Reading, England, United Kingdom Hybrid / WFH Options
Thames Water
ll help the business become an intelligent, connected organisation in order to deliver our digital transformation and turnaround. We are seeking a Cyber Threat & Vulnerability Analys t to be responsible for supporting the design, implementation, and maintenance of TVM (Cyber Threat & VulnerabilityManagement) solutions, controls, and processes … and best practices, as well as the ability to collaborate effectively with cross-functional teams. What you will be doing as a Cyber Threat & Vulnerability Analyst Support vulnerabilitymanagement across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained. … Collaborate with stakeholders to understand business requirements and assist with the development of threat assessment and vulnerabilitymanagement (TVM) strategies and controls that align with organisational goals. Assist with the development and maintenance of TVM documentation, policies, and procedures. Integrate cyber security solutions (e.g. vulnerability scanning tools more »
Do you have solid MS Defender Stack experience and a good knowledge of VulnerabilityManagement? Do you have a genuine passion for technology coupled with tenacity, drive and strong interpersonal skills? This could be the role for you: COMPANY: Global Consultancy with a strong vision and a reputation … Endpoint, Defender for Cloud, Defender for Identity, Defender for Cloud Apps (CASB), Azure MFA, Azure, QROC/QRadar, Microsoft Defender for Office 365 2.Vulnerability Management Optimisation at scale, this is an enterprise environment. (e.g., Kenna. VM/Cisco VulnerabilityManagement, Nucleus, Rapid 7, Armis – other similar VulnerabilityManagement Optimisation platforms also considered) 3.Mimecast Email security gateways OnDMARC/DKIM/SPF, Varonis DatAdvantage, Darktrace. Responsibilities; Working within a high calibre team environment, your role will include: -Vulnerabilitymanagement, including an automation project. - You will be the VulnerabilityManagement SME and be more »
Greater London, England, United Kingdom Hybrid / WFH Options
Franklin Fitch
are looking for an enthusiastic and innovative IT Security Engineer. Security Engineer main responsibilities will include, but are not necessarily limited to, the following: VulnerabilityManagement o Take lead on the daily vulnerabilitymanagement activities, including but not limited to application vulnerability and infrastructure vulnerability assessments. o Manage prioritisation of vulnerabilities through a risk-based approach, to meet patch management policies, regulatory compliance, and audit findings. o Management and configuration of vulnerabilitymanagement tools (Microsoft Azure and Qualys) o Support the InfoSec function in proactively identifying and leveraging threat intelligence … sources to inform strategic vulnerability mitigation measures. Threat Management o Take lead on the daily threat management activities o Maintain and update incident response playbooks and automation o Monitor security dashboards and reports for alerts and threats o 2nd line support to IT Service Desk for cyber more »
company committed to delivering excellence in the realm of information security to hire an Information Security Consultant. With a focus on IT Disaster Recovery, VulnerabilityManagement, and PCI-DSS compliance, they strive to ensure the security and resilience of their customer critical assets. We are seeking a talented … posture. Role Overview: As an Information Security Consultant, you will play a pivotal role in enhancing our organization's resilience to IT disasters, strengthening vulnerabilitymanagement processes, and ensuring compliance with PCI-DSS standards. You will collaborate closely with cross-functional teams to identify gaps, develop strategies, and … management. Formulate an iterative approach to understand gaps and issues at a high level. Develop a well-defined IT DR roadmap to achieve objectives. VulnerabilityManagement: Establish robust and measurable processes to identify and remediate vulnerabilities across the organization. Address configuration issues within scanning platforms, such as Qualys. more »
Warwickshire, Warwick, United Kingdom Hybrid / WFH Options
VIQU Limited
Vulnerability Analyst – 3- months contract – Hybrid Working – Outside IR35 Threat and Vulnerability Analyst require by a global customer based in Warwickshire to join an existing Security Team and assist them in their Cyber Journey. As the VulnerabilityManagement Lead, you will play a crucial role in … ensuring the on-going security posture of the organisation. Key responsibilities for the Vulnerability Analyst include: In-depth knowledge of cybersecurity threats, vulnerabilities, and risk management Experience working with Vulnerability tools – ideally Tenable – Rapid7 or Qualys would be considered VulnerabilityManagement - Conduct regular vulnerability assessments and recommend remedial actions Threat Intelligence Management – Monitoring and analysing the threat landscape, and providing updates to improve security Security Patch Management Risk Assessment - Conducting risk assessments to identify vulnerabilities and recommend mitigation solutions. Vulnerability and Threat Policy management essential Training of junior team more »
Help define Threat Hunting use cases. • Participate in Red/Blue team activities. Required Qualifications • Bachelor's Degree in Computer Science, Information Assurance, Security, Management Information Systems, Risk Management, or equivalent work experience acceptable. • 4+ years of related cybersecurity architecture, engineering, SOC work experience (monitoring, incident response, forensics … CISSP) Offensive Security Certified Professional (OSCP) Responsibilities Supports the strengthening of Oracle's security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerabilitymanagement; incident management and response; security policy development and enforcement; privacy; information security education, training and … awareness (ISETA); digital forensics and similar focus areas. Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. more »
