24 of 24 Threat and Vulnerability Management Jobs in the UK

Worker Type: Employee Vulnerability Management Data Analyst Permanent London/Hybrid At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity As part of our continuous improvement and expansion of the vulnerability management function, we are seeking a highly … motivated Vulnerability Management Data Analyst to join our Global Security Operations Centre. This permanent, hybrid role is based out of our London office and reports to the Threat & Vulnerability Manager. The successful candidate will play a key role in strengthening QBE’s cyber resilience by turning complex security data into meaningful insights. This role will directly support … the identification, prioritisation, remediation and reporting of vulnerabilities—helping QBE stay ahead of emerging threats. Your New Role As a Vulnerability Management Data Analyst, you’ll collaborate with teams across security engineering, vulnerability management, service management, cyber governance, risk and divisional consultancy to ensure data accuracy, develop dashboards and reports, and support decision-making through More ❯

Hybrid 3 days per week onsite Rate: up to £552 p/d Umbrella inside IR35 Role purpose/summary Design Engineer to manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Design Engineer … will be required to publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate. Design Engineer should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Additionally, the Design Engineer will provide technical thought leadership and direction to their aligned projects and may stand in as subject matter experts and consultants … related programmes. Principal Preferred Requirements: Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level More ❯

Hybrid 3 days per week onsite Rate: up to £552 p/d Umbrella inside IR35 Role purpose/summary Design Engineer to manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Design Engineer … will be required to publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate. Design Engineer should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Additionally, the Design Engineer will provide technical thought leadership and direction to their aligned projects and may stand in as subject matter experts and consultants … related programmes. Principal Preferred Requirements: Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level More ❯

Your mission As a Security Engineer, you play a crucial role in developing and implementing comprehensive security strategies, policies, and procedures to safeguard Intigriti's information assets across corporate IT and the Intigriti platform. You are a passionate individual who enjoys building defences against today's cyber threats, targeting infrastructure, data, and employees. You should be able to analyse the … current threat environment and Intigriti's security posture, then design and implement controls in line with our risk appetite. This position requires strategic thinking, technical expertise, and a deep understanding of cybersecurity principles. You will be expected to deploy, manage and maintain preventive and detective controls leveraging security tools including EDR, SIEM, phishing simulation, compliance solutions, among others. You will … collaborate with colleagues in security and across the organisation, including Engineering and Legal teams. If tackling complex security challenges using tools that make sense excites you, this position is for you! What you'll be doing Infrastructure Security Oversee the design, implementation, and maintenance of security across Intigriti infrastructure, ensuring the confidentiality, integrity, and availability of company data. Collaborate with More ❯

looking for a skilled Lead PAM Security Solution Architect that can complement an existing team of Solution Architects to progress with designs of different components of the PAM solution and other supporting systems it will need to integrate with as part of the end-to-end journey. Project Overview: Our client is working on a strategic Identity and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. One of the pillars of that programme is Privileged Access Management (PAM). Our client is working on uplifting controls and capabilities in privileged access for the Group and introducing the strategic … password vaulting solution that will enable to meet strategic requirements. Security Solution Architects manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Security Solution Architects will be required to record key decisions, design deviations More ❯

role Are you a strategic cybersecurity leader ready to make a meaningful impact on the future of digital financial services? Do you have deep experience in safeguarding complex architectures and managing cyber risks across cloud and hybrid environments? If so, we have a pivotal opportunity for you. The Money and Pensions Service (MaPS), supporting the delivery of the Pensions Dashboard … Programme (PDP), is looking for a Cyber Security Lead to join our team. This is a critical leadership role, overseeing the full security lifecycle — from architecture and policy development to operational resilience and incident response — across complex hybrid environments with a strong emphasis on cloud security (AWS and Azure). Your leadership will be central to ensuring that digital financial … infrastructure remains secure, compliant, and future-resilient, working at the intersection of innovation, regulation, and public trust. The role also involves oversight of third-party security providers and suppliers, ensuring that outsourced services meet contractual, technical, and regulatory expectations while delivering value for public money. Join us and play a key role in securing the UK’s next-generation financial More ❯

