1 to 25 of 73 Vulnerability Management Jobs in Scotland

Join to apply for the Threat and Vulnerability Analyst role at University of Glasgow 1 day ago Be among the first 25 applicants Join to apply for the Threat and Vulnerability Analyst role at University of Glasgow Job details Posted 23 May 2025 Salary Grade … per annum End date 27 June 2025 LocationGlasgow Job Type Management Professional & Administrative Reference171552 Expiry 27 June 2025 at 23:45 Job Description Job Purpose The Threat and Vulnerability Analyst is responsible for supporting and delivering the operation of the vulnerability management function. The role will … utilise vulnerability management tools and techniques to co-ordinate, categorise and prepare vulnerability remediation plans and present metrics/KPIs to senior stakeholders. The role will also analyse threat data from multiple sources to enrich vulnerability information and highlight emerging threat patterns. This role will support More ❯

Job Purpose The Threat and Vulnerability Specialist is responsible for supporting and delivering the operation of the vulnerability management function. The incumbent will utilise vulnerability management tools and techniques to co-ordinate, categorise and prepare vulnerability remediation plans and present metrics/KPIs to … senior stakeholders. The role will also analyse threat data from multiple sources to enrich vulnerability information and highlight emerging threat patterns. It will also support the development of technologies, policies and procedures to build a high performing vulnerability management function. Main Duties and Responsibilities 1. Monitor threats … intelligence feeds from multiple sources identifying emerging trends or patterns and proactively exercising considerable initiative and judgment to recommend mitigations. 2. Manage vulnerability scanning (scheduling, configuration) and ensuring all assets are compliant with Vulnerability Policy. 3. Develop and continually improve Vulnerability Policy and strategy and innovate new More ❯

exceptional place to grow your career! We are seeking a highly motivated, seasoned security professional to join Information Security as a Senior Attack Surface Management/Vulnerability Management Information Security Analyst. You will be responsible for managing the scanning architecture, as well as the program to identify … mitigate security vulnerabilities in our digital assets to enhance cybersecurity and protect sensitive data. This role supports business strategy in a dynamic environment. Responsibilities: Vulnerability Assessment: Conduct regular vulnerability assessments to identify security weaknesses in our systems, applications, and network infrastructure. Risk Analysis: Analyze and prioritize vulnerabilities based … to investigate and respond to security incidents, ensuring swift resolution and minimizing damage. Security Tools: Manage and maintain security tools and technologies used for vulnerability management, including scanning tools. Security Policies: Develop and enforce security policies, standards, and best practices to ensure compliance with industry regulations and internal More ❯

Delivery & Operations function. Our Service Delivery & Operations function operates in accordance with ITIL best practice and Group Global standards for Service Desk operation, Request Management, Change Management, Incident Management, Configuration Management, Problem management, Disaster Recovery, Site Management and Reporting. What will you be doing … the relationships between CIs and the services they support. Continuous improvement will also be required to document the existing process and identify improvements. Asset Management – Maintaining an accurate inventory of all IT Assets. Establish process documentation with defines the audit process to verify data accuracy. Working with disparate teams … to ensure compliance with existing IT Controls & Policies. Configuration Management –Defining the process for regularly auditing and maintaining the CMDB in its entirety. Support IT Service Management by providing accurate configuration data, which will supplement improvement actions. Lifecycle Management – Monitoring the lifecycle of IT Assets from acquisition More ❯

Disaster Recovery (DR), and Business Continuity (BC) planning activity, ensuring that alternate facilities are provisioned and ready in the event of a disaster. Threat Management – assist with threat assessment and work with business units in articulating impact and mitigations to reduce attack surface. Plan, schedule, conduct and report on … preventive actions identified are tracked to a satisfactory conclusion. Document and report enterprise risk and compliance issues according to required timelines. Assist with the management, planning & preparation of third-party external penetration testing. Assist in preparation and review of corrective action plans associated with penetration test/vulnerability management findings. Perform internal penetration testing to assess the security of web applications and infrastructure. Provide support and guidance to staff undertaking security awareness training. Track staff completion of training modules and manage license levels. Effectively respond to security incidents. Essential knowledge, skills and experience Demonstrable experience across More ❯

