22 of 22 Vulnerability Management Jobs in the Midlands

VULNERABILITY MANAGEMENT ANALYST Up to £70,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces … behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management/SOCAnalyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes & Schedules related … to Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management/SOC Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of SOC/Vulnerability Management Analyst role More ❯

working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … Assist in managing third party risk processes by evaluating external partners' security postures and ensuring compliance with internal requirements. Work closely with Security Operations and IT teams to oversee vulnerability assessments and coordinate remediation efforts effectively. Conduct thorough reviews of security architecture for new systems and services to ensure robust protection measures are in place from the outset. Evaluate … necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate progress against More ❯

Life on the team The Vulnerability Governance Analyst role will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security … incident procedures Build, manage and update Vulnerability Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident … management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical and non-technical teams to coordinate changes and More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

diagnose, and resolve hardware, software, and system-related issues. Act as a key liaison with third parties and government systems to escalate and resolve operational IT issues. Oversee endpoint management, including policy enforcement, configuration, application deployment, and Windows OOBE imaging. Administer virtual endpoints and assets within a cloud-hosted infrastructure. Perform patching and vulnerability management across operating … Manage licensing, user accounts, and group permissions within Microsoft 365. Proactively monitor system health, conduct Level 1-3 incident analysis, and escalate identified cyber security risks. Participate in incident management activities, including major incident response calls, adhering to ITIL support practices. Maintain and enhance network infrastructure, ensuring optimal performance and security. Identify and implement automation opportunities to improve IT More ❯

a strategic and hands-on role where you'll be the key bridge between clients and operational teams, ensuring smooth delivery of security services, incident response coordination, and ongoing vulnerability management. If you’ve got a deep background in cybersecurity operations, excel under pressure, and know how to guide both clients and internal teams, this could be your next … remediation activities Managing client-facing service reviews (weekly/monthly), presenting clear reports and insights Supporting internal delivery teams to ensure SLAs are met and quality standards maintained Overseeing vulnerability scanning and prioritisation , and guiding clients on remediation Supporting and managing IDS/IPS configuration and updates Driving continuous improvement across service delivery processes What We’re Looking For … 10+ years in Security Operations or SOC-related service delivery Strong technical understanding of incident response, vulnerability management, IDS/IPS Proven experience handling client relationships, stakeholder management , and crisis situations Excellent communication skills — both technical and non-technical Experience leading cross-functional teams in fast-paced environments Relevant certifications (e.g. CISSP, GCIH, CICM) UK SC clearance More ❯

internal systems Maintain and enhance the progressive Cyber Security roadmap/Strategy Maintenance of a Cyber Security Incident Response Plan Maintain the robust approach to security and event information management Review/modify and update ICT policies and processes Co-ordination of security audits and management of outcomes Attend routine board meetings to overview current and future information … and vulnerabilities. Ensuring the system remains fit for purpose for future threats and estate changes Co-ordination of penetration testing The continued review and recommendation of security assessment tools Management of security with regards to new systems acquisition Analyse and report on potential threats or patterns Respond to security related enquiries Ideal Technical Knowledge: CISSP qualification Networking (prefer Cisco … Active Directory Virtualisation Platforms (prefer VMWARE) AV/EDR/XDR SIEM (preference AlienVault) Email Security (Prefer Mimecast) Vulnerability Management (prefer Nessus) Please apply to hear more More ❯

across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role Are you … across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands More ❯

across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role Are you … across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands More ❯

major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation … Manager in review of any service delivery processes and workflows, identifying areas for optimization and implementing best practices. Co-ordinate the running and reporting of a risk-based vulnerabilities management including: Scanning systems, networks, and applications to detect potential security weaknesses. Prioritize vulnerabilities based on their risk level, potential impact, and the criticality of the affected assets, ensuring that … challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise: Very strong experience in providing technical support and advice for a Security Operations Centre Demonstrate More ❯

are operating effectively. Provide technical advice to product owners on future visions, strategies and roadmaps aligned with IAG Lead a team of cyber engineers, providing both technical and line management support Forecast and manage cyber resourcing across multiple products, ensuring cost alignment and consistency in approach Ensuring timely and effective resolution of Engineering incidents on BA Cyber products Maintain … detailed documentation of BA security policies, procedures, and incidents What you'll bring to British Airways: High proficiency in Security Tools and Technologies, such as; SIEM, Vulnerability Management, EDR and Identity Experience in leading and mentoring a team of security professionals and an ability to foster a collaborative and learning-oriented environment Proven track record of implementing and More ❯

