1 to 25 of 57 Vulnerability Management Jobs in the Thames Valley

collaborate closely with internal teams to safeguard critical business operations by design and default. You will be responsible for security automation, CI/CD pipeline enhancements , and cloud security management , ensuring compliance with industry standards. Key Responsibilities Security & DevOps Integration: Support and extend the secured CI/CD pipeline to enhance development security. Work with development teams to optimize … infrastructure security. Maintain and secure AWS cloud infrastructure for clients and internal operations. Automate AWS infrastructure builds following CIS hardening standards . Ensure top-tier security configuration, access management, and incident response on cloud platforms. Operational Support & Incident Response: Support business-critical Windows and Linux-based environments. Monitor and respond to security alerts across Infosec, servers, firewalls, and applications. … Conduct continuous monitoring of internal and third-party information security controls. Threat & Vulnerability Management: Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans. Implement remediation and mitigation strategies in collaboration with development teams. Maintain network security protocols, firewalls, and threat management platforms . Compliance & Risk Management: Ensure compliance with ISO More ❯

future of our Managed Detection and Response capability, you will bring experience and knowledge in: Providing Managed Detection and Response as a Managed Services Provider Delivering effective Cyber Incident Management and Response Communicating effectively with technical specialists, leaders and peers Leadership and people management skills Strategic Problem solver and Motivator Demonstrable experience of managing 3rd Party Managed Services … Providers The Director Managed Detection and Response is responsible for working with the VP Group Operational Security and Director Threat and Vulnerability Management for developing the strategy and vision for Managed Detection and Response, and the execution of the responsibilities within the Proactive Analysis and Cyber Incident Management and Response functions. The Security Tooling team is a … ensure the tooling is in line with the overall Security Strategy. KEY ACCOUNTABILITIES This role is accountable for the key security operations areas, including but not limited to, Incident Management, Incident Response, Proactive Security Monitoring, Threat Hunting, Security Incident Analytics, Incident Trend Analysts and Reporting. This individual will manage the relationships with key partners across Liberty Global, Retained Markets More ❯

security systems/solutions aligned with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT Security in reviewing and evaluating new … the PMO to optimize existing security services and deploy new tools in support of the security roadmap. Must be capable of interacting effectively with various internal teams, peers, and management staff. Support the information security manager with creating information security metrics for the respective supported security products. This will be done monthly. Deploy new information security tools, services, processes … and procedures to support the information security roadmap. Support information security services including SIEM, MDR, endpoint technology, secure email gateway, cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams, etc. Qualifications & Experience: Bachelor’s degree; Preferred Management Information Systems More ❯

We’re looking for a Senior Cyber Threat Intelligence Analyst role to join us in Reading As part of the Global Security Threat & Vulnerability Management team, the Cyber Threat Intelligence team collects, processes, and analyses data to produce information an organisation can use to understand the threats that have, will, or are currently targeting our organisation. Threat Intelligence … who enjoys collaborative problem solving. Desirable: Experience of supporting security governance initiatives within a telecommunications organisation. Exposure to, and experience in, technical security disciplines (e.g. Security Architecture, Threat Intelligence, Vulnerability Management). Experience in researching new or emerging security requirements (e.g. new regulation or technology). CompTIA Security+. Achieved and willing to work towards - Certified Information Security Manager … Join Liberty Global and Shape Tomorrow’s Connections Today! Liberty Global is a dynamic team of veteran operators and investors committed to generating and delivering value through the strategic management of our three platforms: Liberty Telcom, Liberty Growth, and Liberty Services. We prioritize diversity, equity, and sustainability, using technology for good. If you're curious, resilient, and have a More ❯

enhance the Security Operations Center (SOC) , with one analyst reporting to you Oversee incident response , manage security incidents from detection to resolution Work closely with the compliance manager on vulnerability management Architect secure solutions, validate baseline configurations, and recommend improvements to stay compliant Collaborate with key stakeholders including Compliance and Infrastructure teams Required Experience: Microsoft security suite experience … Sentinel or similar Experience managing network security and firewalls Exposure to PenTesting methodologies or practices (desirable) Experience with NAC solutions like Cisco ISE , ForeScout , or similar Strong grasp of vulnerability management processes Desired Certifications Microsoft Security certifications (preferred) CISM or CISSP (beneficial, not essential) Apply now or reach out for a confidential chat- ngoren@mcgregor-boyall.com More ❯

best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. Preferred experience of working with wider Cyber Defence teams, including Intelligence, Vulnerability Management, Threat Hunting and Purple Teams Personal Attributes: Strong interpersonal, analytical, and problem-solving skills. Effective team player with excellent communication. Adaptable, detail-oriented, and proactive. Why Join More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability, we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability, we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability, we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability, we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability, we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft More ❯

