1 to 25 of 39 Vulnerability Scanning Jobs in London

Required: Tenable Nessus Engineers IR35 Status: Inside Duration: 12 month initial contract Location: 1-2 days onsite in either Central London or Knutsford Role 1 As an experienced Vulnerability Assessment Engineer responsible for maintaining the Vulnerability Assessment toolsets and products. Primary Responsibilities The ability to review requirements, undertake product design followed by Implementation/deployment/support of … Vulnerability Assessment tools suite (e.g Tenable, Rapid7, Qualys etc) and peripherals with Engineering. Maintains local and network credentials and provisions access to vulnerability scanning systems. Responsible for integration of Vulnerability assessment tooling with other security and IT systems management tools (i.e. Splunk, ServiceNow) Responsible for developing and maintaining standard processes and operating procedures, creating technical architecture … diagrams and system build documentation. Responsible for operating the scanning tools and maintaining coverage along with supporting the vulnerability management and remediation teams in understating how to remediate vulnerabilities (i.e. laptops, VMs, wireless devices) Works with vulnerability management team to build asset repositories and asset scan policies Work closely with customer delivery managers to prioritize daily tasks More ❯

the country. It is the largest news publisher on TikTok with over 28 million total followers and nearly 45 billion views in the past year. We are seeking a Vulnerability Engineer to help build and drive our vulnerability management function. This is a key role for someone with the technical skills, automation mindset, and proactive attitude to take … someone who thrives on ownership, brings ideas to life through automation, and collaborates effectively with teams across the business. Main Responsibilities Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools. Establish and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST, and CIS. … Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track remediation More ❯

penetration testing, and static/dynamic security testing (SAST/DAST). Security Tooling and Automation : Implement and maintain security tools used in the development and deployment processes (e.g., scanning tools, vulnerability management systems, SAST, DAST, ASPM). Automate security processes to streamline secure development and operational workflows. Incident Detection and Response : Work with engineering and platform teams … Expertise: Deep understanding of identifying, assessing, and mitigating security risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge and Implementation experience: Direct experience with More ❯

Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information … and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware More ❯

frameworks, and threat landscapes to ensure enterprise-grade protection across cloud platforms. You will work closely with TMHCC International IT teams and Group Security teams to prioritise and coordinate vulnerability remediation across the cloud estate. You will be experienced in cyber vulnerability detection, remediation, and reporting processes. You will be responsible for triaging and prioritising detected vulnerabilities as … they emerge, to the BISO and IT Leadership for action or information. Skills and Experience Specification 5-10 years of experience in a technical cyber role (e.g., threat and vulnerability analyst, security engineer, SOC analyst). Minimum 3-5 years of hands-on experience in cloud environments. Proven experience with at least one major cloud provider (AWS, Azure). … Proven experience with Microsoft Azure (multi-cloud knowledge, especially AWS, is a plus). Experience with security operations, incident response, and cloud compliance. Working knowledge of vulnerability scanning and detection technologies. Practical experience in triage and remediation of vulnerabilities. Deep understanding of and ability to articulate the risk associated with security vulnerabilities. Ability to coordinate and chair regular More ❯

Cyber Security Operations Manager to lead our Cyber Security Operations Centre; responsible for managing the day-to-day operations of the SOC team, overseeing incident detection and response, ensuring vulnerability scanning and remediation efforts across the organization. Role Overview: Job Title: SOC Manager/Cyber Security Operations Manager Location: Leeds/England/Remote Contract Type: Contract Duration … preferred). Minimum 5 years of experience in cybersecurity operations, with at least 2 years in a leadership or management role. Strong knowledge of SOC operations, incident response, and vulnerability management best practices. Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel), vulnerability scanners (e.g., Nessus, Qualys), and other security platforms. Relevant certifications such as CISSP, CISM … regulated industries (e.g., finance, healthcare, critical infrastructure). Knowledge of compliance frameworks such as ISO 27001, NIST, GDPR, or CIS Familiarity with scripting or automation for incident response or scanning processes. Please feel free to contact myself - Daisy Nguyen at Gibbs Consulting/Atrium UK for a confidential chat to know more details about the role. Please also note More ❯

techniques. Experience with Azure Log Analytics, KQL, and Azure Alerts. Python, Shell, and PowerShell scripting. Experience with security tools and technologies (e.g., SIEM, IDS/IPS, NG Firewall capabilities, vulnerability scanners). Knowledge of Active Directory and Azure AD. Knowledge of application delivery and the infrastructures that enable it. Familiarity with SQL Server, Oracle, clustering/High Availability technologies More ❯

