18 of 18 Contract Vulnerability Management Jobs in the UK

Vulnerability Management Architect - Product Selection and Design 5 Month Contract - Outside IR35 Hybrid - travel to Bracknell and London, Pimlico as and when required Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in … modernising the company's vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework. Accountabilities: Explore and document our baseline vulnerability management architecture Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will … evaluate the drivers and benefits for change Provide market assessment as appropriate, partnering with our procurement teams as needed Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic) Compile vendor solution options to address the above (with More ❯

computing, modelling, simulation, software engineering, business systems, data acquisition, and core IT services. Within the Computing Division, the Enterprise Infrastructure Solutions unit is responsible for the design, delivery, and management of centrally supported IT infrastructure and applications. This includes enterprise compute platforms, data networks, UNIX/Linux/Windows environments, cloud services, data centres, commercial software solutions, and end … matter expertise in security architecture, cyber risk governance, and assurance frameworks. This is a cross-functional role with both advisory and hands-on responsibilities, focusing on security assurance, risk management and supporting architecture reviews, vulnerability management, risk assessments, cyber defence posture, driving technical assurance, and embedding risk-aligned security controls across IT and OT systems and secure … Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, Windows/Linux/Unix. o Strong knowledge of security tooling such as SIEM, endpoint detection (EDR/XDR), and vulnerability management platforms. o Hands-on experience with policy development, access control models (RBAC, ABAC), and logging standards. o Experience supporting assurance activities or government-mandated reviews (e.g. GovAssure More ❯

multi-skilled 24/7 Infra Operations team organised by function and focussed on supporting continual improvement. The teams are divided into four core areas providing technical and service management expertise: Hosting Cloud centre of excellence Connectivity Central capabilities RRP (Recruitment and Retention Premia) The post of Technical Consultant has been awarded a Recruitment and Retention Premia (RRP) in … attracts an additional monthly RRP payment equal to 13% per annum. Main duties of the job The Technical Consultant band 7 will work closely with the Technical Operations Manager (Vulnerability and Risk Management) to reduce the overall risk and threat landscape of the NHS England Infrastructure Services estate. This will include but not be limited to: Undertaking patching … and tooling to increase the speed and efficacy of patching Work with the IT Ops team to address data quality shortfalls Work across Directorates to develop reporting capabilities from Vulnerability Management tooling. The Vulnerability and Patch Management team is a sub-team, embedded within the Infrastructure Services pillar, working closely with the IT Operations team. The More ❯

key role in supporting the delivery of the Government Cyber Security Strategy by coordinating and providing centralised cyber services to public sector organisations. These services help strengthen resilience, improve vulnerability management, and enhance the security of core internet services such as DNS, email and web. Role Overview As a Senior Business Analyst , you will support the design, improvement … improvements that enhance service performance and security. Key Responsibilities Engage with public sector organisations to understand cyber security services and challenges Model current processes, systems and data, particularly around vulnerability management Share analysis and findings with service owners and project teams Identify opportunities for improvement across processes and services Work closely with User Researchers and Service Designers to … across organisational boundaries Skills & Experience Required Aligned to the Senior Business Analyst role level in the Government Digital & Data Profession Framework: Strong practitioner-level experience in business modelling, requirements management, stakeholder management, process improvement and problem analysis Proven ability to analyse business problems across multiple organisations or business units Experience developing complex models to support solution development Ability More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

are effectively deployed, maintained and optimised, while driving efficiencies and ensuring secure, compliant infrastructure. This role requires a background and strong expertise in enterprise toolsets, automation technologies and patch management processes. Engagement via Umbrella Company Only; all taxes & NI deducted at source. General responsibilities Lead operations of enterprise tooling platforms including SCCM, Scorch, BMC, Ansible and MuleSoft. Define and … consistent monitoring, reporting and compliance dashboards are in up to date and in-place for patching and tooling. Work with security and governance teams to align patching schedules with vulnerability management requirements. Provide operational reporting for Stakeholders, including compliance metrics. Manage vendor relationships and licensing agreements for tooling and middleware platforms. Required Skills & Experience Proven experience managing enterprise … operations tooling, middleware and patch management. Strong expertise with SCCM, Scorch, BMC, Ansible and MuleSoft platforms. Demonstrated experience in patch management, vulnerability remediation and compliance reporting. Hands-on knowledge of automation frameworks and orchestration platforms. ITIL Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built More ❯

not limited to: Global EDR consolidation (Microsoft Defender) MFA rollout Implementation of a new SIEM platform Key Responsibilities Lead the delivery of cyber security projects such as endpoint protection, vulnerability management, identity & access management, and network security. Develop and manage project plans, milestones, risks, and budgets. Coordinate delivery across regional teams, ensuring consistency and practicality. Manage third … progress. Essential Skills & Experience Proven experience managing complex cyber security projects within multi-region or federated organisations. Strong technical understanding across key cyber domains within Microsoft environments. Excellent stakeholder management and communication skills. Familiarity with structured project management methodologies (e.g. PRINCE2, PMP, Agile). Relevant security certifications such as CISSP, CISM, CompTIA Security+, or AWS/Azure Security More ❯

architect, and maintain network security infrastructure including Firewalls, IDPS, Proxies, Load Balancers, VPNs, and WAFs. Develop and manage firewall policies, network access controls, IAM solutions, MFA, RBAC, and privilege management . Ensure alignment of security measures with compliance standards (GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and remediate risks. Apply industry frameworks such … as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI/Azure/AWS), PKI, cryptography, web/email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT teams (network engineers, sysadmins, developers) to ensure a holistic approach to security. Communicate More ❯

delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct threat modelling, risk assessments, and incident response . … Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve security issues. Essential Skills & Experience Proven experience … Expertise in cloud security (Azure & AWS) . Demonstrated success leading or building CSOCs or security programmes . Strong documentation and design skills (HLD/LLD). Excellent communication, stakeholder management, and project leadership. Certifications (Highly Desirable) CISM - Certified Information Security Manager Microsoft Certified: Azure Security Engineer CCNP/CCIE (Security/R&S) CCSA/CCSE (Checkpoint) JNCIA (Juniper More ❯

s hybrid infrastructure, spanning both on-premise and cloud environments. This role is ideal for a hands-on technical professional with a strong background in network and system security, vulnerability remediation, and endpoint protection using Microsoft Intune . Key Responsibilities Support and secure network infrastructure across cloud and on-prem environments . Strengthen Windows Server and network security configurations. … Lead efforts in vulnerability management and remediation , working closely with IT and security teams. Implement and maintain endpoint hardening policies through Microsoft Intune . Monitor and respond to network security events and incidents. Contribute to the continuous improvement of security posture, compliance, and best practices. Collaborate with internal teams to support ongoing infrastructure and security projects. Key Skills … environments. Strong understanding of network infrastructure (switching, routing, firewalls, VPNs). Experience securing Windows Server environments. Proficiency in network security principles , firewalls, and access control. Hands-on experience with vulnerability remediation tools and processes. Strong knowledge of endpoint hardening and management via Microsoft Intune . Familiarity with cloud networking and security (Azure, AWS, or equivalent) is desirable. Excellent More ❯

s hybrid infrastructure, spanning both on-premise and cloud environments. This role is ideal for a hands-on technical professional with a strong background in network and system security, vulnerability remediation, and endpoint protection using Microsoft Intune . Key Responsibilities Support and secure network infrastructure across cloud and on-prem environments . Hands on experience of Network & Security design … and implementation Strengthen Windows Server and network security configurations. Lead efforts in vulnerability management and remediation , working closely with IT and security teams. Implement and maintain endpoint hardening policies through Microsoft Intune . Monitor and respond to network security events and incidents. Contribute to the continuous improvement of security posture, compliance, and best practices. Collaborate with internal teams … environments. Strong understanding of network infrastructure (switching, routing, firewalls, VPNs). Experience securing Windows Server environments. Proficiency in network security principles , firewalls, and access control. Hands-on experience with vulnerability remediation tools and processes. Strong knowledge of endpoint hardening and management via Microsoft Intune . Familiarity with cloud networking and security (Azure, AWS, or equivalent) is desirable. Excellent More ❯

Years Must Have/Mandatory Skills Palo Alto Networks – Firewalls (MUST) Network Security Architecture IAM, MFA, AAA, RBAC, Privilege Access Cloud Security (OCI/Azure/AWS) SIEM/Vulnerability Management/PKI/Cryptography LAN/WAN/DMZ/Routing/Switching/Subnetting Key Responsibilities Design/Architect network security infra solutions like Firewalls, IDPS More ❯

packages, installation files, and automation scripts for large-scale deployments. Conduct network connectivity validation and testing to ensure seamless Defender integration with Microsoft 365 Defender services. Collaborate with image management and infrastructure teams to embed Defender within server builds and auto-scaling environments. Remove Legacy antivirus agents and validate clean transitions to Defender coverage. Manage policy deployment through AAD … managing Microsoft Defender for Servers in enterprise environments. Strong track record migrating from Symantec Endpoint Protection or McAfee ePO to Defender. Deep knowledge of Defender for Servers EDR, Threat & Vulnerability Management, Attack Surface Reduction, and Automated Investigation and Remediation. Skilled in AV policy and exclusion management for Windows and Linux Servers. Experienced deploying Defender via GPO, SCCM More ❯

Operations - Windows & Linux administration - Regulatory - NIS/CAF and other assessment frameworks - Governance, process and documentation - Operational Technology/SCADA - Telecoms & Transport networks - Deployment of SIEMs, IDAM & PAM, and Vulnerability Management products - Legacy technologies Requirements • Skills and experience in understanding at a technical level security operation. • Awareness of key legislation and regulation impacting IT/OT General Control More ❯

Azure Storage. Knowledge of immutable backups and secure data retention strategies. Experience with disaster recovery planning, including full restore testing. Expertise in multi-factor authentication (MFA) setup and testing. Vulnerability management - scanning, prioritization, remediation validation. Ability to design and interpret security dashboards for monitoring and reporting Awareness of system throttling and its security implications. Ideally comfortable upskilling the More ❯

Pod Security Policies (or the newer Pod Security Admission controller), and GKE Sandbox. Configuring and enforcing network policies to control traffic between pods and namespaces. Using container scanning and vulnerability management tools to secure container images. Implementing Binary Authorization to ensure only trusted images are deployed to clusters. Establishing robust IAM policies for GKE and related GCP services. … Excellent communication, stakeholder management, and problem-solving skills. Relevant professional certifications (e.g., Google Cloud Certified Professional Cloud Architect or DevOps Engineer) are a plus. More ❯

public sector organisations. What You'll Do: As a Senior Business Analyst, you will: Engage with public sector organisations to enhance cyber security services. Model processes and systems around vulnerability management. Share insights with service owners and project teams. Identify and recommend improvements across multiple organisations. Collaborate with User Researchers and Service Designers to meet user needs. Monitor and … measure service effectiveness through KPIs. Who You Are: We're looking for a dynamic professional with: Expertise in context, problem, and option analysis. Strong user experience and stakeholder relationship management skills. Proven ability in requirements definition and management. Experience in business modelling and process improvement. A solid understanding of cyber security risks and best practises. Proficiency in agile working More ❯