1 to 25 of 65 Vulnerability Management Jobs in the South East

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. This role requires an understanding of TVM concepts, technologies … Tester Help support and develop an internal penetration testing function. Conduct network, application penetration testing, code and security reviews. Identify and exploit vulnerabilities through proof-of-concept testing. Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained. Responsible for supporting the creation of the operating model … for vulnerability management, that it is shared, agreed and operates effectively across the business. Develop and maintain penetration testing documentation, policies, and procedures. Integrate cybersecurity solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure. Evaluate and recommend technologies, tools, and vendors to meet business needs. Investigate newly identified cybersecurity vulnerabilities and provide appropriate mitigation actions. More ❯

including the implementation and full ownership of Splunk Enterprise Security, coverage of L3 & L4 incidents in collaboration with the security team, Defender for Endpoint security, Mimecast email security and vulnerability management via Nessus, to name a few.Collaboration is key within this position, and you’ll regularly correspond with stakeholders, technical teams, non-technical teams and other businesses within … with occasional travel to the office on an ad-hoc basis. What will you do as a Senior Security Engineer? Take over the full lifecycle of Splunk Enterprise Security management, followed by the ownership of the SIEM once implemented Onboard Splunk log sources, proactively support Splunk, liaise with stakeholders and improve efficiency Partner with the new MSSP as the … business transitions – Covering SOC duties on an ad-hoc basis until the move has been completed Maintain Nessus vulnerability management, update systems, run scans and provide reports Cover email security using Mimecast Enterprise Real world threat modelling and incident response (mainly L3/L4 when required) Make suggestions and influence various areas of the business/group from More ❯

and enhance the operations of a high-performing Security Operations Centre (SOC). This is a leadership role at the sharp end of service delivery - managing complex security incidents, vulnerability management programmes, and client relationships across enterprise environments. What you'll be doing: Acting as the key liaison between the client and operational delivery teams Leading on incident … escalation and coordination with SOC and IR teams Managing post-incident investigations and reporting Supporting and driving improvements to vulnerability management workflows Overseeing IDS/IPS updates, firewall security, and policy alignment Running regular service reviews and ensuring SLA/KPI performance Collaborating with senior delivery leadership on best practice and optimisation What we're looking for: 10+ … years of experience in a SOC or technical security operations environment Proven track record in vulnerability management and incident response Strong understanding of IDS, IPS, and endpoint protection technologies Excellent stakeholder management and communication skills Ability to lead and coordinate teams through critical incidents UK SC clearance (or eligibility to obtain it) Relevant security certifications (e.g. CISSP More ❯

s ready to move into a Head of role, take ownership, and shape strategy while staying close to the tech. What you'll be doing: Owning implementation, consolidation, and vulnerability management across the group Leading a team (3 direct reports by year-end) — mentoring, developing, and embedding best practice Overseeing infrastructure, EUC, platform, cloud, and building security Partnering … with stakeholders across multiple business units to understand systems and improve visibility Driving improvements in security tooling, processes, and response Vulnerability management tools (e.g. Rapid7, Microsoft Defender suite) Core enterprise security toolsets Networking, cloud infrastructure, and EUC environments You'll have: Experience as a team lead or manager (formal or informal) with direct reports or leadership responsibility Strong … grounding in infrastructure and security — ideally having moved from networking/cloud into security Hands-on experience with vulnerability management tools and security platforms Why join? Progression: Step into a Head of role with mentoring from an experienced Group Infrastructure Director Influence: Work at a group level across multiple industries More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

the nature of the on call, you must hold a valid drivers licence with reasonable means to a vehicle. What will you be doing? Youll have day to day management of the OSS suite of services and underlying infrastructure as part of a 2nd Line team. Youll be proactive and Reactive within Incident Management Youll have user Access … Management & Vulnerability Management System Governance to ensure the effective operation of the services Providing Out of Hours Support via an On-Call Rota. What youll bring Youll bring experiencewith supporting OSS applications from a 2nd and 3rd Line level Youll have the experience of working with developers/vendors implementing fixes or improvements to systems Experience of More ❯

the nature of the on call, you must hold a valid drivers licence with reasonable means to a vehicle. What will you be doing? Youll have day to day management of the OSS suite of services and underlying infrastructure as part of a 2nd Line team. Youll be proactive and Reactive within Incident Management Youll have user Access … Management & Vulnerability Management System Governance to ensure the effective operation of the services Providing Out of Hours Support via an On-Call Rota. What youll bring Youll bring experiencewith supporting OSS applications from a 2nd and 3rd Line level Youll have the experience of working with developers/vendors implementing fixes or improvements to systems Experience of More ❯

