1 to 25 of 39 Vulnerability Management Jobs in the West Midlands

This role ensures the protection of our assets, systems, and data from internal and external threats, whilst driving continuous improvement in security controls. About the role: Support in the management of the Security Operations, establishing and delivering methods and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management. Maintain … are dealt with, investigating security breaches where necessary. Support monitoring on external security environment, gathering information on emerging threats to HS2 and presenting them to leaders where required. Plan vulnerability assessment and penetration testing activities within HS2 IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. Contribute to risk management initiatives … and see them through to completion. Threat Intelligence. Provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. Vulnerability Assessment. Identifying and classifying security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. Risk Management. Ability to identify IT security risks and the delivery of More ❯

and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll … IT And OT Environments. Strategic Contribution – Influence The Development Of New Controls And Support The Delivery Of Cadent’s Cyber Security Strategy. Cross-Team Collaboration – Partner With Threat Intelligence, Vulnerability Analysts, And Incident Responders To Enhance Our Defences. Continuous Improvement – Engineer Solutions For Unpatchable Vulnerabilities And Automate Detection And Response Processes. National Impact – Help Protect The Systems That Keep More ❯

following locations and follows hybrid working: Birmingham, Ipswich, Belfast What you’ll be doing Kubernetes DevOps/SysOps Engineering managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications. Implement best practices for Kubernetes configuration and security. Work with log Collection Tools and Technologies (Beats, Elastic Agent, Logstash), syslog and other data collection protocols. DevOps … other related fields. 3-5 years of experience in CI/CD engineering experience with a different skillset. Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls. Ideally from both a development and operational perspective. At BT, we entertain, educate, and empower millions of More ❯

in protecting systems, networks, and cloud environments. A proactive mindset with a drive to identify, own, and resolve security challenges end-to-end. Strong technical skills in threat detection, vulnerability management, identity and access control, and incident response. Familiarity with security tools such as SIEM, EDR, firewalls, and cloud security solutions. Knowledge of security frameworks like NIST, ISO More ❯

and checks to ensure security tooling is optimised Provide advice and support to business units on security best practice and control implementation Hands-on experience with security tooling (EDR, vulnerability scanning, access control) Familiarity with Security frameworks such as NIST, PCI-DSS, and GDPR Experience working with Microsoft environments (O365, Azure) Clear communicator, able to engage with both IT … role, and wants to take on broader responsibilities Has been the security point-person in an IT team, leading on patching or endpoint protection Has hands-on experience with vulnerability management tools like Tenable, and is ready to play a bigger role in shaping how security tools are implemented and optimised across the business. This is a chance More ❯

tooling is optimised Provide advice and support to business units on security best practice and control implementation What We’re Looking For Hands-on experience with security tooling (EDR, vulnerability scanning, access control) Familiarity with Security frameworks such as NIST, PCI-DSS, and GDPR Experience working with Microsoft environments (O365, Azure) Clear communicator, able to engage with both IT … role, and wants to take on broader responsibilities Has been the security point-person in an IT team, leading on patching or endpoint protection Has hands-on experience with vulnerability management tools like Tenable, and is ready to play a bigger role in shaping how security tools are implemented and optimised across the business. This is a chance More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security More ❯

clients across Private and Public Sector. Due to rapid growth in our Security Capability , we are looking for experienced Security Consultants to join our team. What is Cyber Risk Management? Cyber risk management ensures that organisations can anticipate, withstand, and recover from cyber incidents, aligning security efforts with business objectives, regulatory requirements, and industry best practices. It involves … As leading players in MOD’s cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders who share our vision that cyber risk management is driven by business requirements and a holistic view of security that can guide clients to secure solutions that support their business objectives. Why Join Us? Work on impactful … exercising of SOC staff based on industry best practice. Experience in business growth and bid development is desirable. What We’re Looking for: Experience in operating SIEM tools and vulnerability management software and being able to interpret and prioritise alerts, incidents and threat intelligence. Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security More ❯

