Job Overview: Join a dynamic and high-performing team as a Senior Analyst in VulnerabilityManagement & Security Testing. This role offers the unique opportunity to enhance a best-in-class Threat Defence capability and make significant contributions to our security operations. Ideal candidates will bring a strong background … in threat management, vulnerability assessment, and security testing, aiming to drive innovation and excellence in our security practices. Key Responsibilities: Conduct thorough vulnerability assessments across various platforms, including networks, systems, applications, and devices. Analyze risks associated with vulnerabilities, provide detailed reporting, and recommend actionable remediation strategies. Work … across IT, IoT, and OT environments. Coordinate and oversee remediation efforts to ensure timely and effective resolution of security vulnerabilities. Requirements: Extensive experience in vulnerabilitymanagement and remediation, including hands-on experience with vulnerability scanning tools. Good knowledge of Exabeam, Tenable.io and Tenable.sc would be considered a more »
Engineer role will support the systems and applications that deliver enterprise security services for a global organisation. With a focus on identity and access management, the Security Engineer will provide expert knowledge to support the planning, design, development, and deployment of centralized IAM and PAM solutions and the delivery … of the enterprise-level Privileged Access Management program. The role will also support the implementation and management of all cyber security technologies and services in use at the company Role & Accountabilities Provide expert knowledge and act as a subject matter expert on key principles of (IAM) with an … in-depth knowledge in the areas of authentication and authorization systems, identity lifecycle management, and identity governance. Build the IAM strategy, and ensure its implementation is a success across the business. Staying up-to-date on current IAM threats and industry solutions, and ensuring IAM measures are appropriate. Support more »
Reading, England, United Kingdom Hybrid / WFH Options
Vallum Associates
experience in Cybersecurity. Responsibilities Help develop an Enterprise Security Architecture Framework, including patterns for identity & authentication, authorization and access control, cryptographic key and certificate management, auditing and security monitoring, data leakage prevention, privacy enhancement & protection and other standards in alignment with Enterprise Architect platforms. • Establish metrics and monitoring to … Strong knowledge of IT infrastructure, IP networking, security best practices, and automation technologies. • Application security: including but not limited to: authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerabilitymanagement and secure code development methodologies. • Infrastructure … security, device security, VPNs & SSLs, secure file transfers, security event monitoring, malware security and cyber security. • Operational security: including but not limited to: incident management, change & patch management, data centre & physical security, backups, DR & BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys & certificate managementmore »
Strong knowledge of IT infrastructure, IP networking, security best practices, and automation technologies. Application security: including but not limited to authentication, identity and access management, auditing, use of cryptography, data security, privacy enhancing technologies, web services security, OWASP, threat & vulnerabilitymanagement and secure code development methodologies. Infrastructure … device security, VPNs and SSLs, secure file transfers, security event monitoring, malware security, and cyber security. Operational security: including but not limited to incident management, change and patch management, data centre and physical security, backups, DR and BCP, outsourcing, managed services, cloud computing, asset management, cryptographic keys … and certificate management, PCI DSS and DPA compliance, and ISO 27001/2. Analysing network security controls, including firewall and router security configuration; Preferred: Delivering the security review processes and frameworks with a full audit trail. Managing multiple security assessments and changing priorities simultaneously Ensuring Security Architecture Review is more »
Oxford, Oxfordshire, United Kingdom Hybrid / WFH Options
Planet Recruitment
installation and configuration of hardware, applications, and software as part of Privacy by Design and Default. Manage and coordinate operational components of security incident management, including detection response and reporting. Manage the day-to-day activities of threat and vulnerabilitymanagement, identify risk tolerances, recommend treatment plans … and audit requirements. Review, escalate and action any unusual event behaviour identified through the groups information security systems. Create standards in system hardening, change management, documentation. Perform periodic firewall Ensure disaster recovery and data restoration processes work. Ensure appropriate Corrective and Preventative Actions are implemented in line with best … in broad domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems. Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/ more »
customer trust in a reliable network which matches the best, whilst ensuring compliance to regulatory requirements, company policy and standards. Experience with information security management frameworks (NIST, PCI, GDPR, ISO, OWASP, ITIL, ISF SoGP, COBIT) is essential. The role will involve supporting project managers in risk and issue management … templates is vital. Expertise and experience in technical domains ie hybrid security, infrastructure and data centre security, network security, application security, identity and access management, and vulnerabilitymanagement are important. Experience of influencing and negotiating technical outcomes with third parties, including conflict resolution due to changing priorities. … the clients they are supporting or projects they are deliverable in the UK. The role will involve supporting project managers in risk and issue management Creation, review, and approval of documentation such as requirements, architecture, design, and test artifacts. Experience in documenting and implementing processes, procedures, and architecture/ more »
Reading, Berkshire, South East, United Kingdom Hybrid / WFH Options
Proactive Appointments Limited