is ideal for someone who thrives on ensuring critical infrastructure stays secure, resilient, and ahead of the curve. You’ll lead key initiatives across vulnerability management, disaster recovery, SOC performance, and more, all while contributing to the broader cyber resilience goals of the business. Role responsibilities: Leading on … all things infrastructure security and resilience across cloud and on-prem environments. Managing a team of Security Analysts Owning and evolving the vulnerability management programme (Tenable experience a plus). Ensuring a robust obsolescence management roadmap aligned to IT budgets and strategy. Acting as a key escalation …/3rd-party alignment. What you need: Solid experience in Cyber Security and Infrastructure (especially working with SOC providers). Hands-on knowledge of vulnerability management tools (e.g. Tenable). Experience managing lifecycle and end-of-life processes across hardware/software/cloud. Proven track record leading More ❯

is ideal for someone who thrives on ensuring critical infrastructure stays secure, resilient, and ahead of the curve. You’ll lead key initiatives across vulnerability management, disaster recovery, SOC performance, and more, all while contributing to the broader cyber resilience goals of the business. Role responsibilities: Leading on … all things infrastructure security and resilience across cloud and on-prem environments. Managing a team of Security Analysts Owning and evolving the vulnerability management programme (Tenable experience a plus). Ensuring a robust obsolescence management roadmap aligned to IT budgets and strategy. Acting as a key escalation …/3rd-party alignment. What you need: Solid experience in Cyber Security and Infrastructure (especially working with SOC providers). Hands-on knowledge of vulnerability management tools (e.g. Tenable). Experience managing lifecycle and end-of-life processes across hardware/software/cloud. Proven track record leading More ❯

Global Application Cybersecurity team, ensuring standards and best practices are fully integrated into the Software Development Lifecycle. Within this role, you’ll lead on vulnerability management, promoting the adoption and execution of the global vulnerability management processes and controls. This includes: Inventorying of logical components and … dependencies of business solutions Proactively discovering vulnerabilities Coordinating the execution of scanning, pen testing, or in general the activities and services of vulnerability identification Vulnerability assessment Remediation and mitigation of vulnerabilities Solution verification Reporting Contributing to the evolution of the process for vulnerability management. Lead security assessments … of cybersecurity threats and associated attack techniques. Design knowledge: modelling of components, data, interfaces, etc. Threat analysis and modelling Knowledge of web application security Vulnerability discovery techniques and vulnerability lifecycle scanning and management. Knowledge of application security architecture: segmentation, API Gateway, Encryption, Privileged Account Management, WAF, publishing More ❯

with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security … security services and deploy new tools in support of the security roadmap. Must be capable of interacting effectively with various internal teams, peers, and management staff. Support the information security manager with creating information security metrics for the respective supported security products. This will be done monthly. Deploy new … processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams More ❯

with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security … security services and deploy new tools in support of the security roadmap. Must be capable of interacting effectively with various internal teams, peers, and management staff. Support the information security manager with creating information security metrics for the respective supported security products. This will be done monthly. Deploy new … processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams More ❯

with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security … security services and deploy new tools in support of the security roadmap. Must be capable of interacting effectively with various internal teams, peers, and management staff. Support the information security manager with creating information security metrics for the respective supported security products. This will be done monthly. Deploy new … processes, and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams More ❯

Job Purpose The Threat and Vulnerability Analyst supports and delivers the vulnerability management function. This role utilises tools and techniques to coordinate, categorise, and prepare remediation plans, presenting metrics and KPIs to senior stakeholders. It also involves analysing threat data to enrich vulnerability information and identify … emerging patterns. The role contributes to developing technologies, policies, and procedures to enhance the vulnerability management function. Main Duties and Responsibilities Monitor threat intelligence feeds for emerging trends and recommend mitigations. Manage vulnerability scanning, ensuring asset compliance. Develop and improve vulnerability policies and strategies. Operate technical … security infrastructure and ensure control effectiveness. Collaborate across teams to embed vulnerability technologies. Deliver threat reports and technical remediation plans as a subject matter expert. Coordinate with IT and stakeholders for vulnerability remediation based on risk assessments. Create metrics to visualise vulnerability and risk trends. Analyse complex More ❯

