11 of 11 Vulnerability Management Jobs in the City of London

improving the organisation’s security posture while ensuring ISO27001 compliance across the global executive office. This position offers exposure across security governance, risk management and technical security operations, working closely with the IT Manager, global security teams and managed service providers. Key responsibilities include supporting ISO27001 certification and audit … readiness, vendor risk assessments, DPIAs and broader information security governance, alongside operational activities such as vulnerability management, patching, access management, incident escalation and working with security technologies including firewalls and endpoint security tools. The ideal candidate will come from a technical security background such as SOC, vulnerability ...

prem environments Review and shape technical designs to ensure security patterns and principles are applied correctly Support and enhance core cyber processes including vulnerability management, incident response, monitoring, IAM, endpoint security and network protection Work closely with technology teams to embed security into change and project initiatives Assess … modern infrastructure Strong knowledge of security architecture principles and secure design patterns Experience with Azure, Microsoft Defender, M365 security tooling and firewalls Understanding of vulnerability management, incident response, endpoint protection and identity & access management Familiarity with frameworks such as NIST, ISO27001, OWASP, MITRE, CIS Benchmarks Experience operating ...

development and implementation of a forward‐thinking cyber security strategy, ensuring systems, data, and services are protected through robust controls, governance, and risk management practices. Working closely with senior stakeholders, you will act as the organisation’s subject matter expert on cyber security, providing clear, actionable advice on risks … ensure alignment with wider technology strategy Drive continuous improvement through security assessments, testing, and reporting Ensure effective incident detection, response, and recovery capabilities Lead vulnerability management and remediation across all technology environments Oversee third‐party security testing, including penetration testing and phishing simulations Promote a strong cyber‐security ...

guardrails Influencing architectural decisions and representing cyber security in design and review forums Mentoring and guiding junior team members across SOC analysis and vulnerability management Providing expert oversight of cyber risk, vulnerability (including vulnerabilities in code), and security analytics Supporting incident response, including zero‐day scenarios, alerting … Strong, hands‐on AWS cloud security experience (designing, building, and securing environments) Background in security architecture and security engineering Deep understanding of cyber risk, vulnerability management, and cloud security best practice Experience mentoring or supporting junior security professionals Pragmatic mindset - able to balance security, delivery, and business needs ...

communicate with all levels of management. * Ability to build relationships and work cross-functionally with internal and external constituents. * Broad knowledge of risk management, vulnerability management, and third party risk. * ISO 27001 Lead Auditor and/or extensive experience in working with ISO 27001 and related standards. ...

roles, policies, and access control models. Experience monitoring and responding to alerts from AWS security services. Familiarity with cloud security posture management and vulnerability management practices. Ideally you will have your AWS Certified Security – Specialty ...

Manager, you’ll assess the organisation’s current security estate and lead efforts to mature the function, focusing on improving processes, documentation, tooling, partner management and internal engagement. The environment is heavily Microsoft driven, leveraging the full Microsoft 365 E5 security stack, alongside tools such as Elastic and Qualys. … join a small but growing security function and report directly into the CISO. Key Responsibilities Oversight of SOC operations, including third party management, RFPs, and potential migrations Vulnerability management across cloud and SaaS environments Identifying, evaluating, and implementing new security tools and systems Driving process improvement ...

identity solutions). * Maintain the security, privacy, and resilience risk register. * Lead security architecture assurance aligned with CAF and NCSC guidance. * Oversee penetration testing, vulnerability management, and remediation activities. * Ensure value for money from cyber security tools and third-party services. * Manage third-party contracts to ensure security … infrastructure and/or software development including Saleforce. * Extensive experience designing and reviewing secure architectures for complex systems. * Strong experience in risk assessment, risk management, and intelligence-informed decision-making. * Proven ability to influence senior leaders and communicate complex security risks clearly. * Experience developing and implementing pragmatic security, privacy ...

identity solutions). Maintain the security, privacy, and resilience risk register. Lead security architecture assurance aligned with CAF and NCSC guidance. Oversee penetration testing, vulnerability management, and remediation activities. Ensure value for money from cyber security tools and third-party services. Manage third-party contracts to ensure security … infrastructure and/or software development including Saleforce. Extensive experience designing and reviewing secure architectures for complex systems. Strong experience in risk assessment, risk management, and intelligence-informed decision-making. Proven ability to influence senior leaders and communicate complex security risks clearly. Experience developing and implementing pragmatic security, privacy ...

processes and automation Confident communicating risk and recommendations clearly to stakeholders Tech stack experience CrowdStrike (EDR) Microsoft Defender Splunk or similar SIEM tools Qualys (vulnerability management ...

solutions , including access controls, encryption, network segmentation, and cloud-native technologies (e.g. containers). Support secure development practices through guidance, code review input, and vulnerability assessment. Assess risks across technology, processes, and people using frameworks such as ISO 27005 and NIST . Review third-party and cloud service provider … integrations to ensure appropriate technical and contractual security controls. Support incident response planning and vulnerability management. Define ITHC scope, coordinate penetration testing activities, and prepare pre-assessment documentation. ...