1 to 25 of 174 Vulnerability Management Jobs in the UK excluding London

Primary Details Time Type: Full time Worker Type: Employee Vulnerability Management Data Analyst Permanent London/Hybrid At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity As part of our continuous improvement and expansion of the vulnerability management function, we are seeking a highly motivated Vulnerability Management Data Analyst to join our Global Security Operations Centre. This permanent, hybrid role is based out of our London office and reports to the Threat & Vulnerability Manager. The successful candidate will play a key role in strengthening QBE’s cyber resilience by turning complex security data into … meaningful insights. This role will directly support the identification, prioritisation, remediation and reporting of vulnerabilities—helping QBE stay ahead of emerging threats. Your New Role As a Vulnerability Management Data Analyst, you’ll collaborate with teams across security engineering, vulnerability management, service management, cyber governance, risk and divisional consultancy to ensure data accuracy, develop dashboards More ❯

VP of Vulnerability Management Salary - £95-110k + 15-20% Bonus + Benefits Location – London (2-3 days in office per week) Newly created role with a major Financial Markets organization, looking to hire a VP level Vulnerability Management SME to build on and enhance their existing VM capabilities and eventually take ownership and stand … this up as its own core pillar across Information Security. First and foremost, they need someone who understands the technical elements of Vulnerability Management inside out, who can work with the wider SecOps and Infrastructure Engineering functions to respond to high-profile vulnerabilities and ensure all vulnerability management platforms are working at maximum capacity and all … patching runs smoothly; whilst also working with the wider business to ensure Vulnerability Management is incorporated into wider company strategies and acting as the Subject Matter Expert for all Vulnerability Management related queries. This is an incredibly opportunity to genuinely take ownership of their Vulnerability Management function as they look to significantly invest and More ❯

VP of Vulnerability Management Salary - £95-110k + 15-20% Bonus + Benefits Location – London (2-3 days in office per week) Newly created role with a major Financial Markets organization, looking to hire a VP level Vulnerability Management SME to build on and enhance their existing VM capabilities and eventually take ownership and stand … this up as its own core pillar across Information Security. First and foremost, they need someone who understands the technical elements of Vulnerability Management inside out, who can work with the wider SecOps and Infrastructure Engineering functions to respond to high-profile vulnerabilities and ensure all vulnerability management platforms are working at maximum capacity and all … patching runs smoothly; whilst also working with the wider business to ensure Vulnerability Management is incorporated into wider company strategies and acting as the Subject Matter Expert for all Vulnerability Management related queries. This is an incredibly opportunity to genuinely take ownership of their Vulnerability Management function as they look to significantly invest and More ❯

VP of Vulnerability Management Salary - £95-110k + 15-20% Bonus + Benefits Location – London (2-3 days in office per week) Newly created role with a major Financial Markets organization, looking to hire a VP level Vulnerability Management SME to build on and enhance their existing VM capabilities and eventually take ownership and stand … this up as its own core pillar across Information Security. First and foremost, they need someone who understands the technical elements of Vulnerability Management inside out, who can work with the wider SecOps and Infrastructure Engineering functions to respond to high-profile vulnerabilities and ensure all vulnerability management platforms are working at maximum capacity and all … patching runs smoothly; whilst also working with the wider business to ensure Vulnerability Management is incorporated into wider company strategies and acting as the Subject Matter Expert for all Vulnerability Management related queries. This is an incredibly opportunity to genuinely take ownership of their Vulnerability Management function as they look to significantly invest and More ❯

VULNERABILITY MANAGEMENT ANALYST Up to £70,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces … behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes & Schedules related to … Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include: Conducting Vulnerability More ❯

Vulnerability Management Engineer London/WFH to £75k Are you a tech savvy Vulnerability Management Engineer with a broad range of security knowledge? You could be progressing your career at a global, hugely profitable, Investment Management firm. As a Vulnerability Management Engineer you'll perform assessments and communicate findings to stakeholders on the … day a week. About you: You have experience in a similar position with knowledge of common cyber attack types such as DDoS, SQLi, XSS, etc. You have experience with vulnerability assessment software and prioritisation of results using a combination of various frameworks tied to internal objects (CVE, CVSS, EPSS, etc.). You have experience of assessing, documenting and communicating … AWS You have a background with network security or secure code development You're collaborative and pragmatic with great communication skills What's in it for you: As a Vulnerability Management Engineer you can expect to earn a competitive package: Salary to £75k Significant bonus Pension (15% employer contribution) Private Health, Dental and Optical care Life Assurance and More ❯

