1 to 25 of 57 Vulnerability Management Jobs in the City of London

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months FirstBank UK is a globally recognised, top-tier bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business with over 10 million active customers in over 700 business locations is the … oldest African bank in the UK. Due to business requirements, we are now looking to acquire the services of an experienced Cyber Vulnerability Management Analyst Please note that this is a hybrid role with 3 days in the office and 2 days working from home. Key Responsibilities: In this fixed term contract role, you will be part of … the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very … Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems (CVSS/CMSS) Incident/Response & Forensic More ❯

To be successful in this role, you will wield a broad range of skills and deep understanding within Cloud network and security architecture (Azure), and excellent communication and stakeholder management skills. This role will see you taking ownership of for the delivery of security solutions within the group to support and enhance our security strategies. Please note this role … security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders … with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete More ❯

Summary Reporting to the Head of Information Security, the role will support the delivery of the Banks IT Security strategy through implementation of the Cyber security programme, configuration and management of cyber security solutions, and proactive collaboration with the Banks security operations functions. Key Work Outputs and Accountabilities Assist with the delivery of the Banks strategic Cyber Security roadmap … security related requests Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and … how IT Security tooling such as Firewalls, AV, Proxies and IDS/IPS operate Familiar with the Microsoft stack including desktops, servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and More ❯

To be successful in this role, you will wield a broad range of skills and deep understanding within Cloud network and security architecture (Azure), and excellent communication and stakeholder management skills. This role will see you taking ownership of for the delivery of security solutions within the group to support and enhance our security strategies. Please note this role … security technologies. Installing, configuring, updating, and monitoring security tools and software, such as antivirus, encryption, authentication, SIEM etc. Evaluate, research and manage emerging cyber security threats. Support the incident management process, through Root Cause Analysis. Responding to and resolving security incidents and events, such as malware infections, phishing attempts, denial-of-service attacks, data breaches, etc. Liaise with stakeholders … with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete More ❯

security threats across hybrid environments. Managing and enhancing security configurations for Windows VMs, SQL databases, and PaaS solutions like Logic Apps. Administering security tools, including firewalls, endpoint protection, and vulnerability management systems. Ensuring data security by managing encryption, access controls, and compliance requirements. Performing security assessments, audits, and penetration testing. Developing security automation processes for identity and access … management (IAM), network security, and patch management. Collaborating with stakeholders to ensure security best practices are integrated into new and existing solutions. Managing third parties delivering security, cloud, or infrastructure services. Keeping up to date with emerging threats and security trends, advising the organization on proactive measures. The Successful Applicant A successful Security Engineer should have: Strong experience with … Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems to adhere to security guidelines proactively and reactively. What's on Offer A More ❯

the Security Architecture & Advisory team to ensure the implementation of security processes aligns KPMG’s security frameworks, policies, standards, whilst collaborating with other security teams in areas such as vulnerability management, and incident management. In this delivery-focused Security Engineer role, you will have the exciting opportunity to manage multiple workstreams simultaneously. Your responsibilities will encompass supporting the … organization. What will you be doing? Develop, document, and maintain Platform security processes and plans per KPMG’s trust and verify framework. Support in the development/design and management of Product/Platform security processes and automated tooling that prevent security issues. Support on threat modelling exercises for our products. Perform security-focused code reviews. Support penetration testing … activities. Prioritise and oversee vulnerability remediation. Manage the implementation of logging and integration to the corporate SIEM for SOC monitoring. Lead Clara’s response to incidents and risks raised by the SOC. Champion and coach cloud security principles across our product engineering team. Manage escalations of security related issue, risk or exceptions, including audit actions Lead Clara’s relationships More ❯

