1 to 25 of 59 Vulnerability Management Jobs in London

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . … s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and … Provide regular updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication More ❯

Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . … s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and … Provide regular updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

security initiatives, influence secure design standards, and mentor colleagues in best practices. Key Responsibilities Lead application and cloud security initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls … hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity with security frameworks and principles such as Zero Trust and risk-based More ❯

security initiatives, influence secure design standards, and mentor colleagues in best practices. Key Responsibilities Lead application and cloud security initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls … hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity with security frameworks and principles such as Zero Trust and risk-based More ❯

to a sustainable, net zero world. We’re looking for a Head of I&T Service Operations. Based at our Paddington site, you’ll be responsible for the definition, management, implementation and delivery of I&T Operations and Service Management across the URENCO Group incorporating: • Delivering iterative Service Strategy and Innovation focussed on how a best in class … IT Operations function works in modern enterprises • Lead on IT Service Continuity planning and testing with multiple outsourced service providers • Manage relationships with partners and service providers including contract management and continual service improvement • Leadership grounded in ITIL/ISO global standards for all I&T operational services • Stakeholder management specifically in reference to Service Outages, Testing Services … and Project Transition to Service • Service Protection in direct delivery of appropriate vulnerability management, risk management and patching services • Lead the management and operation of cloud and SaaS based subscription services • Financial planning for all Operational Services including renewals and upgrades of infrastructure and applications as required • Accountability for Monthly Global Service Reviews for all suppliers More ❯

are effectively deployed, maintained and optimised, while driving efficiencies and ensuring secure, compliant infrastructure. This role requires a background and strong expertise in enterprise toolsets, automation technologies and patch management processes. Engagement via Umbrella Company Only; all taxes & NI deducted at source. General responsibilities Lead operations of enterprise tooling platforms including SCCM, Scorch, BMC, Ansible and MuleSoft. Define and … consistent monitoring, reporting and compliance dashboards are in up to date and in-place for patching and tooling. Work with security and governance teams to align patching schedules with vulnerability management requirements. Provide operational reporting for Stakeholders, including compliance metrics. Manage vendor relationships and licensing agreements for tooling and middleware platforms. Required Skills & Experience Proven experience managing enterprise … operations tooling, middleware and patch management. Strong expertise with SCCM, Scorch, BMC, Ansible and MuleSoft platforms. Demonstrated experience in patch management, vulnerability remediation and compliance reporting. Hands-on knowledge of automation frameworks and orchestration platforms. ITIL Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built More ❯

Cyber Security Engineer CyberSec Engineer/IT Security Specialist – Disaster Recovery, Resilience Testing, CyberSec Improvements, Vulnerability Scanning/Management, Infrastructure, Nutanix, Commvault, VMware, Azure, PowerShell, Python; Law Firm, Permanent, London/Hybrid (3/2). £80k - £95k (On Experience) +Bonus +Benefits Global Low Firm seeks experienced Cyber Security Engineer/IT Security Specialist to join the IT … infrastructure tooling and at least one scripting language (PowerShell or Python preferred). Experience with Nutanix, VMware, Commvault, and hybrid cloud platforms Azure (preferred), AWS or GCP. Understanding of vulnerability management, monitoring, and orchestration tools. Relevant certifications such as Microsoft SC-200, Certified Ethical Hacker (CEH), CBCP/CBCI or equivalent. We are open to receiving applications from More ❯

not limited to: Global EDR consolidation (Microsoft Defender) MFA rollout Implementation of a new SIEM platform Key Responsibilities Lead the delivery of cyber security projects such as endpoint protection, vulnerability management, identity & access management, and network security. Develop and manage project plans, milestones, risks, and budgets. Coordinate delivery across regional teams, ensuring consistency and practicality. Manage third … progress. Essential Skills & Experience Proven experience managing complex cyber security projects within multi-region or federated organisations. Strong technical understanding across key cyber domains within Microsoft environments. Excellent stakeholder management and communication skills. Familiarity with structured project management methodologies (e.g. PRINCE2, PMP, Agile). Relevant security certifications such as CISSP, CISM, CompTIA Security+, or AWS/Azure Security More ❯

Sr. Cloud Security Architect professionals to be part of leading-edge technology projects. Cognizant's Cloud, Infrastructure & Security Services Practice provides end-to-end solutions covering architecture, design, implementation, management, and on-going support across the entire enterprise technology infrastructure. Our services include a spectrum of management, consulting, and systems integration services to help our clients maximize value … Shield Advanced, AWS Secrets Manager, AWS Inspector, AWS Macie, AWS GuardDuty, AWS Detective, AWS CloudTrail, and AWS Security Hub. Ensure cloud environments meet organizational and compliance security standards, Firewall Management Manage, configure, and troubleshoot Checkpoint Firewall to maintain network perimeter security and prevent unauthorized access, Infrastructure as Code (IaC) Develop and maintain IaC using AWS CloudFormation or Terraform for … automated deployment, configuration management, and consistent infrastructure provisioning. Security Configuration and Optimization Configure and optimize security measures, including IAM policies, security groups, network access controls, and encryption protocols. Monitoring and Incident Response Monitor AWS security alerts and incidents using AWS tools. Respond to and mitigate threats in real-time, conducting post-incident analysis and documentation. Risk and Compliance Management More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They … Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to … such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary More ❯

the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't … responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and More ❯

Defender for Cloud. Guide project teams on remediation steps and ensure alignment with security best practices. Support WebOps activities including deployment and configuration of SIEM and CNAPP tools. Oversee vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for … Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor and ServiceNow integrations Proven ability to lead incident response and vulnerability remediation efforts Nice-to-Have Skills Familiarity with multi-cloud environments (AWS, GCP) Experience in coordinating ITHC assessments and managing audit findings Knowledge of cloud architecture patterns and security … frameworks Strong communication and stakeholder management skills We Care About Our Employees' Happiness By providing 25 days of Annual leave + an option to purchase more through our Flexible Benefits. Flex benefits system – exciting opportunity to choose your own benefits. Retail discounts. Pension - matching contribution up to 10%. Private Medical Scheme. Life Assurance. Opportunities to learn in Atos More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