1 to 25 of 30 Permanent Vulnerability Management Jobs in Central London

Company description: We are seeking a dynamic and motivated Vulnerability Management Lead to join our rapidly growing program. The ideal candidate will blend cybersecurity expertise with technical analytical skills to support diverse operational needs. The Vulnerability Management Lead will play a crucial role in tracking and managing the identification, assessment, and remediation of security vulnerabilities across … the organizations infrastructure and monitoring and reporting on vulnerability and other security compliance status. The role requires collaboration with various partners to ensure that vulnerability assessments and emerging threats are prioritized and advanced. Additionally, the successful candidate will work with management to continuously evolve the vulnerability management program. Job description: You will be responsible for … supporting CSOC in order to achieve the below: The development and implementation of the Colt Vulnerability Management Framework. Enhancing the scope and efficiency of current vulnerability scanning and management tools and integration between them. Design and manage the periodic penetration testing exercise. Collaborating with identified stakeholders to provide specialist guidance and support, ensuring effective vulnerability More ❯

Vulnerability Management Architect 3 Month Contract Hybrid Our Retail client is looking for a Vulnerability Management Architect to lead the transformation of a large-scale enterprise's threat and vulnerability landscape. This role is focused on rebooting the organisation’s vulnerability management capabilities to deliver a more dynamic, risk-based view of threats … across cloud, hybrid, and on-prem environments. You’ll be responsible for designing and implementing a modern exposure management framework that enables real-time visibility, prioritisation, and remediation of vulnerabilities. Key Responsibilities Architect and lead the implementation of an enterprise-wide exposure management strategy. Identify and assess digital assets, attack surfaces, and potential vulnerabilities. Develop and apply exposure … to tailor risk reporting and remediation strategies. Maintain continuous monitoring and adapt to evolving environments (cloud, remote work, DevSecOps pipelines). What You’ll Bring Proven experience in Exposure Management , including: - Asset Identification - Attack Surface Mapping - Risk Assessment - Prioritisation & Remediation - Continuous Monitoring Strong understanding of exposure scoring systems (e.g., VPR, ACR, contextual risk). Hands-on experience with tools More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

You will lead and coordinate delivery of key initiatives across our Group Cyber Security Programme. This is a multi-region role, managing projects in areas such as endpoint protection, vulnerability management, IAM, network security, data protection, and cloud security. Key Responsibilities: Oversee and deliver cyber security projects, ensuring milestones, risks, budgets, and dependencies are tracked. Translate group cyber … documentation, RAID logs, and support audits and compliance activities. Skills & Experience: Proven experience managing complex cyber security projects in multi-region/federated organisations. Strong technical knowledge: endpoint protection, vulnerability management, IAM, network and cloud security. Experience coordinating stakeholders, vendors, and regional IT teams. Excellent project management, organisational, and communication skills. Familiarity with PRINCE2, PMP, or Agile More ❯

most inclusive employers in the UK. The Head of Information and Cyber Security will design, develop, and coordinate all aspects of the Information Security strategy, encompassing governance and risk management, incident response, and disaster recovery. The Head of Information and Cyber Security will manage a multitude of third-party partnerships from the SOC, to vulnerability management, to … s security strategy and roadmap, aligned to NIST. Oversee a small internal team (2 privacy/GDPR specialists). Manage all external 3rd party security contracts/relationships -SOC, vulnerability management, patching, and firewall operations. Oversee incident response, risk mitigation, and disaster recovery planning. Support delivery of Cyber Essentials Plus accreditation. Present cyber and data risks at risk … of technical principles (firewalls, phishing, vulnerabilities, routing, MFA, etc) - you can challenge, not necessarily configure. Knowledge of NIST and experience supporting Cyber Essentials Plus or similar certifications. Excellent stakeholder management and communication skills and comfortable presenting to execs, trustees, and end users alike. Leadership style that builds trust and collaboration, more about influence than command. Strategic mindset with patience More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

