20 of 20 Vulnerability Management Jobs in the Thames Valley

s ready to move into a Head of role, take ownership, and shape strategy while staying close to the tech. What you'll be doing: Owning implementation, consolidation, and vulnerability management across the group Leading a team (3 direct reports by year-end) - mentoring, developing, and embedding best practice Overseeing infrastructure, EUC, platform, cloud, and building security Partnering … with stakeholders across multiple business units to understand systems and improve visibility Driving improvements in security tooling, processes, and response Vulnerability management tools (e.g. Rapid7, Microsoft Defender suite) Core enterprise security toolsets Networking, cloud infrastructure, and EUC environments You'll have: Experience as a team lead or manager (formal or informal) with direct reports or leadership responsibility Strong … grounding in infrastructure and security - ideally having moved from networking/cloud into security Hands-on experience with vulnerability management tools and security platforms Why join? Progression: Step into a Head of role with mentoring from an experienced Group Infrastructure Director Influence: Work at a group level across multiple industries More ❯

leading Quarterly Security Reviews and presenting clear business-focused risk assessments. Own security governance processes, ensuring compliance with frameworks such as Cyber Essentials, ISO27001, and NIST . Oversee patching, vulnerability management, and internal infrastructure security. Collaborate across service delivery, project, and account management teams to embed security consistently. Mentor and develop Security Analysts, ensuring certifications and knowledge … for C-level stakeholders. The ideal candidate will have: 5+ years in IT security or MSP environments . Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience in vulnerability management, patch governance, and cloud security (M365/Azure). Excellent communication skills with the ability to influence both technical teams and business leaders. (Desirable) Certifications such as More ❯

expertise. What You'll Do Serve as the Cyber Security Subject Matter Expert, advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme, with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across … evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability More ❯

knowledge in: • Security standards and frameworks (MoD and HMG experiences helpful) • Cloud-based cyber security principles and architecture points • Boundary controls, network segmentation and access control • Identity and Access Management (including RBAC and A/PBAC, permissions management), ZTA • Cryptographic techniques and implementations • IT asset management and tracking • Vulnerability Management and Patching • SIEM principles, products More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

and IT teams, youll champion Continual Service Improvement (CSI), managing the incident and request process, and ensuring performance remains consistently high. Youll also play a key role in asset management, desktop incident prevention, and maintaining robust replacement cycles for hardware. As part of your responsibilities, youll coordinate our response to cyber incidents, oversee remediation and documentation, and deputise for … the Service Delivery Manager on change management and escalation processes. Youll also ensure that emerging risks identified through the service team are communicated effectively to our Security and Governance team. Youll bring operational, hands-on experience of managing and improving IT service portfolios, alongside strong technical knowledge of Windows Active Directory and Group Policy, Endpoint and Email Protection, Vulnerability Management, and Device Management using MS Intune and PatchMyPC. Youll also have a proven track record in developing and managing SLAs, KPIs, and SAPs. Our ideal candidate will Have experience in a customer facing IT Service role. Hold a recognised IT or IT Service certification such as ITIL, SDI, or equivalent. Have management experience of leading More ❯

procedures, templates, and standards Assist in the development and localisation of standard test scripts, ensuring they are tailored to specific control environments and aligned with the organisations Enterprise Risk Management Framework Conduct control testing activities to evaluate the design and operational effectiveness of cybersecurity controls, documenting results clearly and raising issues where appropriate. Ensure timely delivery of assigned control … this role, the essential criteria youll need is Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness Strong understanding of information security principles, cyber risk management, and control frameworks Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls Clear and professional verbal and written communication, including the ability to explain cybersecurity … with minimal supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy Strong understanding of Cybersecurity Domains including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography Additional skills and experiences would be great to have More ❯