Job Title: Defender Administrator Location: Gloucester/Warrington (onsite) Should be ready to work in shifts and out of hours (based on project requirement). Should be ready for on-call (ROTA basis). Job Purpose and Primary Objectives To migrate Symantec/McAfee Legacy Antivirus Solution to Microsoft Windows Defender (ATP). Key Responsibilities Defender Administrator will play a … in migrating Windows 10 endpoints to Microsoft Windows Defender (ATP) from Legacy AV Solutions (Symantec, McAfee). The successful candidate will require an aptitude for working with other infrastructure and application teams and to undertake analysis, diagnosis, and resolution of critical, high-priority, and escalated issues. Independently execute migration activities. Supervisory/Managerial Responsibilities EUC Lead/Project Manager Other … Responsibilities Budgets, targets, equipment etc.: N/A Key Skills/Knowledge Hands-on experience onboarding endpoints to Microsoft Defender. Knowledge and experience with Microsoft technologies such as (but not limited to): Microsoft Defender for Endpoint Microsoft Defender for O365 Microsoft Defender for Identity Microsoft 365 Defender Microsoft Cloud App Security Good knowledge around Endpoint Detection and Response (EDR), Threat More ❯

About the role: Join Our Team at Holland & Barrett! Are you passionate about cloud security and looking to make a significant impact? Holland & Barrett is seeking a Cloud Security Specialist to help us define and implement our cloud security strategy. If you're an experienced professional eager to work with cutting-edge technology and collaborate with diverse teams, we want … to hear from you! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports our business. Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining an edge network with a Web Application … Firewall (WAF), Distributed Denial of Service (DDoS) protection, and a Content Delivery Network (CDN). Access Control: Establish an access control baseline focusing on the principle of least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set. Security Controls: Design, implement, and maintain security controls to prevent, detect, and remediate insecure configurations, including More ❯

Solution Architect Sheffield 3 days in the office is mandatory End Date: 30th November (renewal end of Nov) £567 Project Overview: The client is working on a strategic Identity and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. One … of the pillars of that programme is Privileged Access Management (PAM). The client is working on uplifting controls and capabilities in privileged access for the Group and introducing the strategic password vaulting solution that will enable to meet strategic requirements. We are seeking an experienced Lead Security Solution Architect that can complement an existing team of Solution Architects … to progress with designs of different components of the PAM solution and other supporting systems it will need to integrate with as part of the end-to-end journey. Principal Preferred Requirements: Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management More ❯

skilled Cybersecurity Architect to join their team for an initial contract until the end of the year. Job Responsibilities/Objectives You will manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, you will … be required to publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate. Produce, manage, and update end-to-end solution designs in line with reference architecture & business requirements Articulate and publish key design decision records and options to ensure all solutions follow a logical, transparent decision-making process Articulate, publish, and ensure approval of … any design deviations resulting in technical debt Ensure any technical risks or issues arising from a solution design are recorded and mitigated. Produces, manages and translates the requirements into the architecture for that solution, ensuring technology and services meet the customer needs and expected business outcomes Ensures the design of the solutions are efficient, timely and cost effective throughout the More ❯

About the Role: At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If … you are passionate about cybersecurity and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development … Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and More ❯

Private Sector Secure the future. Transform with impact. Our client is a global consultancy that helps organisations tackle their most complex cyber challenges. With deep expertise in strategy, risk, and transformation, they partner with both public and private sector organisations to build resilience, meet regulatory demands, and enable digital growth. Backed by one of the largest technology and transformation practices … Manchester. About the Role As a Senior Manager, you'll play a pivotal role in shaping how organisations approach cyber security. You'll lead large-scale programmes that design and deliver cyber strategies, roadmaps, and operating models aligned to business goals. You'll take ownership of client relationships, direct multi-disciplinary teams, and act as a trusted advisor to CISOs … and senior executives. Beyond delivery, you'll contribute to the growth of the practice by driving thought leadership, proposals, and new business opportunities. What You'll Be Doing Leading the design and delivery of enterprise-wide cyber strategies and transformation programmes Advising senior stakeholders, including board-level executives, on managing cyber risk and enabling digital growth Shaping operating models, governance More ❯