Engineer/DevOps Engineer with strong expertise in AWS, Terraform, Azure DevOps, and Apigee. The ideal candidate should have a solid background in cloud architecture, automation, and secure platform management, ensuring reliable and compliant deployments. This role involves developing, deploying, and maintaining scalable systems, managing upgrades, and applying robust security controls across CI/CD pipelines and infrastructure. Candidate … services using AWS ECS, ECR, and Fargate, ensuring scalable and secure microservice environments. Use Docker for containerizing applications and improving deployment consistency. Manage and secure Apigee or similar API Management platforms, ensuring API governance, performance optimization, and compliance. Ensure security and compliance best practices across the platform, including secure coding, dependency management, and vulnerability scanning. Implement and … libraries. Collaborate with security teams to align architecture with compliance standards. Prepare and maintain detailed documentation for builds, deployments, and updates. Required Skills Expertise in implementing secure coding and vulnerability management practices. Strong knowledge of API security, OAuth, JWT, and API Gateway policies. Experience in security audits, monitoring, and incident remediation. Familiarity with compliance frameworks (e.g., ISO, SOC More ❯

not limited to: Global EDR consolidation (Microsoft Defender) MFA rollout Implementation of a new SIEM platform Key Responsibilities Lead the delivery of cyber security projects such as endpoint protection, vulnerability management, identity & access management, and network security. Develop and manage project plans, milestones, risks, and budgets. Coordinate delivery across regional teams, ensuring consistency and practicality. Manage third … progress. Essential Skills & Experience Proven experience managing complex cyber security projects within multi-region or federated organisations. Strong technical understanding across key cyber domains within Microsoft environments. Excellent stakeholder management and communication skills. Familiarity with structured project management methodologies (e.g. PRINCE2, PMP, Agile). Relevant security certifications such as CISSP, CISM, CompTIA Security+, or AWS/Azure Security More ❯

of Security Operations. At least three years of Linux Administration. At least two years of Cloud (AWS or Azure) Administration. Must-Have Skills Linux and Windows OS. DNS. Certificate Management: Digicert, AppViewX. Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc. … . SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing More ❯

and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. … and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment … platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Ability to analyse complex technical and security issues, identify root causes and implement More ❯

and security alerts for suspicious activity and potential security breaches. Incident Response: Act as a first responder to security incidents, investigating breaches, containing threats and helping to restore systems. Vulnerability Management: Conduct regular vulnerability assessments and penetration tests to identify weaknesses in systems and implement necessary improvements. Security Implementation: Improve Security measures. Data Protection & Compliance: Ensure that … Mindset: The ability to analyzs large amounts of data to identify anomalies and potential risks. Technical Proficiency: Knowledge of operating systems, firewalls, encryption, VPNs and security information and event management (SIEM) systems. Attention to Detail: Meticulous in reviewing data and systems to catch even minor security flaws. Strong Communication: Ability to clearly communicate findings and recommendations to both technical More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

SecOps Lead , you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. Key Responsibilities Serve as the primary contact for the MDR partner, managing the relationship, conducting service … plan (IRP) and playbooks in collaboration with the MDR provider. Translate technical security risks into actionable business recommendations for stakeholders at all levels. Contribute to broader cybersecurity initiatives , including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. More ❯

Exceptional written and verbal communication skills, with the ability to articulate complex technical findings and nuanced threat intelligence insights clearly and concisely to diverse audiences. Strong organizational and time management skills, with a proven ability to effectively manage and prioritize multiple concurrent engagements. Current CREST CTL certification or higher is essential. Desirable Skills: Experience with Breach Attack Simulation tools … and methodologies. Experience in Vulnerability Management processes and integrating threat intelligence. Understanding of Risk Management frameworks and how threat intelligence informs risk assessments. Hands-on experience with security reviews of AWS, Azure, and GCP environments, incorporating cloud-specific threats. Experience with ISO 27001 auditing/implementation, understanding the role of threat intelligence in compliance. Other advanced cybersecurity More ❯

architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge of More ❯

services provider that offers a broad spectrum of capabilities across digital workplace, infrastructure, cloud/datacenter, and cybersecurity, with a focus on solutioning, service delivery, and end-to-end management for small to mid-size US clients. Below is a detailed, synthesized job-description-style profile for a Solution Consultant who could lead and own the practice for such … to SMB/MSP needs. Service delivery leadership: Define and enforce service delivery frameworks, SLAs, and operational playbooks; ensure seamless transition from presales to delivery; oversee service continuity, incident management, change control, and problem management. Platform and technology scope: Digital workplace services (end-user devices, collaboration tools, unified communications, remote/mobile workforce enablement); infrastructure and network (LAN/… WAN, SD-WAN, data-center design, virtualization, storage, backup); cloud and datacenter (IaaS/PaaS, public, private, hybrid architectures; migration and modernization); cybersecurity (identity, endpoints, network, identity & access management, threat detection, incident response); application support and managed services for critical business applications. Security and compliance: Build security-by-design into solution proposals; incorporate best practices for data protection, vulnerability More ❯