Tasks: * Act as Service Owner for Network Security * Support IT transformation journey and Zero trust strategy * Design for Remote Access, Secure Internet Access, Patch Management, VulnerabilityManagement, Network Access Control (NAC) * Conduct network security audits and risk assessments for vulnerabilities * Optimization of Network security controls * Monitoring of … the creation of standard network security processes (eg. Firewall rule change) * Stakeholder Management Requirements: * Long-term project experience as Security Network Architect * Experience as Service Owner, Team lead or Coordinator * Experience in designing network security services (Remote & Internet Access, Firewalling, IDS/IPS, NAC)# * Strong experience with Zscaler … and Fortinet * Strong experience with Fortinet management tools, NAC solutions, micro-segmentation tools and vulnerabilitymanagement * Experience with Zero Trust model, industry standards and frameworks (eg NIST,CIS) * Experience in large-scale network environments (30,000+ users) * International project experience * Beneficial: Manufacturing industry experience * Strong communication skills more »
updates to the existing systems. Delivery of key IT processes, in line with ISO27001:2022 framework to ensure compliance in system security and the management of systems, including: · Incident and Major Incident prevention and management · Change control · Access control · Disaster Recovery definition, monitoring and testing · Capacity management · Vulnerabilitymanagement · Asset and configuration management · Knowledge management Prepare IT related reports and present findings and recommendations to the leadership team. Due to the nature of this role, you should be available outside office hours to implement updates and assist with priority 1 issue. Key more »
Aylesbury, Buckinghamshire, South East, United Kingdom
Kelltron Consulting Services
Kelltron Consulting Services (KCS) - Information Security Engineer Kelltron Consulting Services (KCS) specializes in providing cutting-edge cybersecurity solutions, focusing on access and identity management, data governance, and privileged access management. Our suite of products, including Kelltron Access Management, Kelltron Identity Management, Kelltron Data Governance Management, and … Kelltron Privilege Access Management, are designed to secure and streamline our clients' IT environments. At KCS, we are committed to building sustainable, inclusive, and positive security cultures for our clients through continuous engagement and reinforcement of good security behaviors. As a vital member of our Information Security team, you … projects, collaborating closely with engineering, ITSM, Data, and Product teams to advance our security strategy. Your responsibilities will include: - Developing and improving alerting and vulnerabilitymanagement solutions. - Implementing essential security tools to enhance visibility and reduce risks. - Championing security best practices across cloud infrastructure and applications. - Automating security more »
updates to the existing systems. Delivery of key IT processes, in line with ISO27001:2022 framework to ensure compliance in system security and the management of systems, including: · Incident and Major Incident prevention and management · Change control · Access control · Disaster Recovery definition, monitoring and testing · Capacity management · Vulnerabilitymanagement · Asset and configuration management · Knowledge management Prepare IT related reports and present findings and recommendations to the leadership team. Due to the nature of this role, you should be available outside office hours to implement updates and assist with prority 1 issue. Key more »
Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, VulnerabilityManagement, Attack Surface Reduction, Software Engineering, Security Architecture, Platform Support both locally and globally. You will have experience … in: Leading the response to complex incidents in a large-scale environments. Years of relevant experience in cyber security operations, incident management or risk management within an enterprise environment. Self-motivated interest in the latest cyber security threats and vulnerabilities and is able to integrate threat intelligence into more »
Job summary The Security engineer is expected to lead the charge in incident response and security automation. They must also be proficient in vulnerability assessment investigating email, security platform deployment, network security, and knowledge sharing. The role will be based at Metroline head office in Cricklewood. However, there may … ATT&CK framework, and lead the charge in containing and remediating security incidents. Collaborate across teams to outsmart threats and keep our defences impenetrable. Vulnerability Slayer: Hunt down weaknesses with vulnerability scans and assessments, prioritise risks like a hawk, and orchestrate swift remediation with IT teams. Keep the … emails with encryption. Become the gatekeeper of our inboxes. Platform Maestro: Deploy, configure, and command a symphony of security tools - EDR/XDR, SIEM, vulnerabilitymanagement, email gateways, you name it. Fine-tune rules and detections, optimising threat detection and reducing false alarms. Network Security Sage: Possess a more »
