1 to 25 of 34 Vulnerability Management Jobs in the City of London

Position Overview We are seeking a highly skilled Security Engineer with a specialized focus on vulnerability management to join our dynamic cybersecurity team. This role is pivotal in safeguarding our organisation’s digital assets by identifying, assessing, and remediating security vulnerabilities across our IT infrastructure. Key Responsibilities Assist with the deployment for orchestrating and automating vulnerability management workflows, prioritization, and remediation tracking. Assist with the vulnerability management lifecycle, from detection to remediation, ensuring robust protection against threats. Operate and optimise vulnerability management tools, to conduct comprehensive vulnerability assessments and generate actionable reports. Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Tenable and … Defender. Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security incidents. Maintain up-to-date knowledge of the latest vulnerabilities, exploits, and mitigation techniques, providing guidance and recommendations to IT and business stakeholders. Work closely with IT operations, development, and compliance teams to ensure timely remediation of identified More ❯

Vulnerability Management Architect 3 Month Contract Hybrid Our Retail client is looking for a Vulnerability Management Architect to lead the transformation of a large-scale enterprise's threat and vulnerability landscape. This role is focused on rebooting the organisation’s vulnerability management capabilities to deliver a more dynamic, risk-based view of threats … across cloud, hybrid, and on-prem environments. You’ll be responsible for designing and implementing a modern exposure management framework that enables real-time visibility, prioritisation, and remediation of vulnerabilities. Key Responsibilities Architect and lead the implementation of an enterprise-wide exposure management strategy. Identify and assess digital assets, attack surfaces, and potential vulnerabilities. Develop and apply exposure … to tailor risk reporting and remediation strategies. Maintain continuous monitoring and adapt to evolving environments (cloud, remote work, DevSecOps pipelines). What You’ll Bring Proven experience in Exposure Management , including: - Asset Identification - Attack Surface Mapping - Risk Assessment - Prioritisation & Remediation - Continuous Monitoring Strong understanding of exposure scoring systems (e.g., VPR, ACR, contextual risk). Hands-on experience with tools More ❯

recent experience of using Vulcan, to be considered for the role, you will need Vulcan and the following: Assist with the deployment of Vulcan Cyber for orchestrating and automating vulnerability management workflows, prioritisation, and remediation tracking. Assist with the vulnerability management lifecycle, from detection to remediation, ensuring robust protection against threats. Operate and optimise vulnerability management tools, including Vulcan Cyber, to conduct comprehensive vulnerability assessments and generate actionable reports. Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Vulcan Cyber, Tenable and Defender. Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security … business stakeholders. Work closely with IT operations, development, and compliance teams to ensure timely remediation of identified vulnerabilities and adherence to regulatory standards. Contribute to the continuous improvement of vulnerability management processes and integration with other security platforms. If this could be your next role, please forward your CV in the first instance. More ❯

Company description: We are seeking a dynamic and motivated Vulnerability Management Lead to join our rapidly growing program. The ideal candidate will blend cybersecurity expertise with technical analytical skills to support diverse operational needs. The Vulnerability Management Lead will play a crucial role in tracking and managing the identification, assessment, and remediation of security vuln click More ❯

You will lead and coordinate delivery of key initiatives across our Group Cyber Security Programme. This is a multi-region role, managing projects in areas such as endpoint protection, vulnerability management, IAM, network security, data protection, and cloud security. Key Responsibilities: Oversee and deliver cyber security projects, ensuring milestones, risks, budgets, and dependencies are tracked. Translate group cyber … documentation, RAID logs, and support audits and compliance activities. Skills & Experience: Proven experience managing complex cyber security projects in multi-region/federated organisations. Strong technical knowledge: endpoint protection, vulnerability management, IAM, network and cloud security. Experience coordinating stakeholders, vendors, and regional IT teams. Excellent project management, organisational, and communication skills. Familiarity with PRINCE2, PMP, or Agile More ❯

most inclusive employers in the UK. The Head of Information and Cyber Security will design, develop, and coordinate all aspects of the Information Security strategy, encompassing governance and risk management, incident response, and disaster recovery. The Head of Information and Cyber Security will manage a multitude of third-party partnerships from the SOC, to vulnerability management, to … s security strategy and roadmap, aligned to NIST. Oversee a small internal team (2 privacy/GDPR specialists). Manage all external 3rd party security contracts/relationships -SOC, vulnerability management, patching, and firewall operations. Oversee incident response, risk mitigation, and disaster recovery planning. Support delivery of Cyber Essentials Plus accreditation. Present cyber and data risks at risk … of technical principles (firewalls, phishing, vulnerabilities, routing, MFA, etc) - you can challenge, not necessarily configure. Knowledge of NIST and experience supporting Cyber Essentials Plus or similar certifications. Excellent stakeholder management and communication skills and comfortable presenting to execs, trustees, and end users alike. Leadership style that builds trust and collaboration, more about influence than command. Strategic mindset with patience More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

performing engineering group and suits someone who can own technical decisions, cut through noise, and build security controls that scale. You’ll work across Windows engineering, endpoint security, automation, vulnerability management and platform hardening. Expect a mix of hands-on engineering, advisory work, and proactive threat mitigation. The environment is fast-moving and technically demanding — you’ll be … the person the wider IT team turns to for sound judgement and clarity. What you’ll be doing Designing and implementing security controls across Windows platforms Driving vulnerability management initiatives and closing out remediation at scale Building automation around configuration, monitoring, and incident response Improving endpoint security: EDR, AV, patching, OS hardening Working with core infrastructure (AD/ More ❯