regular travel to the Offices in Mechelen, Belgium and become the single point of contact for all Incident Response activities working with the local Telenet security team providing Incident Management coordination. What will you be doing? Incident Response & Threat Handling Technical Lead for Incidents: Act as the go-to expert during complex cyber incidents, guiding containment, eradication, and recovery … stakeholders are well-informed. Process Improvement: Maintain and enhance SOC playbooks, runbooks, and standard operating procedures (SOPs) while contributing to SOC maturity assessments. Technical Reporting: Provide regular technical and management reporting to demonstrate the effectiveness and value of the team’s work. We tend to look for people with: Extensive experience in managing, investigating, and responding to cyber incidents … with hands-on experience in a dynamic SOC or Incident Response role. Technical Expertise: Strong understanding of intrusion detection, forensic investigations, vulnerability management, and advanced security technologies (SIEM, IDS/IPS, EDR, and firewalls). Analytical Skills: Proficiency in analysing log sources and data normalization using platforms such as Splunk, Elastic, or similar. Frameworks & Methodologies: Deep knowledge of More ❯

Cybersecurity teams monitor both the internal and external threat environment, responding to security alerts and events in close to real time, as well as providing security assurance and access management services across the enterprise technology and business environment. Our global innovative Cyber Defence Operations team sits within GCIS and provides proactive, cutting-edge solutions to protect clients' digital assets … are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPI's and provide … assurance to our customers on the global operational security response process. About your role The successful candidate will be experienced in operational security incident management, including vulnerability management, understanding the value of rigorous planning, tested procedures and playbooks and quick response to critical security incidents. This is a critical role expected to develop and maintain our operational More ❯

appropriate security controls and process enhancements. Documentation & Reporting Maintain thorough and clear documentation of incidents and actions taken. Summarize complex technical issues for non-technical stakeholders and senior management. Vulnerability Management Manage vulnerability detection and remediation using tools such as Tenable, Nessus, and Microsoft Defender. Monitor and address security weaknesses in a timely and structured manner. Stakeholder … incident response framework. Support broader efforts to enhance the group’s overall security maturity. Technical Leadership Apply technical knowledge of tools such as Microsoft Defender, Sentinel, Azure 365, and vulnerability management platforms. Ensure security operations align with organizational goals and industry best practices. Required Skills & Qualifications Significant hands-on experience with incident response and vulnerability management. Strong More ❯

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. This role requires an understanding of TVM concepts, technologies … Tester Help support and develop an internal penetration testing function. Conduct network, application penetration testing, code and security reviews. Identify and exploit vulnerabilities through proof-of-concept testing. Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained. Responsible for supporting the creation of the operating model … for vulnerability management, that it is shared, agreed and operates effectively across the business. Develop and maintain penetration testing documentation, policies, and procedures. Integrate cybersecurity solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure. Evaluate and recommend technologies, tools, and vendors to meet business needs. Investigate newly identified cybersecurity vulnerabilities and provide appropriate mitigation actions. More ❯

SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements, including due diligence, contract oversight … in processes or documentation. Maintain the enterprise risk register, prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management, endpoint security (EDR/XDR), and cloud compliance. Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access … management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: Experience: 5+ years in GRC roles; financial services or banking experience is a strong plus. Understanding of GDPR, DORA, PCI DSS, and outsourcing/third-party risk requirements. Hands-on experience More ❯

/IPS, SIEM) to detect and analyze potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints …/IP telephony). Technical Skills: Hands-on experience with OSPF, BGP, STP, NAC, and IPT (Cisco). Proficiency in network monitoring tools, NDR, and SIEM systems. Knowledge of vulnerability assessment tools and patch management. Soft Skills: Ability to work under pressure and handle emergencies. Strong communication and collaboration skills. Working Conditions: Flexibility for after-hours/weekend support More ❯

these skills amongst the team whilst also acting as a technical escalation point. As such, the role requires a deep technical understanding of intrusion detection and analysis, incident response, vulnerability management, and infrastructure Driving forward the technical skill set of the team by developing threat hunting, adversary emulation, leading edge threat mitigation methodologies and security use cases. Understand … and understanding of co-ordinating cross-organisational responses to security incidents. In depth knowledge of technical security systems, security architecture, security technology, and associated penetration testing and Security Event Management methodologies. In-depth knowledge of Splunk queries, dash boarding, Use case creation and Enterprise Security. In depth knowledge of Cyber Security Methodologies including the Cyber Kill Chain, Mitre ATT … Netflow analysis. In depth understanding of IT systems and technologies ( e.g. Linux and Windows operating systems, E-Mail, Proxies, Endpoint Protection). Working knowledge of SIEM architecture, XDR and Vulnerability Management, Incident Response tooling such as Hive. Sandboxing technologies such as Cuckoo and Malware reverse engineering IE IDA Pro, ole debugger (both static and dynamic analysis required ), and More ❯