the nature of the on call, you must hold a valid drivers licence with reasonable means to a vehicle. What will you be doing? Youll have day to day management of the OSS suite of services and underlying infrastructure as part of a 2nd Line team. Youll be proactive and Reactive within Incident Management Youll have user Access … Management & Vulnerability Management System Governance to ensure the effective operation of the services Providing Out of Hours Support via an On-Call Rota. What youll bring Youll bring experiencewith supporting OSS applications from a 2nd and 3rd Line level Youll have the experience of working with developers/vendors implementing fixes or improvements to systems Experience of More ❯

cyber security into business operations Work across a range of industries and environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in … Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall methodologies Team leadership across on-site and remote teams Strong client stakeholder engagement from technical teams to board More ❯

cyber security into business operations Work across a range of industries and environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in … Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall methodologies Team leadership across on-site and remote teams Strong client stakeholder engagement from technical teams to board More ❯

expertise. What You'll Do Serve as the Cyber Security Subject Matter Expert, advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme, with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across … evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability More ❯

by Three and its partners, ensuring that effective governance and technical assurance can be performed. Maintain and improve the use of artefact templates. Ensure that there is effective capacity management and planning in place for the security services and solutions assigned to you and ensure that the solution is incorporated into the 18-month technical and budget roadmap for … capacity expansion and service improvement. Support the Programme and Project Manager in project planning, risk and issue management and the budgeting process. Our people make us who we are. We're a diverse and inclusive bunch, and it's important you can feel you belong here. We value everybody for who they are and what they bring to the … exploit these vulnerabilities Experience in one or more of the following technical domains: Cloud/Hybrid security, Infrastructure and data centre security, Network security, Application security, Identity and access management, Vulnerability Management Expertise in defining and then governing the delivery of security contractual/business outcomes and know how to influence/negotiate technical outcomes with 3rd More ❯

automation and tooling, working with Security Operations to monitor and analyse network traffic for malicious activity or potential breaches. Additionally, this role implements network access controls, enforces robust patch management for network devices, and works with network security partners to identify network vulnerabilities, planning and implementing upgrades to ensure the highest standards of network security. This role is required … Service and Portfolio Requests i.e. Meraki configuration and firewall changes. On Call Rota: Participate in on-call rota and occasionally work out of regular business hours to facilitate change management and incident resolution. Secure Network Configurations: Establish and maintain secure network configurations including Cisco Meraki and Palo Alto firewalls, routers, switches, and VPNs. Firewall and Access Review: Periodically review … monitor and analyse network traffic for malicious activity or potential breaches. Access Controls: Implement network access controls to ensure only authorised users and devices can access specific network segments. Vulnerability and Patch Management: Identify and manage the remediation of network vulnerabilities and upgrades to ensure the highest standards of network security. This includes vulnerability management of More ❯

networks, and SaaS products. This is a hands-on, high-impact role in a collaborative, cross-functional environment. Key Responsibilities: Security Tooling: Deploy, maintain, integrate, and configure security tools. Vulnerability Management: Conduct security assessments, penetration testing, and vulnerability scans. Incident Response: Lead investigations, mitigate breaches, and maintain response plans. Security Operations: Monitor logs, investigate incidents, and enhance … security posture. Identity & Access Management: Oversee access controls, authentication, and identity systems. About You 5+ years' experience in information security engineering & operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies (AWS, Azure, GCP). Strong understanding of frameworks such as PCI, NIST, and ISO 27001. Hands-on experience with SIEM, IDS/IPS, endpoint protection, and More ❯

ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture … Head of InfoSec when required Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews Tech & tools you’ll use: Protecht – Enterprise risk and audit management Panorays – Third-party risk tooling Rapid7/Armis – Vulnerability management and threat detection Proofpoint – Phishing and awareness platform Microsoft Purview – Data governance and compliance Azure & AWS – Cloud More ❯

ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture … Head of InfoSec when required Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews Tech & tools you’ll use: Protecht – Enterprise risk and audit management Panorays – Third-party risk tooling Rapid7/Armis – Vulnerability management and threat detection Proofpoint – Phishing and awareness platform Microsoft Purview – Data governance and compliance Azure & AWS – Cloud More ❯

ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture … Head of InfoSec when required Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews Tech & tools you’ll use: Protecht – Enterprise risk and audit management Panorays – Third-party risk tooling Rapid7/Armis – Vulnerability management and threat detection Proofpoint – Phishing and awareness platform Microsoft Purview – Data governance and compliance Azure & AWS – Cloud More ❯

within the organisation as well as to our customers. Classified Networks Deputy is a role which falls within the Security function and responsibilities range from project work, change control management, risk assessment, vulnerability governance, incident review, penetration testing and compliance activities. As part of the Information Security team, the successful candidate will enable best practice and adherence to … Vetting clearance. What you'll be doing: Classified Network security contact, primary point of enquiry and guidance. Helpdesk requests within defined SLA's, e.g. change requests, risk assessments, security management plans, code of connection. Security incident review in conjunction with Information Security Operations, effectively prioritise and escalate incidents, including process violations, virus alerts, SOC tickets and other threat intelligence. … and/or Contractors to ensure all vulnerabilities of new products and services are properly addressed using appropriate GRC techniques. Classified Network Auditing and Compliance reviews including penetration testing. Vulnerability management (patching, COTS & OS) assessments together with remediation instruction. Promote the Information Security requirements and regimes within the Company and work to improve security outcomes. Assist in activities More ❯

respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security of network infrastructure and data.- Manage risk assessments and vulnerability assessments to identify potential security threats.- Oversee the implementation of security measures such as firewalls, intrusion detection systems, and data encryption technologies.- Provide training and guidance to staff on … Qualifications:**- Bachelor's degree in Information Security, Computer Science, or a related field.- Professional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor.- Proven experience in information security management and conducting security audits.- Strong knowledge of information security frameworks and standards.- Excellent analytical and problem-solving skills.- Strong communication and interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance … MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional;CCNA/CCNP Experience with security tools and technologies such as intrusion detection systems, SIEM, and vulnerability management tools. Familiarity with regulatory requirements and industry standards related to IT security. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business More ❯

Contract Northwood, United Kingdom NATO Project) We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS). What You ll Do Conduct vulnerability scanning using tools such as Tenable … teams Ensure systems meet NATO operational and cybersecurity requirements Deploy occasionally in support of NATO operations (fitness and readiness required) What We re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as More ❯

Contract – [Northwood, United Kingdom] – NATO Project) We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS). What You’ll Do Conduct vulnerability scanning using tools such as Tenable … teams Ensure systems meet NATO operational and cybersecurity requirements Deploy occasionally in support of NATO operations (fitness and readiness required) What We’re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as More ❯

Contract – [Northwood, United Kingdom] – NATO Project) We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS). What You’ll Do Conduct vulnerability scanning using tools such as Tenable … teams Ensure systems meet NATO operational and cybersecurity requirements Deploy occasionally in support of NATO operations (fitness and readiness required) What We’re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as More ❯

cryptography, and infrastructure hardening. Partner with IT, digital, and business change teams to ensure secure-by-design principles are embedded across all projects. Perform and oversee penetration testing and vulnerability management , driving remediation and risk reduction. Support incident response, disaster recovery, and business continuity planning. Develop and maintain security documentation, standards, and playbooks . Contribute to strategic security … technical knowledge of: Microsoft 365 Security, Windows, and Active Directory Cloud platforms (Azure, AWS, or GCP) and associated security tooling Security testing tools (SAST, DAST, SCA, SIEM, endpoint detection, vulnerability scanners) Proven experience delivering secure project outcomes across digital transformation programmes. Ability to analyse and communicate complex security issues to both technical and non-technical stakeholders. Relevant certifications (desirable More ❯

cryptography, and infrastructure hardening. Partner with IT, digital, and business change teams to ensure secure-by-design principles are embedded across all projects. Perform and oversee penetration testing and vulnerability management , driving remediation and risk reduction. Support incident response, disaster recovery, and business continuity planning. Develop and maintain security documentation, standards, and playbooks . Contribute to strategic security … technical knowledge of: Microsoft 365 Security, Windows, and Active Directory Cloud platforms (Azure, AWS, or GCP) and associated security tooling Security testing tools (SAST, DAST, SCA, SIEM, endpoint detection, vulnerability scanners) Proven experience delivering secure project outcomes across digital transformation programmes. Ability to analyse and communicate complex security issues to both technical and non-technical stakeholders. Relevant certifications (desirable More ❯