are seeking an experienced Solution Design Engineer to join a leading UK financial institution on an initial 6-month contract. This role requires a strong technical background in cybersecurity and solution architecture, with the ability to design, govern, and deliver end-to-end solutions in a highly regulated environment. Key Responsibilities Develop and manage end-to-end solution designs in … line with business requirements, strategies, standards, and patterns. Create and publish architecture artefacts including high-level designs, design deviations, key decision records, and technical risk assessments. Present and defend solutions at design authorities and with senior stakeholders. Provide technical thought leadership and guidance across aligned projects. Ensure compliance with governance processes, architectural standards, and project requirements. Contribute to the development … of new architecture patterns and strategies, particularly within cybersecurity. Essential Skills & Experience Proven expertise in at least one domain of cybersecurity: security operations, threat & vulnerability management, identity & access management, cryptography, infrastructure, networks, applications, data, or cloud. Strong understanding of enterprise and solution architecture principles. Experience delivering solutions within large-scale IT transformation programmes. Skilled in Identity & Access More ❯

days/week in our London office Salary £80,000 - £95,000 (GBP) compensation benchmarking powered by Ravio Seniority Senior Closing: This role has no specific closing date. Perks and benefits Work from home option Employee Assistance Programme Enhanced maternity and paternity leave Paid emergency leave Mentoring/coaching Salary sacrifice Team social events Team lunches Cycle to work scheme … Job Description Overview Visa sponsorship: UK national or visa holder preferred, but not a dealbreaker. Background checks: Due to the nature of the work we do with global governments and partners, all employees need to pass background checks, verifying your identity, education (if relevant), work history, sanctions, criminal record, adverse financial history and right to work. Salary expectations: We aim … contact. Role Apolitical is the global peer to peer platform for people transforming government. Our engineering team ships a modern, TypeScript first stack-Kubernetes on GKE, Helmfile driven releases, and GitHub Actions pipelines-serving public sector professionals in 170+ countries. We're looking for a Senior DevOps Engineer who pairs operational excellence with a passion for security and data compliance. More ❯

days/week in our London office Salary £80,000 - £95,000 (GBP) compensation benchmarking powered by Ravio Seniority Senior Closing: This role has no specific closing date. Perks and benefits Work from home option Employee Assistance Programme Enhanced maternity and paternity leave Paid emergency leave Mentoring/coaching Salary sacrifice Team social events Team lunches Cycle to work scheme … Location: Remote UK Visa sponsorship: UK national or visa holder preferred, but not a dealbreaker. Background checks: Due to the nature of the work we do with global governments and partners, all employees need to pass background checks, verifying your identity, education (if relevant), work history, sanctions, criminal record, adverse financial history and right to work. Salary expectations: We aim … contact. Role Apolitical is the global peer to peer platform for people transforming government. Our engineering team ships a modern, TypeScript first stack-Kubernetes on GKE, Helmfile driven releases, and GitHub Actions pipelines-serving public sector professionals in 170+ countries. We're looking for a Senior DevOps Engineer who pairs operational excellence with a passion for security and data compliance. More ❯

of converting to a permanent role. The successful candidate will play a key role in delivering secure-by-design assessments across technology projects, ensuring compliance with IT security policies and industry standards. You will work closely with senior stakeholders, providing assurance on cybersecurity controls, identifying risks, and recommending actions to strengthen the organisation's security posture. Key responsibilities include: Conducting … IT security assessments across infrastructure, cloud, applications, and service operations projects. Reviewing and testing security controls to ensure operating effectiveness. Documenting risks, gaps, and recommendations for remediation. Supporting project teams to embed security requirements from the outset. Engaging with senior stakeholders and providing clear, actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands … on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications (CISSP, CISM, CISA, CRISC) desirable. This is an exciting opportunity to join a high-performing cyber security team within a More ❯

connecting with Cyber Security Strategy Manager candidates based in London. This grade pays up to £90,000 basic salary plus bonuses, pension, broad benefits, professional membership costs, training & development and more. Oliver James is partnered with a world class leading consulting group in their latest phase of cyber security growth. We are interested in connecting with Cyber Security Strategy Manager … candidates based in London. This grade pays up to £90,000 basic salary plus bonuses, pension, broad benefits, professional membership costs, training & development and more. In addition, our client offers a clear and defined path career progression where employees have complete control of their development. Candidates carrying a number of the below skills would be particularly relevant:- Strong skills in … areas such as cyber strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work More ❯