across our national fibre infrastructure Leading the implementation of Active Network Security tooling and frameworks Acting as a senior escalation point for complex network security incidents Enhancing risk and vulnerability management processes Collaborating with architecture and operations teams to embed security best practices Supporting forensic investigations and Tier 3/4 incident response What you'll bring to … of firewalls, IDS/IDP, SIEM, and other security technologies Excellent understanding of Layer 2/3 networking, including Ethernet, MPLS, and TCP/IP Experience with risk and vulnerability management frameworks Familiarity with security standards such as NIST, NCSC, or ISO27001 Diversity, Inclusion & Belonging We're a Times Top 50 Employer for Gender Equality. We're endorsed More ❯

in depth technical understanding. You will be expected to cover the initiation through to the design and implementation, across several of the skills and technologies below: Microsoft Sentinel Tenable Vulnerability Management (Or similar technology) Azure update Manager/Other Patching technologies Qualifications: Microsoft Security Certifications (eg SC200) Pen Testing/Related Certifications DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability … significant value to your application. Training and development in these technologies/solutions may be provided if required. Microsoft Intune (Focused on Security, not the full suite) Privileged Access Management (PAM) Tooling Cloud Email Security Solutions Certs KEY COMPETENCIES REQUIRED FOR ROLE In line with our company values every employee must be able to demonstrate the following qualities: Autonomy … Quality Focus – Concern for quality, being attentive to detail and willing to try to improve one’s own performance. Understanding and adherence to quality procedures. Decision Taking and Risk Management – Willingness to take difficult decisions and have confidence in your decision making and attitude to risk and impact. Respect Communication – Clarity and confidence in written and verbal communication. The More ❯

for consistent and repeatable cloud deployments. Build and maintain CI/CD pipelines with integrated DevSecOps tools to automate both application and infrastructure deployments. Integrate security capabilities such as vulnerability scanning, static code analysis, and secrets management into the development lifecycle. Work closely with development, architecture, and cybersecurity teams to ensure security and compliance are embedded into all … scale. Demonstrated experience in the banking or financial services industry, with a strong understanding of security and regulatory requirements. Strong knowledge of DevSecOps practices, including secure CI/CD, vulnerability management, and secrets management. Experience in container orchestration using AKS and containerisation with Docker. Familiarity with CI/CD tools such as Azure DevOps and GitHub Actions. Proficiency … in scripting languages (PowerShell, Python, Bash). In-depth understanding of cloud security, including identity and access management (Azure AD) and key management solutions. Experience with monitoring and logging tools such as Azure Monitor, Log Analytics, Prometheus, and Grafana. Relevant certifications (AZ-104, AZ-400, AZ-500, or Terraform Associate) are highly desirable. Experience working within hybrid or More ❯

Security Lead will be responsible for: Owning and leading the information security function, working collaboratively across all departments. Maintaining and evolving ISO 27001 certification and managing the Information Security Management System (ISMS) lifecycle. Performing regular risk assessments, developing and managing remediation plans, and conducting internal security audits. Ensuring compliance with data protection laws (e.g., GDPR) and addressing customer security … DevOps teams to implement security controls across cloud infrastructure (ideally AWS), including access control, encryption, and logging. Leading the incident response process and managing third-party penetration testing and vulnerability management activities. The ideal Information Security Lead will have experience with the following: 3-5 years of hands-on experience in an information security or IT risk/… solid understanding of cloud environments (AWS preferred) and common security risks associated with SaaS platforms. Hands-on knowledge of security tooling, including endpoint protection, SIEMs, DLP, identity and access management (IAM), and SSO. A clear understanding of data privacy laws, particularly GDPR. This is a unique opportunity to be the foundational Information Security leader within a well-funded and More ❯

Liberty Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining playbooks, assessing the Incident Response maturity, undertaking and assisting in table-top cyber-scenario exercises. You will provide Subject Matter support … to wider cyber related projects and support the continuous service improvement of cyber incident response and management and providing oversight of all incidents and working with Security Architecture on trends. The role focuses on stakeholder engagement and coordination and whilst we seek candidates with a strong Cyber Incident Management background, we are also looking for someone who has More ❯

write automations in Python, Java, or Typescript Ability to write secure-by-default Terraform for cloud deployments Solid understanding of cloud and application security principles Knowledge of network protocols, vulnerability management, and creation of Incident Response programs Willingness to learn and adapt to new security challenges and technologies Relevant certifications such as AWS Certified Security, GIAC GC*, ISC2 More ❯

working with global-based teams covering different time zones is beneficial. Exposure and experience with the following technology... Active Directory, Intune Policies, Exchange, and Office 365 Administration. Patching and vulnerability management, including certificate management. General understanding of traditional and cloud-based networking and associated infrastructure. ServiceNow Ticketing System. JIRA and Confluence. Architecture standards and best practices, e.g. TOGAF More ❯