someone with previous experience in a Cyber Security Engineer role where they have gained knowledge and experience in web application security, web application firewalls, vulnerabilitymanagement and penetration testing. Experience working with cloud hosting providers, managing application testing and working with system owners/developers to improve application … in complex cross-technology environments. Maintain accurate logs of security events and incidents. Represent Information Security as required at IT meetings. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner. Assist in group security … understanding of Security Infrastructure design, IT Security best practice and hardening standards. Strong understanding of common IT protocols, infrastructure and systems e.g. Networks, Domain management and virtualised infrastructure. Understanding of security operations and keen to learn. Strong communication skills and able to work collaboratively with IT and other stakeholders. more »
in Reading. For this exciting role we are seeking an engineer who has gained knowledge and experience in web application security, web application firewalls, vulnerabilitymanagement and penetration testing. They are also looking for experience working with cloud hosting providers, managing application testing and working with system owners … to recover service in complex cross-technology environments. Work to defined SLAs & KPIs. Represent Information Security as required at IT meetings. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner. Assist in group security … understanding of Security Infrastructure design, IT Security best practice and hardening standards Strong understanding of common IT protocols, infrastructure and systems e.g. Networks, Domain management and virtualised infrastructure Understanding of security operations and keen to learn Strong communication skills and able to work collaboratively with IT and other stakeholders more »
in Reading. For this exciting role we are seeking an engineer who has gained knowledge and experience in web application security, web application firewalls, vulnerabilitymanagement and penetration testing. They are also looking for experience working with cloud hosting providers, managing application testing and working with system owners … to recover service in complex cross-technology environments. Work to defined SLAs & KPIs. Represent Information Security as required at IT meetings. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner. Assist in group security … understanding of Security Infrastructure design, IT Security best practice and hardening standards Strong understanding of common IT protocols, infrastructure and systems e.g. Networks, Domain management and virtualised infrastructure Understanding of security operations and keen to learn Excellent communication skills and able to work collaboratively with IT and other stakeholders more »
Royston, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Johnson Matthey Plc
and JMIT, particularly Security Operations Centre (SOC) and CISO functions. T ake a lead role in monitoring unusual activity across OT environments utilising asset management and vulnerabilitymanagement tools, reporting incidents/vulnerabilities and working with SOC and Site functions for assessment, investigation and resolution. Requirements for more »
Reading, England, United Kingdom Hybrid / WFH Options
Areti Group
the confidentiality, integrity and availability of information systems are maintained to protect customer, corporate and 3rd party data. You will have responsibility for the management of the CERT function as well as responsibility for the management of the SEIM and SOC partners. Responsibilities Creation and maintenance of Information … Security processes and procedures to support business policies and operations. Provide leadership and management of Information Security Operational teams to ensure efficient and effective, proactive and reactive security monitoring and defense across information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations … is maintained and in-line with compliance and regulation. Act as an escalation point for Information Security Incidents, changes and problems. Responsibility for IDAM management and control. Production of Risk Landscape documentation in conjunction with the Information Security Risk functions and other colleagues. Experience 🌳Minimum 5+ years commercial experience more »
Reading, England, United Kingdom Hybrid / WFH Options
Project People
the Confidentiality, integrity and availability of information systems are maintained to protect Customer, corporate and 3rd party data. You will have responsibility for the management of the CERT function as well as responsibility for the management of the SEIM and SOC Partners. Responsibilities Creation and maintenance of Information … Security processes and procedures to support business policies and operations. Provide leadership and management of Information Security Operational teams to ensure efficient and effective, proactive and reactive security monitoring and defense across information assets. Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations … is maintained and in-line with compliance and regulation. Act as an escalation point for Information Security Incidents, changes and problems. Responsibility for IDAM management and control. Production of Risk Landscape documentation in conjunction with the Information Security Risk functions and other colleagues. Technical Experience Minimum 5+ years commercial more »
will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain cyber security policies and procedures. Own threat management and response. Manage and mentor the cyber security team. Manage Security tooling risks and processes. Own vulnerabilitymanagement through the whole lifecycle … incident response capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment, (new hire inductions, periodic training, etc) Own maintenance, renewal and distribution of SSL … network concepts and technologies, particularly in a Microsoft-centric environment (Defender for Cloud, Cloud apps, Security scores, Purview including Data classification and retention, Identity Management, and conditional Access) Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour Strong Communication skills and more »
Information Security Vulnerability Analyst £50,000 - £55,000 Hybrid - 2 days per week in either Horley/Portsmouth office depending on location We are looking for a brilliant Vulnerability Analyst to join a constantly growing UK utilities company as they embark on a 5 year long transformation of … for an individual that has: At least 2 years’ cyber security experience, with a background in IT infrastructure or networking Experience or knowledge of vulnerabilitymanagement tools such as Qualys, Nessus, etc. Good understanding of Cyber Assurance Framework Experience with working with Regulators and providing compliance updates for more »