Vulnerability Management Engineer London/WFH to £75k Are you a tech savvy Vulnerability Management Engineer with a broad range of security knowledge? You could be progressing your career at a global, hugely profitable, Investment Management firm. As a Vulnerability Management Engineer you'll perform assessments and communicate findings to stakeholders on the … day a week. About you: You have experience in a similar position with knowledge of common cyber attack types such as DDoS, SQLi, XSS, etc. You have experience with vulnerability assessment software and prioritisation of results using a combination of various frameworks tied to internal objects (CVE, CVSS, EPSS, etc.). You have experience of assessing, documenting and communicating … AWS You have a background with network security or secure code development You're collaborative and pragmatic with great communication skills What's in it for you: As a Vulnerability Management Engineer you can expect to earn a competitive package: Salary to £75k Significant bonus Pension (15% employer contribution) Private Health, Dental and Optical care Life Assurance and More ❯

Are you passionate about protecting critical infrastructure and driving proactive security? We’re looking for an individual who’s ready to take ownership of our vulnerability management ecosystem and lead the charge in deploying and optimizing Tenable Nessus and Tenable SC platforms. This is more than a technical role, it’s a mission-critical opportunity to shape how … and want to make a real impact, this is your chance to be at the forefront of enterprise security. What you will be doing: Lead deployment, configuration, and lifecycle management of Tenable Nessus and Tenable.SC across varied environments. Design and execute vulnerability scanning strategies aligned with business priorities and risk appetite. Validate results, investigate anomalies, and coordinate remediation … with infra, network, hosting, and app teams. Maintain gold-standard documentation (guides, SOPs, user manuals). Build tailored dashboards and reports to drive visibility and informed decision-making. Embed vulnerability management into IT, security, and compliance workflows and planning. Provide training and mentorship to foster security awareness and technical excellence. Ensure practices meet Cyber Essentials Plus and ISO More ❯

assurance Electric Vehicle Scheme About the Role This is an exciting opportunity for a security professional who wants to make a real impact by leading and maturing an organisations vulnerability management programme. You will: Own and optimise the vulnerability management lifecycle using Tenable.io, Tenable.sc, and Nessus Perform and analyse vulnerability scans across on-premise, cloud … bring the expertise and confidence to influence both technical and strategic decisions. We are looking for someone with: At least 5 years experience in cybersecurity, with a focus on vulnerability management and threat analysis Proven hands-on experience with Tenable.io, Tenable.sc, and Nessus Strong understanding of operating systems, networking, cloud platforms and containers The ability to interpret CVEs More ❯

assurance Electric Vehicle Scheme About the Role This is an exciting opportunity for a security professional who wants to make a real impact by leading and maturing an organisations vulnerability management programme. Be one of the first applicants, read the complete overview of the role below, then send your application for consideration. You will: Own and optimise the … vulnerability management lifecycle using Tenable.io, Tenable.sc, and Nessus Perform and analyse vulnerability scans across on-premise, cloud, container, and hybrid environments Coordinate remediation efforts with technical and business stakeholders Integrate Tenable with wider platforms to enhance automation and reporting Deliver dashboards and reports that clearly communicate risk posture to both technical and executive audiences Stay ahead of … bring the expertise and confidence to influence both technical and strategic decisions. We are looking for someone with: At least 5 years experience in cybersecurity, with a focus on vulnerability management and threat analysis Proven hands-on experience with Tenable.io, Tenable.sc, and Nessus Strong understanding of operating systems, networking, cloud platforms and containers The ability to interpret CVEs More ❯

will act as a critical liaison between client stakeholders and internal operational teams, ensuring the delivery of world-class cyber security services. You'll drive incident response coordination, lead vulnerability management efforts, and ensure service excellence through strategic oversight and hands-on technical engagement. What You'll Be Doing Serve as the key point of contact and escalation … improvement initiatives. Support compliance with SLAs and ensure services meet contractual, operational, and quality standards. Lead service reviews and present performance reports to clients (weekly/monthly). Oversee vulnerability management efforts including scanning, prioritisation, risk communication, and remediation coordination. Ensure IDS/IPS systems are maintained and aligned with the latest threat intelligence. Work closely with the … Manager to identify process improvements and implement best practices. What You'll Bring 10+ years of experience in technical support for SOC or Cyber Security operations. 5+ years of vulnerability management experience, with demonstrable risk-based prioritisation skills. Proven leadership in high-pressure, crisis-response situations. Strong client relationship management and stakeholder engagement skills. In-depth understanding More ❯

