13 of 13 Vulnerability Management Jobs in the City of London

Vulnerability Management Oversight and Governance Analyst Banking Hybrid: 3 days onsite in London per week 6 months £487 per day In short: Due to a recent audit, we require a Vulnerability Management Analyst to assess our current processes and strategy and re-align, where necessary … meet regulatory requirements. Job purpose: Support the oversight, governance, and enhancement of vulnerability management activities within The Bank. Lead smaller-scale projects independently, analysing and developing frameworks and procedures, ensuring alignment with regulatory requirements and industry best practices. Analysing reporting on vulnerability management from third parties ...

improving the organisation’s security posture while ensuring ISO27001 compliance across the global executive office. This position offers exposure across security governance, risk management and technical security operations, working closely with the IT Manager, global security teams and managed service providers. Key responsibilities include supporting ISO27001 certification and audit … readiness, vendor risk assessments, DPIAs and broader information security governance, alongside operational activities such as vulnerability management, patching, access management, incident escalation and working with security technologies including firewalls and endpoint security tools. The ideal candidate will come from a technical security background such as SOC, vulnerability ...

prem environments Review and shape technical designs to ensure security patterns and principles are applied correctly Support and enhance core cyber processes including vulnerability management, incident response, monitoring, IAM, endpoint security and network protection Work closely with technology teams to embed security into change and project initiatives Assess … modern infrastructure Strong knowledge of security architecture principles and secure design patterns Experience with Azure, Microsoft Defender, M365 security tooling and firewalls Understanding of vulnerability management, incident response, endpoint protection and identity & access management Familiarity with frameworks such as NIST, ISO27001, OWASP, MITRE, CIS Benchmarks Experience operating ...

guardrails Influencing architectural decisions and representing cyber security in design and review forums Mentoring and guiding junior team members across SOC analysis and vulnerability management Providing expert oversight of cyber risk, vulnerability (including vulnerabilities in code), and security analytics Supporting incident response, including zero-day scenarios, alerting … Strong, hands-on AWS cloud security experience (designing, building, and securing environments) Background in security architecture and security engineering Deep understanding of cyber risk, vulnerability management, and cloud security best practice Experience mentoring or supporting junior security professionals Pragmatic mindset - able to balance security, delivery, and business needs ...

communicate with all levels of management. * Ability to build relationships and work cross-functionally with internal and external constituents. * Broad knowledge of risk management, vulnerability management, and third party risk. * ISO 27001 Lead Auditor and/or extensive experience in working with ISO 27001 and related standards. ...

services Strengthen M365 security : Defender for Endpoint/O365/Identity, Conditional Access, Identity Protection Improve detection rules, analytics, baselines and security automation Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence … fundamentals Microsoft Security Defender suite: Endpoint, O365, Identity Azure AD/Entra ID security Conditional Access, M365 identity protection signals M365 Secure Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP ...

feeds and translate emerging threats into actionable detection improvements Identify opportunities to streamline and automate incident response workflows across the security tooling stack Support vulnerability management activities, including identifying issues and assisting with remediation tracking Participate in technical incident response investigations when security events occur Maintain operational documentation ...

trusted security advisor. What you’ll be doing: Designing and implementing security solutions (firewalls, endpoint, cloud security) Leading incident response and remediation activities Conducting vulnerability assessments & penetration testing Implementing security monitoring, reporting & best practices Advising clients on Cyber Essentials, CE+, GDPR, ISO 27001 & NIST Working closely with clients … Firewall experience (Palo Alto, Fortinet) EDR/endpoint protection (Microsoft Defender, Sophos, Bitdefender) Network & cloud security knowledge (Azure, AWS, VPNs, VLANs, DNS) Incident response & vulnerability management experience Cyber Essentials/CE+ knowledge or certification Confident communicator, comfortable in client-facing scenarios What’s on offer: Hybrid & flexible working ...

policies across cloud environments and deployments. Cloud & Kubernetes Expertise: Harden and manage GCP environments and Kubernetes clusters, including IAM, network policies, and secrets management. Vulnerability Management: Automate detection, triage, and remediation of infrastructure and application vulnerabilities. Developer Enablement: Provide reusable templates and tooling to help teams deploy quickly ...

identity solutions). * Maintain the security, privacy, and resilience risk register. * Lead security architecture assurance aligned with CAF and NCSC guidance. * Oversee penetration testing, vulnerability management, and remediation activities. * Ensure value for money from cyber security tools and third-party services. * Manage third-party contracts to ensure security … infrastructure and/or software development including Saleforce. * Extensive experience designing and reviewing secure architectures for complex systems. * Strong experience in risk assessment, risk management, and intelligence-informed decision-making. * Proven ability to influence senior leaders and communicate complex security risks clearly. * Experience developing and implementing pragmatic security, privacy ...

identity solutions). * Maintain the security, privacy, and resilience risk register. * Lead security architecture assurance aligned with CAF and NCSC guidance. * Oversee penetration testing, vulnerability management, and remediation activities. * Ensure value for money from cyber security tools and third-party services. * Manage third-party contracts to ensure security … infrastructure and/or software development including Saleforce. * Extensive experience designing and reviewing secure architectures for complex systems. * Strong experience in risk assessment, risk management, and intelligence-informed decision-making. * Proven ability to influence senior leaders and communicate complex security risks clearly. * Experience developing and implementing pragmatic security, privacy ...

identity solutions). Maintain the security, privacy, and resilience risk register. Lead security architecture assurance aligned with CAF and NCSC guidance. Oversee penetration testing, vulnerability management, and remediation activities. Ensure value for money from cyber security tools and third-party services. Manage third-party contracts to ensure security … infrastructure and/or software development including Saleforce. Extensive experience designing and reviewing secure architectures for complex systems. Strong experience in risk assessment, risk management, and intelligence-informed decision-making. Proven ability to influence senior leaders and communicate complex security risks clearly. Experience developing and implementing pragmatic security, privacy ...

solutions , including access controls, encryption, network segmentation, and cloud-native technologies (e.g. containers). Support secure development practices through guidance, code review input, and vulnerability assessment. Assess risks across technology, processes, and people using frameworks such as ISO 27005 and NIST . Review third-party and cloud service provider … integrations to ensure appropriate technical and contractual security controls. Support incident response planning and vulnerability management. Define ITHC scope, coordinate penetration testing activities, and prepare pre-assessment documentation. ...