Cyber Security - Vulnerability Management Specialist

Cyber Security - Vulnerability Management - London - 6 Months - Inside IR35

My client, a leading global bank is looking for an experienced Cyber Security professional to join their Vulnerability Management Oversight & Governance function on a 6-month contract. This is a hybrid role based in London, offering an exciting opportunity to influence and enhance vulnerability risk governance across a complex, regulated financial environment.

You will support the oversight, reporting, and continuous improvement of vulnerability management activities across the organisation, engaging with global stakeholders and ensuring alignment to regulatory expectations and industry best practice.

Key Responsibilities

• Provide oversight of vulnerability scanning and remediation, ensuring governance standards are met.
• Analyse third-party vulnerability reports, identify risks, and drive escalation where required.
• Enhance and maintain frameworks, policies, and procedures related to vulnerability management.
• Develop, refine, and deliver Vulnerability Management metrics, dashboards, and governance reporting for senior stakeholders.
• Support remediation tracking across technology teams, ensuring alignment with the bank's risk appetite.
• Contribute to regulatory readiness under frameworks such as NIST, ISO27001, DORA, and operational resilience requirements.
• Engage with cross-functional teams (Security Engineering, Operations, Risk, Technology) to support strategic initiatives.
• Participate in governance forums, providing clear visibility of vulnerability posture and key risks.

Required Experience

• Strong background in Vulnerability Management, ideally within financial services or a regulated environment.
• Hands-on knowledge of tools such as Tenable, Nessus, Qualys, or similar scanning technologies.
• Solid understanding of security frameworks: ISO27001, NIST, OWASP, CVSS.
• Experience producing executive-level reporting, dashboards, or risk summaries.
• Ability to interpret technical vulnerability outputs and translate them into meaningful business risk insights.
• Proven experience engaging and influencing senior stakeholders and global teams.
• Familiarity with regulatory expectations such as DORA, Operational Resilience, or CBEST (desirable).
• Strong analytical and communication skills, with the ability to work independently at AVP level.

If the role aligns with your interest and experience please apply with your updated CV