Expertise: Strong knowledge of cloud (Azure, O365, Amazon) and server infrastructure, networks, firewalls, and endpoint systems. Security Tools & Technologies: Proficiency with security tools such as SIEM, IDS/IPS, vulnerability scanners, firewalls, endpoint protection, alert and remediation, and encryption technologies. Certifications: Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure security certifications are highly desirable. Scripting More ❯

able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security More ❯

with relevant security frameworks and regulations, identifying potential compliance issues and contributing to mitigation strategies. Technology Evaluation, Deployment, and Management: Conducts security architecture reviews and perform security assessments, including vulnerability scanning, configuration reviews, and cloud security posture assessments, identifying vulnerabilities and recommending detailed remediation strategies. Contribute to the development of security architecture roadmaps and strategic plans, and support More ❯

years of experience in the information security field. Hands-on experience with AWS (or similar cloud platforms) and Cloudflare. Infrastructure as Code: Proficiency with Terraform or similar IaC tools. Vulnerability Knowledge: Solid understanding of common vulnerability classes and the OWASP Top 10. Coding & Scripting: Proficient in reading code (e.g., Python, Scala) and using Git for version control of … code and configuration changes. Familiarity with iOS or Android security. Experience of industry-standard SIEM and vulnerability scanning tools. Nice to have: Relevant industry certifications (CISSP, OSCP, etc.). Experience of supporting audits such as ISO27001. Experience of working with security risk management frameworks such as ISO31000. Knowledge of security control frameworks such as CIS, NIST800-53 and More ❯

and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF; Skills in: Security Tooling: Proficiency in common security tools, such as SIEMs, vulnerability scanners, firewalls and EDR products; Scripting: Proficiency in scripting languages like Python, BASH, or PowerShell; Security Incident Management: Ability to assist with the detection, response, and recovery of escalated More ❯

Platform (e.g., Cloud IAM, Security Command Center, VPC Service Controls) and Azure/M365 (e.g., Azure Security Center, Azure AD, Microsoft Defender for Cloud). Conduct regular security assessments, vulnerability scanning, and penetration testing of cloud infrastructure and applications. Monitor cloud environments for security threats, anomalies, and incidents, and lead incident response efforts. Collaborate with development, operations, and More ❯

Platform (e.g., Cloud IAM, Security Command Center, VPC Service Controls) and Azure/M365 (e.g., Azure Security Center, Azure AD, Microsoft Defender for Cloud). Conduct regular security assessments, vulnerability scanning, and penetration testing of cloud infrastructure and applications. Monitor cloud environments for security threats, anomalies, and incidents, and lead incident response efforts. Collaborate with development, operations, and More ❯

with a focus on enterprise-level environments. Solid understanding of Cyber Security Best Practices, risk management, and network hardening techniques. Hands-on experience in CVE detection and remediation (including vulnerability scanning tools like Nessus, Qualys, etc.). Cisco Certifications (CCIE, CCNA, etc.) with recent experience working on Cisco switches, routers, and other networking devices. Preferred: Certifications such as More ❯

including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g., firewalls, EDR, SIEM, vulnerability scanners). Exceptional analytical, problem-solving, and decision-making abilities. Excellent communication (written and verbal), interpersonal, and presentation skills. Ability to operate autonomously and manage multiple priorities in a More ❯

responsible for protecting enterprise systems and data. This role offers hands-on involvement with a wide range of technologies-from endpoint detection and SIEM platforms to firewalls, MFA, and vulnerability management-providing a well-rounded foundation in enterprise security operations. You'll gain exposure to advanced security practices, assist in running and responding to threat detection systems, and contribute … to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security certificates, PAM systems, and conditional … platforms in a corporate IT environment. Experience with some of the following: EDR platforms (e.g., CrowdStrike) Email or web security gateways (e.g., Mimecast) MFA/SSO (e.g., Duo, Okta) Vulnerability scanners (e.g., Rapid7, Tenable, Nessus) InTune and Conditional Access Exposure to: Imperva WAF KnowBe4 Certificate management tools Kali Linux toolset and penetration testing basics Qualifications: Working towards or holding More ❯

business and technology teams delivery of the security change programme. Provide support to the business and technology teams to understand and address vulnerabilities within SLA, identified through penetration testing, vulnerability scanning and red team exercises Foster relationships with internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic insights to More ❯