days in London per week* What You’ll Do Build the SecOps team from the ground up and manage/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection More ❯

continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and … company professionally in meetings, while maintaining clear boundaries and ensuring discussions remain aligned with agreed project scope and priorities Experience with security tools and technologies such as SIEM (Splunk), vulnerability management (Tenable), and PAM Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST), as well as asset management and risk assessment solutions It would be More ❯

Skills & Experience Proven experience as a ServiceNow Architect , with strong hands-on delivery in SecOps and/or IRM modules . Deep understanding of security operations , incident response , and vulnerability management . Expertise in ServiceNow workflows , scripting , CMDB , Discovery , and system integrations (REST/SOAP, MID Server). Experience integrating ServiceNow with cybersecurity tools (e.g., SIEM, EDR, SOAR … . Strong stakeholder management and communication skills. Background supporting critical infrastructure , preferably within the energy or utilities sector . Knowledge of security frameworks and compliance mandates (e.g., NIST, ISO 27001, NIS2). ServiceNow SecOps certification (Certified Implementation Specialist – SecOps or equivalent). Desirable Skills Knowledge of OT/ICS security and industrial communication protocols (e.g., Modbus, DNP3, IEC More ❯

for security practices and deployment processes. Engage with clients to understand their requirements and deliver tailored security solutions. Collaborating with Security and Infrastructure teams to improve Network Defence and Vulnerability Management. Skills required, including - Checkpoint Firewall, Network Defence and Vulnerability Management: AWS KMS, AWS Secrets Manager, AWS API Gateway, AWS WAF, Amazon Inspector, Amazon Macie ,Amazon GuardDuty More ❯

for deployment. Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management … SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript, API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) Platform expertise required: ServiceNow GRC & SecOps. More ❯

one scripting language (PowerShell or Python preferred). Experience and understanding of hyperconverged infrastructure preferably with Nutanix, VMWare, Commvault and hybrid cloud infrastructure (Azure or similar). Knowledge of vulnerability management, monitoring/alerting, and automation/orchestration platforms. Disaster Recovery Specialist/IT Resilience Specialist More ❯

at least one scripting language (PowerShell or Python preferred). - Understanding of hyperconverged infrastructure preferably with Nutanix, VMWare, Commvault and hybrid cloud infrastructure (Azure or similar). - Knowledge of vulnerability management, monitoring/alerting, and automation/orchestration platforms. IT Disaster Recovery Technical Specialist In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is More ❯

implement, and maintain information security policies, procedures, and guidelines. - Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001). - SIEM & Vulnerability Management. - Monitor and respond to security incidents, conducting investigations and implementing corrective actions. - Collaborate with IT and other departments to ensure the security of network infrastructure and data. - Manage … risk assessments and vulnerability assessments to identify potential security threats. - Oversee the implementation of security measures such as firewalls, intrusion detection systems, and data encryption technologies. - Provide training and guidance to staff on information security best practices. - Stay updated on the latest cybersecurity trends and technologies. **Qualifications:** - Bachelor's degree in Information Security, Computer Science, or a related field. … Professional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor. - Proven experience in information security management and conducting security audits. - Strong knowledge of information security frameworks and standards. - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills. **Preferred Qualifications:** - Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX. - Familiarity with security tools and technologies More ❯

VMware environments. Troubleshoot and resolve system, platform, and network issues with minimal supervision. Apply knowledge of networking technologies to support infrastructure needs. Implement and maintain cybersecurity best practices and vulnerability management processes. Utilize Python, Bash, and APIs for scripting, automation, and integrations. Continuously challenge and improve existing processes, driving automation and operational excellence. Collaborate effectively with cross-functional … Linux (RHEL) administration. Proven expertise with Red Hat Satellite installation, configuration, and management. Hands-on experience with Ansible/AAP and Infrastructure as Code practices. Practical knowledge of VMware management and upgrades. Solid understanding of networking fundamentals and cybersecurity principles. Scripting experience with Python and Bash; familiarity with working via APIs. Excellent problem-solving abilities and ownership mindset. Strong More ❯