teams on security-related matters. Lead any Digital Forensics and investigation activities. Taking the lead role for Security Administration in M365 and Azure. Coordinating Vulnerability Management response across the IT Team to ensure remediations are put in place. The role may require occasional after-hours work to respond … or a related field. Hands-on skills with security tools and technologies such as firewalls, End Point Detection Response, SIEM (Security Information and Event Management) solutions, encryption and endpoint protection. Strong knowledge and capability in various domains of cybersecurity, such as network security, cloud security, application security, M365 security … threat intelligence, incident response, vulnerability management, change control, risk management and compliance. Proven track record in a plant environment (preferably offshore Oil and Gas) with excellent understanding of security requirements in both information technology and operational technology domains. Good project management and documentation skills. Ability to More ❯

teams on security-related matters. Lead any Digital Forensics and investigation activities. Taking the lead role for Security Administration in M365 and Azure. Coordinating Vulnerability Management response across the IT Team to ensure remediations are put in place. The role may require occasional after-hours work to respond … or a related field. Hands-on skills with security tools and technologies such as firewalls, End Point Detection Response, SIEM (Security Information and Event Management) solutions, encryption and endpoint protection. Strong knowledge and capability in various domains of cybersecurity, such as network security, cloud security, application security, M365 security … threat intelligence, incident response, vulnerability management, change control, risk management and compliance. Proven track record in a plant environment (preferably offshore Oil and Gas) with excellent understanding of security requirements in both information technology and operational technology domains. Good project management and documentation skills. Ability to More ❯

Security Analyst or Engineer A small Edinburgh Financial Services organisation is seeking an experienced Information Security Analyst or Engineer with a strong background in vulnerability management to join their team on an initial 6-month contract. The contract involves assessing vulnerability reports and collaborating with cross-functional … teams to ensure timely mitigation. Key knowledge and experience should include: Recent experience as a Security Analyst, Security Engineer, or Vulnerability Analyst with complex information security projects . In-depth knowledge of Information Security standards, technologies, and methodologies (e.g., ISO27001 ). Strong understanding of security best practices , risk management , and compliance . Focus on Vulnerability Management using SAST/DAST tools , especially Tenable . Familiarity with Azure DevOps for tracking work items. Ability to work independently and within agile teams. Excellent communication and stakeholder management skills. Formal certifications such as CISA, CISM , or ISO27001 Lead More ❯

cyber security projects, ensuring alignment with business and regulatory requirements. Coordinate cross-functional teams across infrastructure, cloud, and security domains. Oversee project planning, risk management, reporting, and stakeholder engagement. Ensure effective implementation of security controls and best practices across networks, cloud platforms, and infrastructure. Support vulnerability management and firewall/security configuration initiatives. Required Experience & Skills: Proven experience managing large-scale Cyber Security projects. Strong understanding of Networks, Vulnerability Management, Cloud Security, and Firewalls . Experience working in regulated environments, ideally financial services. Excellent communication and stakeholder management skills. Ability to work in More ❯

Red Snapper Recruitment are seeking a detail-oriented and experienced Cyber Incident Management (CIM) and Threat and Vulnerability Management (TVM) Governance Analyst to support a robust cybersecurity governance program. This role plays a key part in enhancing and maintaining the integrity of cybersecurity operations through effective data … support governance-related functions. Assist with distributing governance reports across organizational leadership and forums. What You Bring: Deep understanding of cyber incident response, patch management, and vulnerability assessment in large-scale environments. Strong problem-solving, analytical, and organizational skills. Ability to build strong working relationships in a global More ❯

Red Snapper Recruitment are seeking a detail-oriented and experienced Cyber Incident Management (CIM) and Threat and Vulnerability Management (TVM) Governance Analyst to support a robust cybersecurity governance program. This role plays a key part in enhancing and maintaining the integrity of cybersecurity operations through effective data … support governance-related functions. Assist with distributing governance reports across organizational leadership and forums. What You Bring: Deep understanding of cyber incident response, patch management, and vulnerability assessment in large-scale environments. Strong problem-solving, analytical, and organizational skills. Ability to build strong working relationships in a global More ❯