templates, and standards. Assist in the development and localisation of standard test scripts, ensuring they are tailored to specific control environments and aligned with the organisation’s Enterprise Risk Management Framework. Conduct control testing activities to evaluate the design and operational effectiveness of cybersecurity controls, documenting results clearly and raising issues where appropriate. Ensure timely delivery of assigned control … role, the essential criteria you’ll need is Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness Strong understanding of information security principles, cyber risk management, and control frameworks Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls Clear and professional verbal and written communication, including the ability to explain cybersecurity … with minimal supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy Strong understanding of Cybersecurity Domains including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography Additional skills and experiences would be great to have More ❯

play a pivotal role in managing and optimising our technology environments across the development lifecycle. In this role, you will be responsible for overseeing the strategy, governance, and operational management of all our environments. You will work closely with Engineering Managers, Delivery Leads, Product Teams, and our partners to ensure environments are fit for purpose, secure, scalable, and aligned … across domains to support a clear route to live, working with our partners to deliver a consistent model across technology. Process Improvement: Continuously identify and implement improvements to environment management processes, tools, and documentation. Making our complex environment landscape simple to manage, control, and optimise. Environment Cost Optimisation: Monitor, forecast, and manage environment related costs across all stages of … delivery lifecycle. Align environment provisioning and scheduling with demand to ensure efficient resource utilisation, reduce waste, and support cost effective scaling across ERP, digital, and cloud native platforms. Security, vulnerability management, and compliance: Responsible for ensuring robust security practices across all environments, including proactive identification and remediation of vulnerabilities. Maintaining compliance to industry and audit requirements. Incident Management More ❯

background in delivery Security Assurance support, with the following skills and experience: Experience of producing Secure-By-Design assessments (Risk Assessment Papers, Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat More ❯

background in delivery Security Assurance support, with the following skills and experience: Experience of producing Secure-By-Design assessments (Risk Assessment Papers, Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat More ❯

for deployment. Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management … SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript, API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

team members Ensure accurate documentation and incident records Participate in team meetings and contribute to service improvements Use monitoring tools to track and resolve incidents Support compliance, patching, and vulnerability management Liaise with 3rd Line teams to drive service enhancements Deliver small project work to customer timelines What youll need Were looking for a team player with a More ❯

Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per More ❯

Hands-on experience with security tools (OWASP Zap, Trivy, Dependabot) in CI/CD Cloud security expertise in AWS and Azure Strong Scripting skills (Node.js, Python, Bash) Knowledge of vulnerability management and secure DevOps practices Nice to Have: IaC security knowledge Experience with defect tracking and automated testing frameworks Preferred Background: Bachelor's in Computer Science or related More ❯

Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per More ❯

Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per More ❯

building out something exciting, with a fantastic long term career path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO … NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans, implement corrective actions, and report on key risk indicators and control effectiveness. Drive continuous improvement of cybersecurity policies and practices, while fostering strong relationships to embed a risk … and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication and stakeholder management, including experience presenting risk insights to senior leadership and working across technical and business teams. Proven experience in cybersecurity disciplines, ideally 5-7 years in roles covering risk management More ❯

building out something exciting, with a fantastic long term career path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO … NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans, implement corrective actions, and report on key risk indicators and control effectiveness. Drive continuous improvement of cybersecurity policies and practices, while fostering strong relationships to embed a risk … and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication and stakeholder management, including experience presenting risk insights to senior leadership and working across technical and business teams. Proven experience in cybersecurity disciplines, ideally 5-7 years in roles covering risk management More ❯

posture across diverse business models-including third-party and franchisee environments. Responsibilities: Lead incident response across multiple regions and business units. Drive security gap analysis and remediation strategies. Manage vulnerability detection and resolution using tools like Tenable, Nessus, and Microsoft Defender. Collaborate with internal teams, external vendors, and franchisees. Develop and refine security documentation and executive reporting. Contribute to … the evolution of a standardized incident response framework. Requirements: Hands-on experience in incident response and vulnerability management. Strong technical skills in Azure 365, Microsoft Defender, Sentinel, Tenable, and Nessus. Ability to translate complex technical issues into clear, actionable insights. Excellent stakeholder engagement and communication skills. Experience in Microsoft-centric environments and distributed/franchisee models is a plus. More ❯