all certification activities related to ISO 27001:2022. Ensure that any business changes, acquisitions, or transformations are accounted for within the scope of certification, through proactive risk identification and management with IT assets owners. Development and championing all Information Security Policies, Procedures and relevant standards, and produce supporting documentation and training material to ensure organizational compliance. Orchestrate continual improvement … and promote security best practices across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of Three Lines of Defence Model … and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we work in. • We're passionate about giving back to society, leaving the world a better More ❯

and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll … IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team Collaboration - Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement - Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact - Help protect the systems that keep More ❯

and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll … IT and OT environments. Strategic Contribution – Influence the development of new controls and support the delivery of Cadent’s cyber security strategy. Cross-Team Collaboration – Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement – Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact – Help protect the systems that keep More ❯

our organisation's data and IT infrastructure. This role focusses on the operational aspects of data protection - from technical risk assessments and secure system configuration reviews to incident response, vulnerability remediation tracking, and regulatory compliance audits. You will work closely with engineering, DevOps, and IT teams to embed privacy and information security controls into our technology stack. This is … a full-time position. Occasional after-hours work may be required to support incident response, high-priority vulnerability fixes, or audit activities. Develop and implement data protection governance: Design, implement, and enforce data protection and information security policies and procedures aligned with business objectives and regulatory requirements Support the development of strategies to mitigate and monitor data protection risks … a strategy to mitigate, manage, and monitor data protection risks and incidents Work collaboratively with other departments to ensure the alignment of security efforts with wider business objectives Risk management: Identify, assess, and document data protection risks across systems and processes Support administration of data protection systems and risk reporting. Provide advice and guidance to teams on how to More ❯

spend most of your time: • Supporting the implementation of the clients' cybersecurity strategies, policies, and procedures tailored to the specific needs of our organisation. • Conducting regular security assessments and vulnerability scans, to identify potential weaknesses and recommend appropriate remediation measures. • Monitoring and analysing security logs, events, and alerts to detect and respond to potential security incidents in a timely … promote a culture of security throughout the organisation. • Assist with compliance with relevant security frameworks, regulations, and standards, such as Cyber Essentials, CAF/Gov Assure and NCSC. • Support vulnerability management report and process • Assist with any other tasks/projects which need prioritising • Documenting of alerts and creation of playbooks Professional Skills Required: Proficiency with Microsoft Security … Technologies, such as Sentinel, Entra and Defender Proven experience designing, implementing, and maintaining security controls. Experience with security assessment tools, vulnerability scanning, and penetration testing methodologies. Understanding of current cybersecurity threats, attack vectors, and mitigation strategies. Ability to analyse and interpret security logs, events, and alerts to detect and respond to security incidents effectively. Familiarity with security frameworks and More ❯

the financial markets in which we operate. Already an industry-leader in many respects, we want to continue setting standards and evolving to respond to strategic changes.Global Enterprise Risk Management (ERM) is a sub function of Group Risk and Compliance. Its purpose is to make sure HSBC understands and effectively controls its non-financial risk position, through end-to … comply with risk, business and regulatory priorities. It seeks to strengthen the risk culture across the organisation through the application of effective policies and frameworks that drive consistent risk management practices across our businesses and functions at global, regional and market level.The role holder is responsible for overseeing the identification, assessment, and management of cyber security risks across … pension scheme with a generous employer contribution.In this role you will: Provide independent oversight and challenge to the prioritization of cyber security risks across the HSBC UK. Advise senior management, executives, and board-level committees on key cyber risks and emerging threats. Strengthen the partnership with HSBC Cybersecurity Technology. Ensure compliance with relevant cyber security frameworks, standards, and regulations More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

software, systems, services and toolsets such as E-mail Security, EDR, NAC, IT/OT Segmentation, 365 etc along with an understanding of malware prevention, emerging threats, attacks and vulnerability management. • Understanding of Information Security best practice for elements including workstations, servers, cloud, networking, architecture, common protocols and application security. • You have the ability to confidently perform security audits … both internal and external (e.g., third party and supplier assurance) and ensure recommendations are followed for continuous improvement. • You have strong Project Management skills - able to independently manage multiple projects, manage own workload, prioritise and meet tight deadlines. • Strong Incident Response Management skills including threat and vulnerability analysis. • The ability to communicate business and technical risk to … all levels of audience. • Understanding of IT Service Management principles ideally ITIL. What happens next? Ordinarily, our Resourcing Team reviews and shortlists CVs. If shortlisted, you'll speak to one of our Recruiters to discuss the role further. Our interview process usually consists of an initial teams interview followed by an in-person interview. We'll keep in touch More ❯