Red Snapper Recruitment are seeking a detail-oriented and experienced Cyber Incident Management (CIM) and Threat and Vulnerability Management (TVM) Governance Analyst to support a robust cybersecurity governance program. This role plays a key part in enhancing and maintaining the integrity of cybersecurity operations through effective data … support governance-related functions. Assist with distributing governance reports across organizational leadership and forums. What You Bring: Deep understanding of cyber incident response, patch management, and vulnerability assessment in large-scale environments. Strong problem-solving, analytical, and organizational skills. Ability to build strong working relationships in a global More ❯

will drive adoption of modern technology meeting HMRCs business driven need towards rationalised strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and/or services. Person specification Ideal candidate … security controls and services. Focused expertise to develop and lead within one or many security technology domains aligning capability to security tooling. Key stakeholder management experience across senior business and technical environments including vendors, partners and other government departments. Able to demonstrate a proven history of delivering high value … Innovation and Adoption: Research, validate, and adopt new technologies and methodologies, contributing to the organization's broader security technology strategy. Governance, Mentorship, and Stakeholder Management: Represent the organization at governance boards, provide peer reviews and mentoring, and build strong relationships with stakeholders across the civil service, departments, suppliers, vendors More ❯

sense of purpose behind it. You'd be joining a close knit but globally connected InfoSec function, with a specific focus on Attack Surface Management and Vulnerability Management . It's a hands on, technical role where you'll be responsible for leading the charge on identifying … covering everything from Mac and Linux, to Windows, Cloud, OT and Lab infrastructure. You'll be the go to person for running and improving vulnerability scanning architecture, working with tools like Qualys , CrowdStrike , and Splunk , and you'll collaborate across engineering and security teams to make real impact. You … to work with senior stakeholders and execs on making security decisions that matter. Ideally, you'll have: Strong experience across multiple InfoSec domains (vuln management, risk, incident response, etc.) A good understanding of modern security tooling; ideally hands on with Splunk, Qualys, CrowdStrike Knowledge of frameworks like NIST, ISO More ❯

sense of purpose behind it. You’d be joining a close knit but globally connected InfoSec function, with a specific focus on Attack Surface Management and Vulnerability Management . It’s a hands on, technical role where you’ll be responsible for leading the charge on identifying … covering everything from Mac and Linux, to Windows, Cloud, OT and Lab infrastructure. You’ll be the go to person for running and improving vulnerability scanning architecture, working with tools like Qualys , CrowdStrike , and Splunk , and you’ll collaborate across engineering and security teams to make real impact. You … to work with senior stakeholders and execs on making security decisions that matter. Ideally, you’ll have: Strong experience across multiple InfoSec domains (vuln management, risk, incident response, etc.) A good understanding of modern security tooling; ideally hands on with Splunk, Qualys, CrowdStrike Knowledge of frameworks like NIST, ISO More ❯

will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. … Job responsibilities Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations in Cloud environments Develop and maintain robust relationships, becoming a trusted partner with business technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared … goals Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills Experience or More ❯

Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and … s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why … on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security More ❯

to ensure secure architecture and cloud security measures . Provide security awareness training for employees and promote a strong security culture. Oversee vendor risk management , ensuring third-party services meet security requirements. Stay up to date with the latest security trends, emerging threats, and industry best practices. Required Skills … Experience: Proven experience in IT security, with at least 5+ years in a security leadership or management role. Strong understanding of network security principles, protocols, and technologies (firewalls, VPNs, IDS/IPS, NAC, etc.). Hands-on experience with security frameworks such as ISO 27001, NIST, CIS Controls. Proficiency … in SIEM tools, vulnerability management, and penetration testing techniques . Familiarity with cloud security models (AWS, Azure, GCP) and securing hybrid environments. Experience in security operations, threat intelligence, and forensic analysis . Knowledge of regulatory compliance requirements (GDPR, HIPAA, PCI-DSS, etc.). Strong analytical and problem-solving More ❯