long-term career growth. What you'll do: As an IT Compliance Analyst, you will be at the heart of the organisation's efforts to maintain robust governance, risk management, and compliance standards. Your day-to-day activities will involve managing client audit inboxes, responding promptly to information requests, completing detailed questionnaires, and ensuring all documentation is up-to … participating in training programmes, you will help embed a culture of security awareness throughout the business. This role offers you the chance to expand your knowledge in governance, risk management, data protection, and information security within a dynamic international environment. Take ownership of completing and coordinating client security questionnaires and due diligence requests by gathering accurate information from relevant … demanding clients. Your familiarity with leading frameworks such as ISO 27001 and Cyber Essentials Plus will enable you to navigate complex requirements efficiently. Your keen interest in governance, risk management, data protection laws, and information security means that you are always looking for ways to enhance existing processes. A methodical approach ensures that documentation is meticulously maintained while your More ❯

evolve and secure our Operational Technology (OT) estate. We’re looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands … on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of controls. Deliver awareness training and cyber security guidance across OT engineering teams. Champion collaboration across cyber, IT, and engineering teams—bridging gaps between tech, process, and people. What we’re looking for The ability to More ❯

evolve and secure our Operational Technology (OT) estate. We’re looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands … on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of controls. Deliver awareness training and cyber security guidance across OT engineering teams. Champion collaboration across cyber, IT, and engineering teams—bridging gaps between tech, process, and people. What we’re looking for The ability to More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

builder to streamline and strengthen how security gets done. Respond to incidents with confidence, contribute to security audits, and answer client queries like a pro. Harden our systems: lead vulnerability management, champion new security policies, and help us stay two steps ahead of threats. Always be learning-dive into the latest security tools and trends, and shape our More ❯

to escalate and resolve operational issues Manage and maintain company endpoints, configurations, and application deployments Oversee cloud-hosted virtual endpoints and assets Perform OS, firmware, and application patching and vulnerability management Support onboarding/offboarding processes, including access setup and asset allocation. Administer licenses, accounts, and user groups in Microsoft 365. Monitor and maintain health of live systems More ❯

skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial systems Ensuring compliance with GLBA, PCI, FFIEC, and other regulatory frameworks Supporting risk reviews, vendor assessments, and internal audits Participating in security exercises … What You'll Need to be Considered 3-5+ years of relevant experience Prior experience in financial services, banking, or fintech cybersecurity Expertise with SIEM, EDR, NGFW, and vulnerability management tools Familiarity with scripting (Python, PowerShell) for automation and threat detection Experience conducting third-party risk reviews and regulatory reporting ITAC Solutions firstName lastName Email Address Phone More ❯

maintain the Cyber Security roadmap for the company and their clients. Investigate priority threats and potential Cyber incidents. Coordination of security audits. Review and recommendation of security assessment tools Management of security with regards to new systems acquisition. Deliver in person Cyber Security training programmes. Requirements: Networking experience Cyber Security Active Directory and Virtualisation experience. SIEM experience Email Security … Vulnerability Management The Package: If successful our client is offering a salary between £40,000 - £42,000 per annum, favourable holiday allowance. How to Apply : If you are interested in hearing more about this vacancy or interested in applying for the role please email me at or contact Principal IT Directly on LinkedIn. INDGH More ❯

operation of the infrastructure estate, including but not limited to: Server OS Patch Management. Virtualisation (VMWare) Group Policy. M365 (including exchange online). Active Directory/Entra ID Server Vulnerability Management. More ❯

development, you will follow best practices to ensure that both new and existing code is secure and maintainable, following best practices for secure design, secure coding, security testing, and vulnerability management. Key skills a successful applicant must demonstrate A deep understanding and knowledge of WordPress from theme and plugin development Core skill set of PHP, HTML 5, CSS … and JavaScript with a demonstrable track record of systems delivery in this stack. Comfortable using version control (git) collaboratively, following branch strategies and pull-request based change management workflows. Understanding of the importance of Information Security and best practices for developing secure applications and websites. Familiarity with Scrum, Agile and Waterfall development methodologies. Sub-set of skills and appreciation More ❯