1 to 25 of 52 Vulnerability Management Jobs in the City of London

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months FirstBank UK is a globally recognised, top-tier bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business with over 10 million active customers in over 700 business locations is the … oldest African bank in the UK. Due to business requirements, we are now looking to acquire the services of an experienced Cyber Vulnerability Management Analyst Please note that this is a hybrid role with 3 days in the office and 2 days working from home. Key Responsibilities: In this fixed term contract role, you will be part of … the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

posture has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data … risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance business priorities and risk. Hands-on leadership style More ❯

To be successful in this role, you will wield a broad range of skills and deep understanding within Cloud network and security architecture (Azure), and excellent communication and stakeholder management skills. This role will see you taking ownership of for the delivery of security solutions within the group to support and enhance our security strategies. Please note this role … security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders … with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete More ❯

Summary Reporting to the Head of Information Security, the role will support the delivery of the Banks IT Security strategy through implementation of the Cyber security programme, configuration and management of cyber security solutions, and proactive collaboration with the Banks security operations functions. Key Work Outputs and Accountabilities Assist with the delivery of the Banks strategic Cyber Security roadmap … security related requests Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and … how IT Security tooling such as Firewalls, AV, Proxies and IDS/IPS operate Familiar with the Microsoft stack including desktops, servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and More ❯

To be successful in this role, you will wield a broad range of skills and deep understanding within Cloud network and security architecture (Azure), and excellent communication and stakeholder management skills. This role will see you taking ownership of for the delivery of security solutions within the group to support and enhance our security strategies. Please note this role … security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders … with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete More ❯

security threats across hybrid environments. Managing and enhancing security configurations for Windows VMs, SQL databases, and PaaS solutions like Logic Apps. Administering security tools, including firewalls, endpoint protection, and vulnerability management systems. Ensuring data security by managing encryption, access controls, and compliance requirements. Performing security assessments, audits, and penetration testing. Developing security automation processes for identity and access … management (IAM), network security, and patch management. Collaborating with stakeholders to ensure security best practices are integrated into new and existing solutions. Managing third parties delivering security, cloud, or infrastructure services. Keeping up to date with emerging threats and security trends, advising the organization on proactive measures. The Successful Applicant A successful Security Engineer should have: Strong experience with … Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems to adhere to security guidelines proactively and reactively. What's on Offer A More ❯

date and compliant with industry best practice, policies, and guidelines. Contributing to deployment of Cybersecurity related projects and tasks for clients and internal infrastructure End to end threat and vulnerability management. Rolling out, managing, and configuring a range of network security tools and appliances. Key Skills: Microsoft 365 and Google Workspace Security admin Cloud, Endpoint Security, Virtualisation Networking (Routers More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with … with AI/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with … SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. Demonstrated experience delivering large-scale, cross-functional security projects. Excellent leadership, communication, and stakeholder management skills. Preferred Qualifications Experience in cybersecurity for SaaS or AI-native platforms. Familiarity with adversarial machine learning, model governance, or AI-specific threat models. Prior experience scaling security functions More ❯

experienced professional to work with their offices around the world to support cyber security initiatives. The successful candidate will possess strong analytical skills, an understanding of security administration, risk management and identity access management solutions. The main focus of the role will include: Performance of system security administration on designated technology platforms in accordance with the defined policies … standards and procedures, as well as with industry best practices and vendor guidelines Completion of threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Collating security incident and event data to produce monthly exception and management reports Reporting … succeed in this role, the individual will need: Exceptional communication skills (both written and verbal) At least 18 months experience of working with cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management Experience in developing, documenting and maintaining security procedures Knowledge of network infrastructure, including routers, switches More ❯

at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT, Security+, CySA+, OSCP, AWS, GCP or Azure Security Certs, or similar Why Join? Be at More ❯

and logs to detect unusual activities or threats. Incident Response: Assist in the investigation and response to security incidents, such as malware infections, unauthorized access attempts, and data breaches. Vulnerability Management: Assist in conducting vulnerability assessments and penetration testing to identify potential system and network weaknesses. Work with senior team members to apply patches and updates to … meets required security and service levels, aligning with corporate objectives. Communicate IT systems and controls to other departments as appropriate. Collaborate closely with global teams where relevant, particularly regarding management of systems hosted at external sites or data centers. Maintain relevant IT support processes and procedures. Produce regular IT support management reports. Handle pressure and work effectively in More ❯

to lead the end-to-end delivery of critical security projects for a global leader in financial market infrastructure. This role focuses on driving Security Maturity and Identity & Access Management (IAM) initiatives, ensuring alignment with regulatory requirements and business objectives in a highly regulated environment. You will oversee complex, multi-workstream projects, managing budgets, stakeholders, and vendor relationships while … and interface with PMO, Finance, and Portfolio teams. Required Experience: 5+ years in delivering complex InfoSec projects (financial/trading sector preferred). Proven expertise in IAM, cloud security, vulnerability management, and third-party risk. Certifications: PRINCE2, MSP, PMP, or APM (CISM/CRISC/ITIL desirable). Strong stakeholder management and experience in matrixed environments. Proficiency More ❯

