Senior Vulnerability Engineer

Pontefract - 3 Days Onsite + Monthly Visit to Leicester HQ
£50,000 - £68,000 - No sponsorship available

VIQU have partnered with a leading FTSE-100 technology-driven retail organisation, operating on a major national and international scale. With vast warehouse operations, enterprise systems and a rapidly expanding digital footprint, the business is enhancing its Vulnerability & Threat Management function to protect a complex and ever-evolving technology landscape.

As a Senior Vulnerability Management Engineer, you'll work within the Information Security team, taking ownership of vulnerability identification, validation, prioritisation and communication across the estate. You'll collaborate with engineering, incident response, threat intelligence and operational teams to provide actionable mitigation strategies, guide remediation efforts, and strengthen the overall security posture.

This is a high-impact role in a proactive, forward-thinking security environment that values technical expertise, curiosity, and clear communication.

• Administer and maintain vulnerability scanning and risk reporting platforms

• Lead on scoping, estimating and delivering major security projects

• Triage vulnerabilities, assess risk and support remediation teams with mitigation strategies

• Conduct security assessments and present findings to technical and senior stakeholders

• Manage and develop the organisation's Bug Bounty programme

• Produce high-quality reporting, dashboards and programme metrics

• Review and assess threat intelligence, advising on business impact and recommended countermeasures

• Support Incident Response during security incidents

• Participate in RvB exercises and validate threat intelligence findings

• Mentor junior team members and coordinate major remediation activities

• Stay ahead of emerging threats, attack techniques and industry trends

• Strong experience managing vulnerability management tools

• Deep understanding of malware, attack vectors, threat trends and vulnerability frameworks

• Solid IT background: network protocols, segmentation and server infrastructure

• Windows Server and/or Linux experience

• Excellent communication skills, with the ability to remain calm under pressure

• Experience with CVSS, CVE, CWE, OWASP, MITRE

• Analytical, detail-oriented and proactive

• Desirable: PCI-DSS/ISO27001, OT/SCADA, cloud fundamentals, TIP platforms, DevOps/code scanning, offensive security

This role includes 3 days per week in the Pontefract office, plus a monthly visit to the Leicester site and additional onsite requirements as needed.

Apply now to speak with VIQU IT in confidence. Or contact Aaron Chiverton via the VIQU IT website.
Know someone great? Refer them and receive up to £1,000 if successful (terms apply).