1 to 25 of 138 Vulnerability Management Jobs

Vulnerability Management Architect - Product Selection and Design 5 Month Contract - Outside IR35 Hybrid - travel to Bracknell and London, Pimlico as and when required Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in … modernising the company's vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework. Accountabilities: Explore and document our baseline vulnerability management architecture Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will … evaluate the drivers and benefits for change Provide market assessment as appropriate, partnering with our procurement teams as needed Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic) Compile vendor solution options to address the above (with More ❯

VULNERABILITY MANAGEMENT ANALYST/VM ANALYST Up to £75,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a … major driving forces behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes … Schedules related to Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include More ❯

in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. The Threat and Vulnerability Management Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying, assessing … within the Digital Engineering Services & Solutions (DES) department of the Technology Division. The role is part of the Digital Engineering Services & Solutions (DES) department, which encompasses Infrastructure and Service Management across EMEA Bank, International Securities, and the 15+ countries in which these entities operate. The position is responsible for leading the Threat and Vulnerability Management function, including … standards. It plays a critical role in governance, audit readiness, and the continuous improvement of MUFG's security posture, while also serving as the central coordination point for all vulnerability-related activities across DES. The successful candidate must demonstrate proven experience in leading teams and fostering a culture of technical excellence. They will be expected to establish best practices More ❯

means investing in talent, technologies, and tools that empower you to own your career.Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.The Threat and Vulnerability Management Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying, assessing … sits within the Digital Engineering Services & Solutions (DES) department of the Technology Division.The role is part of the Digital Engineering Services & Solutions (DES) department, which encompasses Infrastructure and Service Management across EMEA Bank, International Securities, and the 15+ countries in which these entities operate. The position is responsible for leading the Threat and Vulnerability Management function, including … standards. It plays a critical role in governance, audit readiness, and the continuous improvement of MUFG's security posture, while also serving as the central coordination point for all vulnerability-related activities across DES.The successful candidate must demonstrate proven experience in leading teams and fostering a culture of technical excellence. They will be expected to establish best practices for More ❯

We are partnering with a major UK energy organisation to find an experienced Cyber Threat Intelligence & Vulnerability Management Lead. This high-impact leadership role will oversee all aspects of cyber threat intelligence and vulnerability management across the Group, helping protect critical infrastructure and enabling strategic security initiatives. About the Role: This position offers a unique opportunity … to influence the development of security capabilities within one of the UK's largest energy firms. You'll lead the technical evolution of threat intelligence and vulnerability strategies, directly supporting senior leadership and contributing to the Group's security maturity programme. As a subject matter expert, you will mentor and manage a specialist team, lead engagements with law enforcement … wide technical controls. The role plays a key part in aligning the organisation with emerging threats, regulatory requirements, and global best practices. Your Responsibilities: Lead Cyber Threat Intelligence and Vulnerability Management strategies Guide the rollout of technical controls, policies, and threat intelligence platforms Manage and develop a specialist team (including Analysts and Specialists) Represent cyber intelligence at leadership More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

IT Infrastructure Operational Platform and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and … access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such More ❯

protect our software and infrastructure. This role involves conducting regular security assessments, including Cloud, Kubernetes, and our Products, to identify and address vulnerabilities. Additionally, the engineer will assist in vulnerability management programs ensuring that all AWS cloud infrastructure meets the highest security standards. In This Role, You'll Respond to security tickets promptly and professionally, including incident handling … as the point-of-contact for internal user security questions, providing guidance on security policies, tools, and best practices. Design, implement, and improve operational security processes—focusing on ticket management, incident response workflows, and documentation standards. Monitor security dashboards for alerts; analyze, document, and escalate events as needed for further investigation and remediation. Support the implementation and maintenance of … security controls, including vulnerability management, endpoint protection, multi-factor authentication, and encryption technologies. Assist in onboarding and off-boarding processes to ensure proper access controls and compliance. Contribute to developing, reviewing, and communicating Standard Operating Procedures (SOPs) for security operations. Influence internal teams and coach others on security policies and internal compliance frameworks. We're Looking For Candidates More ❯

s ready to move into a Head of role, take ownership, and shape strategy while staying close to the tech. What you'll be doing: Owning implementation, consolidation, and vulnerability management across the group Leading a team (3 direct reports by year-end) - mentoring, developing, and embedding best practice Overseeing infrastructure, EUC, platform, cloud, and building security Partnering … with stakeholders across multiple business units to understand systems and improve visibility Driving improvements in security tooling, processes, and response Vulnerability management tools (e.g. Rapid7, Microsoft Defender suite) Core enterprise security toolsets Networking, cloud infrastructure, and EUC environments You'll have: Experience as a team lead or manager (formal or informal) with direct reports or leadership responsibility Strong … grounding in infrastructure and security - ideally having moved from networking/cloud into security Hands-on experience with vulnerability management tools and security platforms Why join? Progression: Step into a Head of role with mentoring from an experienced Group Infrastructure Director Influence: Work at a group level across multiple industries More ❯

sharing through team briefings and technical exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure … and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement. Compliance & Governance Align security controls with frameworks such as ISO 27001, NIST, CIS, and … knowledge of Microsoft technologies (Windows Server/Desktop, Active Directory, Group Policies). Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials). Excellent problem-solving skills and ability to work under pressure. Strong communication More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Proven experience leading cyber security More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Key Skills Proven experience leading More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management … and resiliency patterns (graceful degradation, bulkheads, back pressure), empowering teams to deliver robust solutions. Experience leading and governing SRE/DevOps practices at scale, including CI/CD, incident management, post-mortems, and capacity & cost management, fostering a culture of operational excellence and continuous improvement. Sponsor and champion security leadership, including secure SDLC, identity/authorization (SAML/… innovation with pragmatic delivery and customer commitments. Ability to set and evolve technical standards, patterns, and guardrails for a modern SaaS platform. Skilled in org design, career ladders, performance management, and fostering a high-bar engineering culture. Ability to drive reliability, performance, and cost efficiency in cloud environments. Skilled sponsor and champion of secure SDLC, threat modelling, vulnerability More ❯

operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management … and resiliency patterns (graceful degradation, bulkheads, back pressure), empowering teams to deliver robust solutions. Experience leading and governing SRE/DevOps practices at scale, including CI/CD, incident management, post-mortems, and capacity & cost management, fostering a culture of operational excellence and continuous improvement. Sponsor and champion security leadership, including secure SDLC, identity/authorization (SAML/… innovation with pragmatic delivery and customer commitments. Ability to set and evolve technical standards, patterns, and guardrails for a modern SaaS platform. Skilled in org design, career ladders, performance management, and fostering a high-bar engineering culture. Ability to drive reliability, performance, and cost efficiency in cloud environments. Skilled sponsor and champion of secure SDLC, threat modelling, vulnerability More ❯

the Head of Cyber and IT will manage cloud infrastructure to ensure availability, scalability, and performance. The role also involves ensuring compliance with security standards, leading incident response and vulnerability management, and overseeing internal IT support and enterprise system administration. Additionally, the position requires building and leading a scalable team, aligning with DevOps on infrastructure maturity and security … cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and antivirus platforms. Secure and implement policies and procedures for disaster recovery and business continuity. Work with the CTO and … the rest of the executive team to embed security into all operations (DevSecOps). IT Management Lead internal IT support, device management, enterprise system administration and SaaS tooling. Manage identity and access controls (IAM), endpoint security, and network infrastructure (including physical and virtual servers and storage systems). Find, implement, and operationalize hardware environment improvements through a continual More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the More ❯

Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience … and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior analysts and support More ❯