Development: Skills in HTML and CSS editing. Deliverables: Server Administration: Manage, optimize, monitor, and troubleshoot the Tableau Server 2024.2 platform on Windows Server 2022, ensuring uptime and performance. Security Management: Oversee server security, including patching, upgrades, penetration testing, vulnerability management, and authentication protocols like SSO (SAML and OAuth). User Support: Provide technical support and training to … and access issues. Collaboration & Integration: Work with BI teams on content promotion, system integration, and governance. Proactive Monitoring: Monitor server health, capacity, and resource utilization to maintain stability. Content Management: Maintain and update web portal content and help pages. IR35 Deloitte requires all Associates to contract under PAYE arrangements via an approved 'Employment Company' (umbrella company), prohibiting the use More ❯

write automations in Python, Java, or Typescript Ability to write secure-by-default Terraform for cloud deployments Solid understanding of cloud and application security principles Knowledge of network protocols, vulnerability management, and creation of Incident Response programs Willingness to learn and adapt to new security challenges and technologies Relevant certifications such as AWS Certified Security, GIAC GC*, ISC2 More ❯

the security stack, identify areas for improvement, and implement changes aligned with best practices. Monitor and address emerging threats, vulnerabilities, and security trends, ensuring timely implementation of countermeasures. Perform vulnerability assessments, threat analysis, and incident response. Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks. Work closely with partners in infrastructure, security operations … year experience with a background in another technical area such as helpdesk, systems administration, or development. Experience managing the security of endpoints to include endpoint protection, baselines, and vulnerability management. Previous experience implementing and/or managing DLP tools such as Microsoft Purview or DTEX. Experience working in a cloud environment with a distributed workforce. Strong written and verbal More ❯

the security stack, identify areas for improvement, and implement changes aligned with best practices. Monitor and address emerging threats, vulnerabilities, and security trends, ensuring timely implementation of countermeasures. Perform vulnerability assessments, threat analysis, and incident response. Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks. Work closely with partners in infrastructure, security operations … year experience with a background in another technical area such as helpdesk, systems administration, or development. Experience managing the security of endpoints to include endpoint protection, baselines, and vulnerability management. Previous experience implementing and/or managing DLP tools such as Microsoft Purview or DTEX. Experience working in a cloud environment with a distributed workforce. Strong written and verbal More ❯

ISC2, CISSP, GIAC, CISA, CISM) Responsibilities: Managed Engine Ops (Performance and Availability monitoring – Server, FW, Infra) Trellix – AV malware, SIEM, DLP, Native Encryption, EPO (E Policy enforcement) Tenable SC – Vulnerability management AXIOM – HRSM security (log inspection, Investigation) ARCON – Endpoint Privilege Management CISCO FNC – Firewall Management console Seniority Level: Mid-Senior level Employment Type: Full-time Job More ❯

Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline More ❯

col-narrow-right Job Views: 5 Posted: 16.06.2025 Expiry Date: 31.07.2025 col-wide Job Description: Who we are looking for An Information Security Analyst, who will work within our vulnerability management team, which focuses on the technical side, ensuring IT systems are operated in a secure manner. The Information Security department monitor our live operation, creating and reacting … to alerts and other anomalies identified through automated tools or manual analysis. The vulnerability management (VM) function covers two high-level areas, including owning the processes and schedules relating to the vulnerability scanning of all endpoints in the Business. You will review the results in terms of risk and impact assessment, additionally you will own the scheduling … of, and planning for specialist third-party vulnerability and penetration testing, in addition to the collation of reports. Liaising with parts of the Business, will aid your understanding of the risk profile then advice on options to resolve any issues identified. You will work closely with colleagues in the governance and compliance functions to ensure the Company meets its More ❯