implementation and maintenance of security policies including RBAC, NSGs, firewalls and conditional access Hoping to manage identity and access through Azure Active Directory and MS Entry ID Participating in vulnerability management and patching processes across cloud workloads Assisting in incident response efforts and root cause investigations Maintaining system and security documentation, diagrams and logs Collaborating with engineers to … plus) Experience in creating and managing VNETs, VM, App Service, Application Gateways, Firewalls and Custom RBAC roles in Azure Exposure to Azure Monitor, Log Analytics is advantageous Experience using vulnerability scanners (e.g. Defender for Endpoint, Qualys) is beneficial Basic understanding of GDPR, ISO27001, PCI DSS or other compliance is desirable Dynamic and personable nature with the desire for continuous More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with … with AI/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with … SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. Demonstrated experience delivering large-scale, cross-functional security projects. Excellent leadership, communication, and stakeholder management skills. Preferred Qualifications Experience in cybersecurity for SaaS or AI-native platforms. Familiarity with adversarial machine learning, model governance, or AI-specific threat models. Prior experience scaling security functions More ❯

security operations, drive compliance efforts, and strengthen our cloud and infrastructure defenses. As a Cyber Security Manager you will play a key role in managing security incidents, audits, and vulnerability programs, while mentoring junior team members and helping shape the future of cybersecurity at Skillcast. Key Responsibilities: - Coordinate SOC 2, ISO 27001, and Cyber Essentials audits – including documentation, evidence … management, gap analysis, and communication with auditors - Administer and enhance Azure Sentinel SIEM – including data source configuration, detection rule creation, incident triage, and reporting - Oversee vulnerability scanning, prioritisation, stakeholder coordination, and remediation tracking - Implement and manage security controls across Azure and Kubernetes environments, ensuring scalable and secure architecture - Work closely with DevOps to embed security in CI/… experience in cybersecurity and IT infrastructure roles - Hands-on experience with Azure, Kubernetes/Docker, and CI/CD security practices - Proficient in SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security More ❯

of company IT assets and A/V equipment. 🛡 Cyber Security & Compliance Help enforce and evolve best-practice security protocols (MFA, anti-virus, mail filtering, etc.). Participate in vulnerability management, incident response, and system audits. Maintain accurate documentation for assets, systems, and compliance records. Support initiatives aligned with PCI and GDPR requirements. 🚀 Project Delivery & System Upgrades Assist … device management. Knowledge of ERP systems (Microsoft Dynamics 365 Business Central is a bonus). Comfortable configuring, supporting, and documenting IT and AV hardware. Strong communication, documentation, and stakeholder management skills. Relevant Microsoft or security certifications are a plus (e.g. MS-100, SC-900, AZ-900). More ❯

at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT, Security+, CySA+, OSCP, AWS, GCP or Azure Security Certs, or similar Why Join? Be at More ❯

and logs to detect unusual activities or threats. Incident Response: Assist in the investigation and response to security incidents, such as malware infections, unauthorized access attempts, and data breaches. Vulnerability Management: Assist in conducting vulnerability assessments and penetration testing to identify potential system and network weaknesses. Work with senior team members to apply patches and updates to … meets required security and service levels, aligning with corporate objectives. Communicate IT systems and controls to other departments as appropriate. Collaborate closely with global teams where relevant, particularly regarding management of systems hosted at external sites or data centers. Maintain relevant IT support processes and procedures. Produce regular IT support management reports. Handle pressure and work effectively in More ❯

exciting opportunity for an experienced Cybersecurity Delivery Manager to lead large-scale security operations across global enterprise environments. Key Responsibilities: Manage delivery across cybersecurity domains such as Cloud Security, Vulnerability Management, Security Architecture, and Incident Response. Oversee service operations, issue resolution, SLA adherence, and client communications. Lead and mentor delivery teams, manage performance, and support training. Support service … program governance, and financial oversight. Requirements: Extensive IT experience, including cybersecurity delivery management. Strong understanding of IT security frameworks (ISO27002, NIST, ITIL, PCI DSS). Excellent stakeholder and team management skills. Must have: CISM, CISSP, CEH, or CompTIA CySA+ certification. Nice to have: ITIL V3/4 certification. Apply now to explore further. More ❯