Engineer/DevOps Engineer with strong expertise in AWS, Terraform, Azure DevOps, and Apigee. The ideal candidate should have a solid background in cloud architecture, automation, and secure platform management, ensuring reliable and compliant deployments. This role involves developing, deploying, and maintaining scalable systems, managing upgrades, and applying robust security controls across CI/CD pipelines and infrastructure. Candidate … services using AWS ECS, ECR, and Fargate, ensuring scalable and secure microservice environments. Use Docker for containerizing applications and improving deployment consistency. Manage and secure Apigee or similar API Management platforms, ensuring API governance, performance optimization, and compliance. Ensure security and compliance best practices across the platform, including secure coding, dependency management, and vulnerability scanning. Implement and … libraries. Collaborate with security teams to align architecture with compliance standards. Prepare and maintain detailed documentation for builds, deployments, and updates. Required Skills Expertise in implementing secure coding and vulnerability management practices. Strong knowledge of API security, OAuth, JWT, and API Gateway policies. Experience in security audits, monitoring, and incident remediation. Familiarity with compliance frameworks (e.g., ISO, SOC More ❯

not limited to: Global EDR consolidation (Microsoft Defender) MFA rollout Implementation of a new SIEM platform Key Responsibilities Lead the delivery of cyber security projects such as endpoint protection, vulnerability management, identity & access management, and network security. Develop and manage project plans, milestones, risks, and budgets. Coordinate delivery across regional teams, ensuring consistency and practicality. Manage third … progress. Essential Skills & Experience Proven experience managing complex cyber security projects within multi-region or federated organisations. Strong technical understanding across key cyber domains within Microsoft environments. Excellent stakeholder management and communication skills. Familiarity with structured project management methodologies (e.g. PRINCE2, PMP, Agile). Relevant security certifications such as CISSP, CISM, CompTIA Security+, or AWS/Azure Security More ❯

and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. … and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment … platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Ability to analyse complex technical and security issues, identify root causes and implement More ❯

corporate IT environment, ensuring it is secure, reliable, and scalable as the company grows.This is a hands-on leadership role , combining responsibility for end-user computing, identity and access management, corporate networking, and cyber security operations . What You’ll Do Manage Humanoid’s corporate IT infrastructure, endpoints, office networks, connectivity, and productivity platforms (Google Workspace, Slack, Miro etc. … . Oversee endpoint lifecycle management, across sourcing, procurement, deployment, patching, and recovery. Maintain monitoring, alerting, and performance reporting for corporate systems. Lead vendor management for hardware, software, and managed services. Ensure operational standards for backup, configuration, and change management. Engineering team , who manage product infrastructure (AWS, CI/CD, robotics environments); ITSM Lead , who manages service process, management … maturity with business growth. We’re Looking For Manage Humanoid’s corporate IT infrastructure, endpoints, office networks, connectivity, and productivity platforms (Google Workspace, Slack, Miro etc.) Oversee endpoint lifecycle management, across sourcing, procurement, deployment, patching, and recovery. Maintain monitoring, alerting, and performance reporting for corporate systems. Lead vendor management for hardware, software, and managed services. Ensure operational standards More ❯

and security alerts for suspicious activity and potential security breaches. Incident Response: Act as a first responder to security incidents, investigating breaches, containing threats and helping to restore systems. Vulnerability Management: Conduct regular vulnerability assessments and penetration tests to identify weaknesses in systems and implement necessary improvements. Security Implementation: Improve Security measures. Data Protection & Compliance: Ensure that … Mindset: The ability to analyzs large amounts of data to identify anomalies and potential risks. Technical Proficiency: Knowledge of operating systems, firewalls, encryption, VPNs and security information and event management (SIEM) systems. Attention to Detail: Meticulous in reviewing data and systems to catch even minor security flaws. Strong Communication: Ability to clearly communicate findings and recommendations to both technical More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

SecOps Lead , you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. Key Responsibilities Serve as the primary contact for the MDR partner, managing the relationship, conducting service … plan (IRP) and playbooks in collaboration with the MDR provider. Translate technical security risks into actionable business recommendations for stakeholders at all levels. Contribute to broader cybersecurity initiatives , including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. More ❯

