continuity processes. Play a key role in change management within the Cloud and Infrastructure environment. What they Offer: Location: Hybrid role with 1 - 2 days a week in our London office. Salary more »