will be responsible for technically leading and developing a team of Cyber Security experts. Building, maturing and providing Security services to multiple customers in multiple sectors. This is a management position but this person must also be able to lead from the front from a technical perspective. We need a “people manager” as well as someone who can drive … for 2024 and the whole business is excited about the value this person can add. You will provide insights and guidance to customers as a vCISO as well as vulnerability management, major incident response, and security monitoring improvements and be expected to demonstrate technical expertise in Audit, Assessments, Design, Implementation, Testing, Compliance and Reporting. Responsibilities Own the evolution … Security+, CISM, CEH, Microsoft Security (SC-200, AZ-500, MS-500). Technical knowledge and broad hands-on experience of working with security technologies such as the Microsoft stack, vulnerability management tools, SIEMs including Sentinel. Previous experience of delivering security projects Experience of overseeing and leading remediation of security assessments including Cyber Essentials, Cyber Essentials Plus, and NIST More ❯

SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence, contract oversight … Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management , endpoint security (EDR/XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: 5+ years More ❯

/IPS, SIEM) to detect and analyze potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints …/IP telephony). Technical Skills: Hands-on experience with OSPF, BGP, STP, NAC, and IPT (Cisco). Proficiency in network monitoring tools, NDR, and SIEM systems. Knowledge of vulnerability assessment tools and patch management. Soft Skills: Ability to work under pressure and handle emergencies. Strong communication and collaboration skills. Working Conditions: Flexibility for after-hours/weekend support More ❯

contact for all matters relating to Cybersecurity and requires a broad understanding of security controls and their effective implementation within corporate environments. The role will also require good relationship management skills across the assigned region/sub-region to enable business adoption. As a Director within the Regional Security Office (RSO) service you will be accountable for service delivery … The role with need to have effective relationships with senior leadership to support the delivery of the regional/sub-regional business goals and operate an effective security risk management regime against an agreed security risk mitigation strategy. As the trusted security lead, the role will present to local leaders, regulators and clients as needed. Prior experience of regulatory … management is required. This is a highly visible role within Aon to be able to embed effective security controls at scale within the firm. We are looking for you to bring new ideas and a commitment toward continual learning. You will stay actively engaged with business leaders, IT executives and external clients. The role requires gravitas and an ability More ❯

integration, automation, and a mobile-first strategy across a global footprint. Key Responsibilities Platform Ownership & Strategy Act as the primary owner for the Azure cloud environment, including governance, cost management, architecture, and operations. Develop and maintain a scalable, secure, and resilient cloud platform aligned with the firm’s digital transformation goals. Drive and implement the roadmap for infrastructure upgrades … regardless of time of day is an essential. Lead by example, setting clear expectations and holding individuals and teams accountable for high performance and ethical conduct. Provide direct line management of individuals where appropriate, ensuring clear direction, regular development conversations, and alignment with team and business goals. Operational Management Take full ownership of day-to-day BAU operations … ensuring the cloud platform’s performance, reliability, security, and compliance. This includes patch management across all infrastructure services, as well as ensuring regular reporting is carried out for patch compliance and vulnerability management. Beyond operational stability, the role demands a continuous improvement mindset - proactively evaluating the platform and driving enhancements to optimise efficiency, resilience, and user experience. Manage More ❯

of required Metrics at committees and forums, as well as representing the team where required. Critical Work Support the ongoing and periodic regulatory and compliance responses and engagements Audit management and coordination Issue remediation oversight and closure validation Responding to customer RFIs using standardised formats and frameworks Quality assurance on library of responses required for customer RFIs etc. Impact … operating centres – UK, Europe, US & Asia Cyber security qualification e.g. CISMP/Apprenticeship (desirable) Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud … security. IT and cybersecurity policies and standards Operational risk frameworks Regulatory compliance Operational Resilience Good understanding of data protection controls Financial Services sector experience Technology & Cyber Security Leadership And Management Experience Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives. Personal Skills And Capabilities Critical thinking Objective analysis of More ❯