Vulnerability Engineer London – 2 days a week on site £90,000 An impressive global media company is looking to hire a Vulnerability Engineer to take ownership of vulnerability remediation across a cloud and on-prem environment. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Vulnerability Engineer will drive and automate the vulnerability management programme across this business. This is a great opportunity for a passionate Vulnerability Engineer to build out a remediation programme and collaborate with a variety of stakeholders at all levels of this international super brand Vulnerability Engineer Duties and Responsibilities The successful Vulnerability Engineer will: Develop … implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools. Create and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as NIST or ISO 27001. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed; this business More ❯

tailored security solutions to our clients, drawing on your extensive experience in the MSP/MSSP landscape. Key Responsibilities: Overseeing and leading remediation of security assessments, technical testing, and vulnerability analysis (Cyber Essentials, Cyber Essentials Plus, NIST CSF). Delivering and supporting security projects from inception to completion. Providing expert guidance and support to clients throughout the security lifecycle. … Demonstrating strong leadership in both team management and project delivery. Leveraging technical expertise in security technologies (Microsoft XDR stack, vulnerability management tools, SIEMs including Sentinel). Contributing to incident response and driving operational improvements. Your Profile: Proven track record as a Cyber Security Consultant or vCISO within an MSP/MSSP environment. Strong client-facing skills, including More ❯

will be responsible for technically leading and developing a team of Cyber Security experts. Building, maturing and providing Security services to multiple customers in multiple sectors. This is a management position but this person must also be able to lead from the front from a technical perspective. We need a “people manager” as well as someone who can drive … for 2024 and the whole business is excited about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerability management, major incident response, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and Reporting. Responsibilities Own the evolution … Security+, CISM, CEH, Microsoft Security (SC-200, AZ-500, MS-500). Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft stack, vulnerability management tools, SIEMs including Sentinel. Previous experience of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials, Cyber Essentials Plus, and NIST More ❯

SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence, contract oversight … Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management , endpoint security (EDR/XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: 5+ years More ❯

SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements, including due diligence, contract oversight … Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register, prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management, endpoint security (EDR/XDR), and cloud compliance. Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: Experience: 5+ years More ❯

/IPS, SIEM) to detect and analyze potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints …/IP telephony). Technical Skills: Hands-on experience with OSPF, BGP, STP, NAC, and IPT (Cisco). Proficiency in network monitoring tools, NDR, and SIEM systems. Knowledge of vulnerability assessment tools and patch management. Soft Skills: Ability to work under pressure and handle emergencies. Strong communication and collaboration skills. Working Conditions: Flexibility for after-hours/weekend support More ❯

contact for all matters relating to Cybersecurity and requires a broad understanding of security controls and their effective implementation within corporate environments. The role will also require good relationship management skills across the assigned region/sub-region to enable business adoption. As a Director within the Regional Security Office (RSO) service you will be accountable for service delivery … The role with need to have effective relationships with senior leadership to support the delivery of the regional/sub-regional business goals and operate an effective security risk management regime against an agreed security risk mitigation strategy. As the trusted security lead, the role will present to local leaders, regulators and clients as needed. Prior experience of regulatory … management is required. This is a highly visible role within Aon to be able to embed effective security controls at scale within the firm. We are looking for you to bring new ideas and a commitment toward continual learning. You will stay actively engaged with business leaders, IT executives and external clients. The role requires gravitas and an ability More ❯

integration, automation, and a mobile-first strategy across a global footprint. Key Responsibilities Platform Ownership & Strategy Act as the primary owner for the Azure cloud environment, including governance, cost management, architecture, and operations. Develop and maintain a scalable, secure, and resilient cloud platform aligned with the firm’s digital transformation goals. Drive and implement the roadmap for infrastructure upgrades … regardless of time of day is an essential. Lead by example, setting clear expectations and holding individuals and teams accountable for high performance and ethical conduct. Provide direct line management of individuals where appropriate, ensuring clear direction, regular development conversations, and alignment with team and business goals. Operational Management Take full ownership of day-to-day BAU operations … ensuring the cloud platform’s performance, reliability, security, and compliance. This includes patch management across all infrastructure services, as well as ensuring regular reporting is carried out for patch compliance and vulnerability management. Beyond operational stability, the role demands a continuous improvement mindset - proactively evaluating the platform and driving enhancements to optimise efficiency, resilience, and user experience. Manage More ❯