This is both a technical and a people management role. • You will be responsible for day to day management of the team and for defining roles and responsibilities. • You will develop your team through sharing information effectively, coaching and communicating a clear vision to ensure that your staff … plus third-party partnerships where needed. The Domain Lead is accountable for the performance and results of the domain. Domain Leads form the senior management team with the Infrastructure and Service division and effective contribution at this level is a key requirement of the role. Domain Management & Strategic … Partner Management – Leading the performance of the domain and any partners by driving delivery to time, cost and quality. Ensuring alignment between supply and demand and continual improvement of services. Domain Strategy and Technology Sourcing – Accountable for our Infrastructure technical roadmap, ensuring clear and effective processes are in place more »
Security Vulnerability Manager - Perm £110,000 - £120,000 - London, hybrid As an experienced Vulnerability Manager, you are required for a global financial service organisation, based in the city of London. The company offers advanced trading solutions and execution services for hedge funds, asset management firms and insurance … Minimise the risk of the business' disruption, customer impact and reputational damage. Review and improve tools to ensure complete coverage of environment. Assess technical vulnerability risk based on intelligence-based prioritisation criteria. Work with various teams on remediation guidance plans Manage security technical risk vulnerabilities across AWS Cloud or … Classic Infrastructure Web applications APIs Operation systems Skills and experience required: Proficient knowledge and experience around exposure and vulnerabilitymanagement and Xaas platforms and Classic environments Experience with frameworks and methodologies; CIS Benchmarking, OWASP, CVSS, MITRE Knowledge of DevSecOps, Secure Architecture Previous experience with large datasets and analyse more »
Greater London, England, United Kingdom Hybrid / WFH Options
Franklin Fitch
maintence and growth of the security platform management. You will be working in an Azure/Windows Server environment and can take ownership of VulnerabilityManagement and Incident Response. You will also have a the opportunity to work on exciting Azure cloud security projects. Experience/skills set … Great experience with Incident Response and VulnerabilityManagement Can perform vulnerability assessments across windows OS, Applications etc. Any Threat Management experience will be beneficial Some experience with Azure Sentinel, MS Defender or Qualys Very good Salary and Bonus on offer and flexible hybrid working options. Get more »
standards/frameworks such as ISO27001:2022, NIST CSF, NIST SP 800-53, Zero Trust, Secure by Design, and Cloud Security models. - Execution of VulnerabilityManagement processes. - Implementation of Malware Protection strategies. - Oversight of Third-Party Security measures. - Deployment of robust Authentication Mechanisms. - Management and Governance of … adept Crisis Management. - Integration of Cybersecurity measures into projects and applications. - Effective Asset management. - Protection against DDoS attacks. - Enhancement of Logging/detection systems. - Management of Identity and Access (including Privileged Account Management). - Fortification of Network Security measures. Core Duties Oversee the security team (x2) daily to … Execute internal and external security assurance evaluations against standards-based compliance criteria referencing top Security and Governance frameworks. * Plan and Manage Penetration tests. * Oversee VulnerabilityManagement including scope review and validation, performing vulnerability assessments, and leading remediation activities. * Monitor infrastructure (including Compliance). * Analyse and handle security more »
Manchester, Clifton, City and Borough of Salford, United Kingdom Hybrid / WFH Options
Content+Cloud Limited
operations and forensics. Conduct advanced threat hunting to proactively identify hidden threats within the organisation's network, utilising advanced tools and techniques. Participate in vulnerabilitymanagement activities, collaborating with the vulnerabilitymanagement team to prioritise and remediate critical vulnerabilities identified through intelligence gathering and risk assessments. more »
CASB, Micro segmentation, SASE, SSL Decryption, ICAP, SD-WAN Threat Protection – Anti Malware, Endpoint Detection and Response, Sandboxing, Yara Rules • Governance and assurance – Patch management, Vulnerabilitymanagement e.g. Shavlik, Tenable, Nessus • Identify Access Management and Single Sign On – CyberArk, SAML, 2FA • Automated testing and assurance including … Python, SQL, JS, C# • Professional and vendor qualifications – TOGAF, CISSP, AWS/AZURE/GCP Architecture and security • Cloud adoption – Data centre migrations, workload management, SAAS • Automation and orchestration – Tools such as SCCM, Symantec Management Platform, Kubernetes, Ansible • Workflows and business process automation - ServiceNow, Salesforce, Symantec Workflow, Decisions … Cloud adoption – Data centre migrations, workload management, SAAS. more »
Align with industry frameworks (NIST, ISO 27001 & Cyber Essentials). Manage all areas of Cyber security including policy/governance, threat assessment, identity & access management, vulnerabilitymanagement, security administration (patch management), user engagement and SOC management. About you: Experience as a Head of Cyber Security or more »