Newcastle *Be the M365 Subject Matter Expert * IT Deployment Engineer/IT Infrastructure Engineer, providing 3rd line IT/M365 Application support with excellent M365, InTune, Azure, Modern Device Management & IT Security experience is required by a leading company in central Newcastle You will be the subject matter expert for Microsoft and M365, working on a range of 3rd … Active Directory, firewall, VPN, iOS, and networking protocols (TCP/IP, DNS, DHCP, SMTP). - Strong client-service approach with excellent communication and teamwork skills. - Strong IT Security, Endpoint management and Vulnerability management experience - PowerShell Scripting experience within Microsoft Applications - Ability to prioritise, manage workload, and multitask effectively. Role Responsibilities: - 3rd line support and implement Intune, M365 … maintenance). - Assist in managing Microsoft Exchange, Mimecast security, Teams, and Autopilot. - Develop onboarding processes and provide feedback for service improvements. - Define the company's IT Security policies, including vulnerability management - Admin of Endpoint management tools - Stay updated on Microsoft 365 tools and roadmap. - Conduct monitoring and analysis, including storage and usage reports. - Own problem management More ❯

Newcastle *Be the M365 Subject Matter Expert* IT Deployment Engineer/IT Infrastructure Engineer, providing 3rd line IT/M365 Application support with excellent M365, InTune, Azure, Modern Device Management & IT Security experience is required by a leading company in central Newcastle You will be the subject matter expert for Microsoft and M365, working on a range of 3rd … Active Directory, firewall, VPN, iOS, and networking protocols (TCP/IP, DNS, DHCP, SMTP). - Strong client-service approach with excellent communication and teamwork skills. - Strong IT Security, Endpoint management and Vulnerability management experience - PowerShell Scripting experience within Microsoft Applications - Ability to prioritise, manage workload, and multitask effectively. Role Responsibilities: - 3rd line support and implement Intune, M365 … maintenance). - Assist in managing Microsoft Exchange, Mimecast security, Teams, and Autopilot. - Develop onboarding processes and provide feedback for service improvements. - Define the company's IT Security policies, including vulnerability management - Admin of Endpoint management tools - Stay updated on Microsoft 365 tools and roadmap. - Conduct monitoring and analysis, including storage and usage reports. - Own problem management More ❯

Job Description - External Attack Surface Management Analyst () External Attack Surface Management Analyst - Job title: External Attack Surface Management Analyst Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa 45k dependant on skills and experience What you'll be … doing: Supporting the Senior Attack Surface Management Analyst in maintaining the Global Attack Surface Management service to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance Identifying and prioritising vulnerabilities across BAE Systems managed external assets as part of ongoing external attack surface management, coordinating remediation with … resolver teams Reviewing and validating vulnerabilities detected by SaaS-based scanning tools, confirming exploitability and severity to inform accurate remediation Supporting vulnerability management across cloud and SaaS environments, identifying risks and coordinating remediation to safeguard externally hosted services Proactively detects external-facing security gaps and misconfigurations, ensuring timely escalation to relevant resolver teams for remediation Your skills and More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements: Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity Experience and understanding of both the roles and interlock between enterprise & solution architecture Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives Experience working in large-scale IT transformation programmes Identity & Access Management: Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault Experience of developing secrets management patterns and championing designs through architecture governance forums Experience of designing or implementing Workload Identity Frameworks within large More ❯

run smoothly. What you'll be doing: Implementing and maintaining security controls across network, cloud, endpoints, and core infrastructure Owning key technologies like firewalls, SIEM, EDR, VPN, NAC, and vulnerability scanners Driving vulnerability management and hardening across the estate Supporting and responding to security incidents across infrastructure services Embedding security into infrastructure changes (firewall rules, access reviews … network security within a complex enterprise environment Solid knowledge of: Firewalls, VPN, IDS/IPS, network security controls Endpoint security (EDR, anti-malware, DLP) SIEM tools (e.g. Splunk, Sentinel) Vulnerability management (e.g. Qualys, Tenable) Cloud (Azure and/or AWS) Hands-on experience supporting or responding to security incidents Familiarity with frameworks such as ISO 27001, NIST, CIS More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