with senior cyber security & risk consultant candidates based in London. This grade pays up to £60,000 basic salary plus bonuses, pension, broad benefits, professional membership costs, training & development and more. Oliver James is partnered with a world class leading consulting group in their latest phase of cyber security growth. We are interested in connecting with senior cyber security & risk … consultant candidates based in London. This grade pays up to £60,000 basic salary plus bonuses, pension, broad benefits, professional membership costs, training & development and more. In addition, our client offers a clear and defined path career progression where employees have complete control of their development. Candidates carrying a number of the below skills would be particularly relevant:- Strong skills … in areas such as cyber strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to More ❯

with Senior Cyber Security Strategy Manager candidates based in London. This grade pays up to £120,000 basic salary plus bonuses, pension, broad benefits, professional membership costs, training & development and more. In addition, our client offers a clear and defined path career progression where employees have complete control of their development. Candidates carrying a number of the below skills would … be particularly relevant:- Strong skills in areas such as cyber strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and … M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports More ❯

a hands-on, delivery-focused role embedded within a cloud-native engineering group, with a dotted-line relationship to a central security architecture function to ensure alignment with governance and standards. Your Impact As a trusted security engineer, you will: Secure CI/CD pipelines and infrastructure-as-code (IaC) deployments across Azure. Lead container, API, and web application security … initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage audit-related actions. What You'll Bring Essential Skills: Deep expertise in Azure security controls and cloud-native security practices. Strong experience with IaC … and CI/CD pipeline security (Terraform, Git). Proven track record in container security (Docker, Kubernetes) and securing APIs/web apps. Practical coding/scripting ability in modern languages (Java, Python, Golang). Excellent communication and stakeholder engagement skills. Desirable Certifications: Microsoft AZ-500, SC-100, SC-200, SC-300. CISSP. Who We're Looking For Ideal candidates More ❯

to join Experis. Experis Consultancy is a Global entity with a well-established team with over 1000 consultants on assignment across 20 clients globally. Our UK operation is growing and has very aggressive plans for expansion over the coming years. We form part of the Manpower group of companies that turn over $20 billion a year collectively. Experis UK have … partnerships with major clients across the UK spanning multiple industries; our approach is a very personal one, with both our clients and our own employees. We are passionate about training, technology and career development. Skills required: Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment Experience working with SIEM technologies and security tooling An … understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable workload An interest in security and threat management Nice to have skills A SOC Analyst will More ❯

Senior Information Security Analyst We are looking for a Senior Information Security Analyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around vulnerability and threat management, making sure … security controls are functioning, mentorship of junior members and working being part of a 24 x 7 remote support rota. If you have experience of working in Cyber Securityand are keen to make a difference here is what we are looking for: Significant experience of working in a security related role, with demonstrable experience within an operational aspect with extensive … vulnerability and threat management. A strong understanding of Risk Assessment frameworks and methodologies. The ability to explain complex security issues in a fashion that could be understood by non-technical people. Knowledge of cloud security, with a knowledge of Azure/O365 Possess a knowledge of various technologies, how they can combine and how a system should be designed. More ❯

Senior Information Security Analyst We are looking for a Senior Information Security Analyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around vulnerability and threat management, making sure … security controls are functioning, mentorship of junior members and working being part of a 24 x 7 remote support rota. If you have experience of working in Cyber Securityand are keen to make a difference here is what we are looking for: Significant experience of working in a security related role, with demonstrable experience within an operational aspect with extensive … vulnerability and threat management. A strong understanding of Risk Assessment frameworks and methodologies. The ability to explain complex security issues in a fashion that could be understood by non-technical people. Knowledge of cloud security, with a knowledge of Azure/O365 Possess a knowledge of various technologies, how they can combine and how a system should be designed. More ❯

The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus … on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security/Technology project Lead/execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts/tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security More ❯