Container & Orchestration Security: Partner with Cloud Engineering, DevOps, Platform teams and stakeholders in the deployment of secure containerised environments using platforms like Docker, and ECS. With a focus on vulnerability mitigation, compliance automation, and secure orchestration practices to ensure container workloads are resilient and meet organisational security requirements. Security Policy Development & Enforcement: Develop, document, and enforce comprehensive cloud security … Collaborate with teams to integrate security best practices into the software development lifecycle (SDLC) and CI/CD pipelines. Ensure security is prioritised through automation tools, security testing, and vulnerability scanning as part of the continuous delivery process. Security Assessments & Incident Response: Conduct security assessments, vulnerability scans and risk analyses to identify and address potential security weaknesses More ❯

hear from you! KEY RESPONSIBILITIES: Configure and manage Windows laptops, MacBooks, and iPhones Use Intune for device provisioning, policy enforcement, and app deployment Manage ESET for antivirus, encryption, and vulnerability scans Conduct on-premises server vulnerability management using Nessus Tenable Ensure adherence to ISO27001 and Cyber Essentials Plus (CE+) standards Maintain on-premises Proxmox servers, including hardware and … Proficiency with Intune, ESET, Nessus, and Azure infrastructure Solid knowledge of Windows, macOS, and iOS ecosystems Working knowledge of ISO27001 and CE+ frameworks Proven ability in endpoint management, server vulnerability scanning, and user provisioning Effective problem-solving skills Ability to work independently and as part of a team INTERVIEW PROCESS: Stage 1: 20 min video call with the More ❯

you can expect to: Lead incident response for breaches, malware attacks, root cause analysis, and recovery Monitor threat feeds and correlate intelligence with tooling to identify emerging risks Oversee vulnerability management and assess remediation effectiveness Collaborate with IT, DevOps, and GRC to align security efforts with business goals Manage and refine configurations for our security tools, and recommend new … threats, ensuring zero-day vulnerabilities are discovered and actioned quickly Own the planning and execution of our annual penetration testing activity To be successful, you'll have: Experience using vulnerability scanning tools and remediating software/hardware issues A solid understanding of both automated and manual penetration testing Hands-on experience identifying, testing, and mitigating system vulnerabilities A More ❯

The Infrastructure Engineer (Vulnerability Management) is a hands-on technical role aimed at enhancing this banks security posture. Positioned within the IT Security team, this role is responsible for addressing open vulnerabilities and assurance findings. The Infrastructure Engineer will remediate vulnerabilities using change and release management methodologies and automate security updates using a suit of patch management tools. Client … managing Group Policy Objects (GPOs) and Azure Policies. Hands-on experience deploying and configuring various patching solutions (e.g., SCCM, Intune, Ninja One). Experience configuring and interpreting reports from vulnerability scanning tools. Experience working with third-party vendors to deliver changes or perform impact assessments. Proficiency in scripting languages (preferred). Degree in Computer Science or a related More ❯

security best practices across the board, playing a critical role in our journey towards SOC2 compliance. Implement and manage security controls related to IAM, network security (VPCs, security groups), vulnerability scanning, and secrets management. Skills, Knowledge and Expertise Experience: Extensive hands-on experience in a DevOps, SRE, or Platform Engineering role, managing production systems in a cloud environment. More ❯

and policy design. •Practical knowledge of HAProxy or equivalent reverse proxies/load balancers, with experience configuring L4/L7 security protections. •Familiarity with CVE triage workflows and integrating vulnerability scanners into CI/CD and registry workflows. •Exposure to runtime security tooling (e.g. Falco, eBPF-based monitoring) and familiarity with basic incident response workflows. •Comfort representing engineering in More ❯

at all levels Security Posture Management: Develop and maintain a comprehensive security posture management program to proactively identify and address vulnerabilities. Continuously assess the organization's security posture through vulnerability assessments, penetration testing, and threat modelling. Collaborate with cross-functional teams to implement security best practices and ensure compliance with industry standards and regulations. Cyber Exposure Risk Management: Identify … identify areas for improvement. What You'll Bring: Experience: A depth of experience in cybersecurity, with at least 3 years in a leadership or management role. Proven experience in vulnerability management, threat modelling, and incident response. Strong understanding of security frameworks, compliance standards, and best practices. Education:Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related … field. Advanced degrees or certifications (e.g., CISSP, CISM, CEH) are highly desirable. Technical Skills: Proficiency in security tools and technologies, such as SIEM, vulnerability scanners, and endpoint protection platforms. Knowledge of cloud security, network security, and secure software development practices. Familiarity with scripting and automation tools to streamline security processes. Working with data centres and native cloud environments AWS More ❯