12 of 12 Vulnerability Management Jobs in the City of London

troubleshoot on-premise and cloud security services including: Firewall rules Web Application Firewall (WAF) configurations Web proxy settings IAM policies Security groups Support vulnerability management activities, technical audits, and the development of the Internal Control Framework (ICF). Promote security awareness and best practices across the wider business. … Collaborate with internal technical teams to share knowledge and improve security capabilities. Work with third-party security providers and project management teams on key initiatives. Provide occasional out-of-hours support for critical cyber security incidents or key security system outages. Ensure awareness of and compliance with relevant financial ...

testable RPG code in accordance with development standards Ensure all development adheres to secure coding principles and the Bank's IT Development and Risk Management frameworks Participate in Show and Tell sessions with stakeholders Troubleshoot, debug, and enhance existing applications Evaluate and improve legacy systems, including reprogramming and adding … hours support where required Ensure appropriate escalation of risks, incidents, and security concerns Security & Controls Focus Maintain and enhance system security through effective management of user profiles, authorities, and object-level security Implement and review adopted authority, authorization lists, and role-based access controls Ensure compliance with auditing ...

Infrastructure teams, playing a key role in defending a complex exchange environment against an evolving threat landscape. Key Responsibilities Operate and optimise security and vulnerability management platforms, including liaison with external SOC providers (SIX Group). Lead incident response, ensuring documentation and reporting aligns with DORA timelines; participate … hardening experience (production environment is Linux-based). Knowledge of Windows security & MDM frameworks. Experience with PKI and digital certificates (CA processes, lifecycle management). Deep understanding of network security (firewalls, IDS/IPS, packet analysis). Scripting skills in Python for automation and threat analysis. Strong AWS security ...

Engineer and Analyst while remaining technically active, coordinating complex security projects across a range of departments. You are the bridge between high-level risk management and technical execution, ensuring that security enables - rather than hinders - our global growth. Job Responsibilities Team Leadership & Orchestration Direct Management: Lead, mentor … roadmap for the Information Security Engineer and Analyst. Focus on career development and technical cross-skilling. Workflow Management: Act as the "Traffic Controller" for the team, using Kanban to prioritise high-value tasks and ensuring the team stays focused on meaningful risk reduction rather than just "noise." Cross-Functional ...

/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ISO 27001 readiness. Administer ...

expectations Drive consistent governance practices across all technology teams Cyber Security & Resilience Oversee cyber security remediation activities and control improvements Ensure effective monitoring, incident management, and response processes are in place Support disaster recovery, resilience, and business continuity readiness Track and drive resolution of security vulnerabilities and audit findings … Audit & Assurance Lead technology assurance activities including audits, internal reviews, and control testing Improve audit readiness through strong evidence management and documentation Act as the primary point of contact for technology risk, compliance, and audit matters Translate technical risks into clear business-level communication for senior stakeholders Continuous Improvement ...

optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.) Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows Support onboarding of log sources into SIEM, ensuring … commercial experience in SOC, SIEM, SOAR, or security engineering roles Strong hands-on experience with Splunk (essential) Solid understanding of SIEM architecture and log management principles Experience building integrations using APIs and scripting languages (e.g. Python, PowerShell) Knowledge of automation and orchestration within security operations Familiarity with security tooling ...

endpoints, supporting innovation while managing risk appropriately. Key Responsibilities Own and evolve the group cyber security strategy and control framework Lead cyber risk management, governance and assurance activities Oversee threat detection, vulnerability management and incident response Act as a mandatory assurance point for high-risk technology … leadership and the board Experience Required Senior experience in cyber security or information security leadership roles Strong background in governance, risk, compliance and incident management Experience in regulated, brand-sensitive or customer-trust-driven environments Ability to communicate cyber risk clearly to non-technical stakeholders Why This Role This ...

responsibility for security operations, risk, incident response, and overall security maturity across the business. Key Responsibilities Lead global IT and product security Own risk management, SOC, and incident response Drive security strategy, governance, and awareness Deliver key programmes (cloud, identity, vulnerability management) Engage at C-suite level ...

doing: Leading infrastructural improvements in security, recovery and automation Day-to-day support of the cleanroom environment, including incident, problem and change management Ensuring systems meet security and vulnerability management standards Working across compute, converged, storage, backup and archive environments Building and delivering cutting-edge, highly automated ...

focused role responsible for building pipeline, generating revenue, and winning new customers for cybersecurity services including VAPT, Red Teaming, Product Security, Threat Modelling, and Vulnerability Management. The ideal candidate will have experience selling cybersecurity services or technology solutions and be comfortable engaging with enterprise and mid-market customers across … Support RFPs, tenders, and customer due diligence requests Promote and sell services including: VAPT (Web, Mobile, API, Cloud, Infrastructure) Red Teaming/Adversary Simulation Vulnerability Management Threat Modelling Product Security/Secure SDLC Advisory Develop repeat business and cross-sell opportunities within customer accounts Maintain accurate CRM updates ...

development standards, secure coding guidelines, and threat-modelling practices. Providing practical, risk-based security guidance to engineering, product, and architecture teams. Working with our Vulnerability Lead to drive identification, triage, and prioritisation of application vulnerabilities. Establishing and tracking key AppSec metrics, including remediation timelines and tooling coverage. Building … 2+ years focused on AppSec. Experience leading, mentoring, or coaching engineers or security professionals. Hands-on experience with AppSec tooling (SAST, DAST, SCA, secrets management). Experience integrating security controls into CI/CD pipelines (eg, GitHub, AWS DevOps). Strong understanding of Agile, DevOps, and cloud-native architectures. ...