Exceptional written and verbal communication skills, with the ability to articulate complex technical findings and nuanced threat intelligence insights clearly and concisely to diverse audiences. Strong organizational and time management skills, with a proven ability to effectively manage and prioritize multiple concurrent engagements. Current CREST CTL certification or higher is essential. Desirable Skills: Experience with Breach Attack Simulation tools … and methodologies. Experience in Vulnerability Management processes and integrating threat intelligence. Understanding of Risk Management frameworks and how threat intelligence informs risk assessments. Hands-on experience with security reviews of AWS, Azure, and GCP environments, incorporating cloud-specific threats. Experience with ISO 27001 auditing/implementation, understanding the role of threat intelligence in compliance. Other advanced cybersecurity More ❯

through mentorship, training, and clear performance frameworks. Execution & Delivery: Translate business and product goals into clear engineering OKRs, milestones, and sprint objectives. Ensure timely delivery of features, technical debt management, and continuous improvement of development velocity. Implement effective engineering processes, agile practices, sprint planning, retrospectives, and release cycles. Collaborate with Product Management to balance feature delivery with technical … health, security, and infrastructure priorities. Manage vendor relationships and oversee outsourcing or partner engagements when needed. Security, Compliance & Reliability: Lead the adoption of secure coding standards , vulnerability management, and security-by-design practices. Ensure compliance with relevant frameworks (ISO 27001, SOC 2, GDPR). Drive observability, monitoring, and incident response strategies to ensure reliability and uptime. Work closely … time data processing (Kafka, Spark, GraphDBs, etc.). Familiarity with AI/ML integration , large-scale data architecture, and analytics platforms is a strong plus. Strong communication and stakeholder management skills, able to work with executive leadership and external partners. Proven ability to deliver high-impact features in a start-up or growth-stage environment. Bachelor’s or Master More ❯

architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge of More ❯

days in London per week* What You’ll Do Build the SecOps team from the ground up and manage/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection More ❯

services provider that offers a broad spectrum of capabilities across digital workplace, infrastructure, cloud/datacenter, and cybersecurity, with a focus on solutioning, service delivery, and end-to-end management for small to mid-size US clients. Below is a detailed, synthesized job-description-style profile for a Solution Consultant who could lead and own the practice for such … to SMB/MSP needs. Service delivery leadership: Define and enforce service delivery frameworks, SLAs, and operational playbooks; ensure seamless transition from presales to delivery; oversee service continuity, incident management, change control, and problem management. Platform and technology scope: Digital workplace services (end-user devices, collaboration tools, unified communications, remote/mobile workforce enablement); infrastructure and network (LAN/… WAN, SD-WAN, data-center design, virtualization, storage, backup); cloud and datacenter (IaaS/PaaS, public, private, hybrid architectures; migration and modernization); cybersecurity (identity, endpoints, network, identity & access management, threat detection, incident response); application support and managed services for critical business applications. Security and compliance: Build security-by-design into solution proposals; incorporate best practices for data protection, vulnerability More ❯

continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and … company professionally in meetings, while maintaining clear boundaries and ensuring discussions remain aligned with agreed project scope and priorities Experience with security tools and technologies such as SIEM (Splunk), vulnerability management (Tenable), and PAM Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST), as well as asset management and risk assessment solutions It would be More ❯

/S, SMTP), proxy servers, email gateways, firewalls, and routing devices. ISO 27001, NIST, CIS Controls, and ITIL. Languages such as (e.g., PowerShell, Python) for configuration and compliance checks. Vulnerability management tools and practices. (IAM) principles and technologies If you tick the boxes above, please send me your cv as a word or PDF, or message your cv More ❯

Skills & Experience Proven experience as a ServiceNow Architect , with strong hands-on delivery in SecOps and/or IRM modules . Deep understanding of security operations , incident response , and vulnerability management . Expertise in ServiceNow workflows , scripting , CMDB , Discovery , and system integrations (REST/SOAP, MID Server). Experience integrating ServiceNow with cybersecurity tools (e.g., SIEM, EDR, SOAR … . Strong stakeholder management and communication skills. Background supporting critical infrastructure , preferably within the energy or utilities sector . Knowledge of security frameworks and compliance mandates (e.g., NIST, ISO 27001, NIS2). ServiceNow SecOps certification (Certified Implementation Specialist – SecOps or equivalent). Desirable Skills Knowledge of OT/ICS security and industrial communication protocols (e.g., Modbus, DNP3, IEC More ❯

for deployment. Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management … SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript, API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) Platform expertise required: ServiceNow GRC & SecOps. More ❯

/Outsource Provider. My client are currently looking for an experienced Senior Security Operations Manager to own the continued development of their SecOps capability and develop new Threat and Vulnerability Management Capabilities. Strategy and Governance Define and execute the Security Operations strategy aligned with organizational goals Lead operational security maturity improvement initiatives and transformation programmes Manage outsourced SOC … of incident detection, response, containment, and recovery Build in-house incident response process for third-party operated platforms Build and report operational metrics Facilitate security testing Establish foundational threat management capability. Certifications such as CISSP, CISM, CRISC, are desirable but not essential. 10+ years working in a similar role Experience working in a global security function and working with More ❯