to ensure staff are aware of their responsibilities and can act in a manner that minimizes risk to the organization. Regularly report to senior management about the status of the organization's security posture, regulatory compliance status, audit findings, and any other security-related issues and plans. Regularly review … in the decision-making process to obtain needed information, make the most appropriate decisions, and ensure buy-in and understanding of resulting decisions. Task Management Skills: The candidate is expected to proactively determine project or assignment requirements by breaking them down into tasks and identifying types of equipment, and … Publication (SP) 800-53, Revision 4 or Revision 5 Demonstrated success in achieving project completion in a timely manner. This includes having effective project management skills and correctly assessing the time required to carry out given tasks. Experience using Cyber Security relevant tools, systems, and applications to include but more »
Stay updated on emerging security trends and coach teams accordingly. Risk Mitigation: Identify security design gaps and recommend enhancements in existing and proposed architectures. VulnerabilityManagement: Perform security assessments, vulnerabilitymanagement, and associated reporting. Stakeholder Communication: Clearly articulate security concepts and decisions to key stakeholders. Qualifications … security concepts, OWASP Top 10, authentication protocols, and secure software development lifecycles. Familiarity with SAST, DAST tools, and modern authentication protocols. Excellent communication, time management, and interpersonal skills. Ability to translate complex ideas into understandable language for diverse stakeholders. Personal Characteristics: The ideal candidate is proactive, analytical, and possesses more »
to modernize operations and drive innovation across the entire IT estate. The Security Incident Coordination Analyst has the responsibility for the co-ordination and management of any Security Incidents. You will be a member of the leveraged UK Security Incident Coordination Team that delivers security services to a wide … range of customers in Public Sector, Health, Defence and Commercial Sectors. You will be responsible for the end-to-end management of the security incident life cycle, overseeing each of the relevant stages from triage through to closure, looking to identify patterns from root causes analysis and making recommendations … to the Security Delivery Lead and customer. You will provide a professional interface when required with the customer, the delivery team, and the line management chain, thus being point of contact for operational security advice and guidance. You will also be responsible for escalations of issues as and when more »
of the software development lifecycle for client workstation and application virtualization solutions. Core competencies include but are not limited to: Windows Build/Image Management, VDI, Application virtualization/layering, Software Deployment, PowerShell scripting/automation. Works independently as well as part of a tight-knit team, provides forward … using innovative and automated solutions. In depth knowledge of related infrastructure technologies and landscape (hardware, software, network, security, etc.) Demonstrated incident, problem and escalation management for own area of responsibility with a strong customer focus. Familiarity with compliance standards such as PCI-DSS is preferred Demonstrated strong presentation and … Linux knowledge a plus Windows Server 2019/2016 not required, but considered Virtualization Technologies: VMware, Citrix or equivalent Thin Client/Windows Terminal Management a plus PowerShell Scripting SCCM or equivalent experience with configuration management solutions Microsoft Intune/Endpoint Manager Group Policy ManagementVulnerabilitymore »
of the software development lifecycle for client workstation and application virtualization solutions. Core competencies include but are not limited to: Windows Build/Image Management, VDI, Application virtualization/layering, Software Deployment, PowerShell scripting/automation. Works independently as well as part of a tight-knit team, provides forward … using innovative and automated solutions. In depth knowledge of related infrastructure technologies and landscape (hardware, software, network, security, etc.) Demonstrated incident, problem and escalation management for own area of responsibility with a strong customer focus. Familiarity with compliance standards such as PCI-DSS is preferred Demonstrated strong presentation and … Linux knowledge a plus Windows Server 2019/2016 not required, but considered Virtualization Technologies: VMware, Citrix or equivalent Thin Client/Windows Terminal Management a plus PowerShell Scripting SCCM or equivalent experience with configuration management solutions Microsoft Intune/Endpoint Manager Group Policy ManagementVulnerabilitymore »
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Project People
customer trust in a reliable network which matches the best, whilst ensuring compliance to regulatory requirements, company policy and standards. Experience with information security management frameworks (NIST, PCI, GDPR, ISO, OWASP, ITIL, ISF SoGP, COBIT) is essential. The role will involve supporting project managers in risk and issue management … one or more of the following technical domains: Cloud/Hybrid security Infrastructure and data centre security Network security Application security Identity and access managementVulnerabilityManagement Experience of influencing and negotiating technical outcomes with third parties, including conflict resolution due to changing priorities. - Stakeholder Management. Recent … ensuring that effective governance and technical assurance can be performed. Maintain and improve the use of artefact templates. Ensure that there is effective capacity management and planning in place for the security services and solutions assigned to you and ensure that the solution is incorporated into the 18-month more »