organisations assets and information. Role & Responsibilities: To act as a trusted advisor on information security matters. Oversee, manage , and maintain the companys information security management system and associated security certifications ( currently ISO 27001 and Cyber Essentials Plus in the UK) Support internal business teams with client and 3rd party … business. Manage and lead on security events and incidents reported or highlighted through internal processes and controls. Organise and support internal and external audits, vulnerabilitymanagement processes, penetration testing and business continuity/disaster recovery planning. Contribute towards the annual budget and forecasting process for Infosec related items. … and communicate this appropriately to your audience. The ability to embrace and encourage change and provide continual improvement. Implementation of and/or ongoing management of security policies and associated documentation. A pragmatic view of information security and its relationship with the wider business objectives. A willingness to self more »
the following skills and experience; - Strong understanding of networking, operating systems and cyber security concepts - Strong knowledge of security pactices such as IAM, SIEM, Vulnerabilitymanagement, Malware protection and Back up and Recovery - Strong experience with Microsoft security products such as Defender and Sentinel. - Experience mentoring teams or more »
automation, IaC and security by design. There's a broad range of responsibilities including handling requests related to system administration, operations governance, threat/vulnerabilitymanagement and incident response, you'll collaborate with engineering teams to evaluate and identify optimal cloud solutions providing subject matter expertise across a … of DevOps and IaC concepts You have a good understanding of cloud based security (e.g. ISO27001, NIST, CIS, OWASP, SOC2) and Identity and Access Management (IAM) within Azure You're familiar with ARM templates and/or Pulumi You have automation and scripting (PowerShell or similar) skills You're more »
Reading, England, United Kingdom Hybrid / WFH Options
Areti Group
one or more of the following technical areas: Cloud/Hybrid security , Infrastructure and data center security, Network security, Application security, Identity and access management , Vulnerability Management. · Skilled in defining and overseeing the achievement of security-related contractual and business goals. Capable of influencing and negotiating technical outcomes … with external partners, including resolving conflicts arising from changing priorities. · Familiarity with common information security management frameworks like NIST, PCI, GDPR, ISO Series, OWASP, ITIL, ISF Standards of Good Practice (SoGP), and ISACA’s Control Objectives for Information and related Technology (COBIT) frameworks. Areti Group – Carbon positive tech recruitment more »
Milton Keynes, Buckinghamshire, South East, United Kingdom Hybrid / WFH Options
Interact Consulting Limited
pipelines and integrating security tooling. Scripting Responsibilities will include Lead efforts to assess the current security posture of Azure infrastructure, encompassing Azure resources, processes, vulnerabilitymanagement tools, and techniques. Collaborate with the wider Infosec team and any third-party consultants engaged by MWI to provide recommendations based on … into CI/CD pipelines. Maintain an active risk registry and devise a plan to address identified issues in order of priority, ensuring proactive management of security risks. Please apply now more »
Reading, England, United Kingdom Hybrid / WFH Options
Oracle
the thousands of servers supporting our cloud services. Other responsibilities include: Designing and evaluating complex systems for security Scope and execute security assessments and vulnerability research Perform in-depth security assessments using results from static and dynamic analysis Create testing tools to help engineering teams identify security-related weaknesses … IT security in one or more of the following areas: software/product security assessments, penetration testing, red teaming, web application assessments Interest in vulnerability research and exploit development Demonstrable experience in designing and evaluating complex systems for security Aptitude for self-study, setting and achieving long term goals … for example, learning an unfamiliar programming language) Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff Excellent organizational, presentation, verbal, and written communication skills This role does not require access to a cleared work environment. Security clearances are not required, and more »
Hatfield, Hertfordshire, South East, United Kingdom
COMPUTACENTER (UK) LIMITED
and if applicable direct reports Manage and implement projects relevant to specialist area Manages, develops and coaches team of staff and implement s performance management solutions where required Develop and motivate team to help ensure the delivery of function and business targets Acting as a point of escalation on … Liaise with colleagues to ensure best practice and continual improvement in delivery of service to the business Establishes productive relationships and networks at Senior Management level to build and maintain customer relationships Responsible for managing budget/P&L to maintain spend in line with budgetary limitations Responsible for … Orchestration, CI/CD, Testing etc.) An understanding of Agile Delivery (Kanban/SCRUM/XP/Lean/SAFe) An understanding of DevOps Management (JIRA, Confluence) Awareness of CI/CD tooling such as Jenkins, GitLab or similar Experience of Hashicorp Terraform Experience of Hashicorp Vault Awareness of more »
this role is critical to the business. The successful Security Consultant will have the following experience: Broad and extensive knowledge of cyber security IT vulnerabilitymanagement experience - setting up annual penetration testing from scratch. ensuring data loss prevention Please apply directly with a CV and if suitable we more »
Key Responsibilities: Define and deliver the cyber security technical assurance strategy Manage the cyber security technical assurance team Establish and improve penetration testing and vulnerabilitymanagement processes, including red team and purple team exercises Develop and implement IT disaster recovery and business continuity plans Deputise for the Head more »
Key Responsibilities: Define and deliver the cyber security technical assurance strategy Manage the cyber security technical assurance team Establish and improve penetration testing and vulnerabilitymanagement processes, including red team and purple team exercises Develop and implement IT disaster recovery and business continuity plans Deputise for the Head more »
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Matchtech
Key Responsibilities: Define and deliver the cyber security technical assurance strategy Manage the cyber security technical assurance team Establish and improve penetration testing and vulnerabilitymanagement processes, including red team and purple team exercises Develop and implement IT disaster recovery and business continuity plans Deputise for the Head more »