1 to 25 of 81 Permanent Vulnerability Management Jobs in London

The Role: The Vulnerability Management Analyst is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Vulnerability Management Manager who reports to the Global Head … of IT Security. As a member of the ION Security team, you will build and lead a team of Security professionals specialising in Vulnerability Management along with managing the partners and technology vendor deliverables and of course building and owning the strategy to deliver a world class Vulnerability Management program. The candidate must understand their role … in the broader vulnerability management program and your team will regularly perform discovery scanning, risk/exposure assessments, mitigation support activities, continuous validation assessments, and lessons learned workshops and improvement projects to continuously improve our process across Group Security and all other Verticals. We are looking for a diligent, dedicated, creative and motivated individual. Excellent communication skills are More ❯

person. In Technology, we're asking that you attend the office a minimum of 1 day per week. About the Role We are seeking a highly motivated and experienced Vulnerability Management Engineer to join our Cyber Security team. As a Vulnerability Management Engineer, your primary responsibility will be to manage existing vulnerability management-specific … tooling, and have an active role in improving existing processes. You will achieve this by creating automated solutions through collaboration with various technical teams. Responsibilities Develop and maintain vulnerability management tooling and solutions Implement automation to remove manual processes and increase efficiency Work with internal remediators to prioritise vulnerability management activities Process vulnerability data to … provide reports, insights and metrics, that aid in the risk-based approach to vulnerability management. Develop integrations for internal and external tools to capture data relevant to the vulnerability remediation process (e.g. by interacting with APIs) Ensure compliance with relevant security standards, frameworks, and regulations Stay up to date with the latest trends and developments in vulnerability More ❯

person. In Technology, we're asking that you attend the office a minimum of 1 day per week. About the Role We are seeking a highly motivated and experienced Vulnerability Management Engineer to join our Cyber Security team. As a Vulnerability Management Engineer, your primary responsibility will be to manage existing vulnerability management-specific … tooling, and have an active role in improving existing processes. You will achieve this by creating automated solutions through collaboration with various technical teams. Responsibilities Develop and maintain vulnerability management tooling and solutions Implement automation to remove manual processes and increase efficiency Work with internal remediators to prioritise vulnerability management activities Process vulnerability data to … provide reports, insights and metrics, that aid in the risk-based approach to vulnerability management. Develop integrations for internal and external tools to capture data relevant to the vulnerability remediation process (e.g. by interacting with APIs) Ensure compliance with relevant security standards, frameworks, and regulations Stay up to date with the latest trends and developments in vulnerability More ❯

The Vulnerability Management Manager is a global role within ION's central services division, supporting the Group Security strategy through the identification, mitigation, and remediation of information security vulnerabilities, misconfigurations, and risks. This role reports to the Global Head of IT Security, who reports to the Group CISO. As a member of the ION Security team, you will … build and lead a team of Security professionals specializing in Vulnerability Management, managing partners and vendor deliverables, and developing a strategy for a world-class Vulnerability Management program. Your team will perform discovery scanning, risk assessments, mitigation activities, continuous validation, and lessons learned workshops to improve processes across Group Security and Verticals. We seek a diligent … capable of building relationships with teams of varying technical abilities. The ideal candidate will have extensive cybersecurity experience, at least 10+ years in security roles, with a focus on Vulnerability Management. Key Responsibilities: This role may require out-of-hours work for 24x7 global operations. Ensure team objectives and development plans align with company OKRs. Act as escalation point More ❯

the country. It is the largest news publisher on TikTok with over 28 million total followers and nearly 45 billion views in the past year. We are seeking a Vulnerability Engineer to help build and drive our vulnerability management function. This is a key role for someone with the technical skills, automation mindset, and proactive attitude to … someone who thrives on ownership, brings ideas to life through automation, and collaborates effectively with teams across the business. Main Responsibilities Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools. Establish and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST … and CIS. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track More ❯

work model-preferably, team members should be within commuting distance of an office to facilitate in-person collaboration. About the Role We are looking for a passionate and experienced Vulnerability Lead to develop and oversee our vulnerability management program. This role offers a unique chance to establish a vital security function, define best practices, and improve our … security posture. The role involves managing and enhancing the vulnerability management lifecycle, including defining scanning strategies, triaging risks, overseeing remediation, and reporting to improve security. What you'll do: Conduct regular vulnerability scans and validate findings. Prioritize vulnerabilities based on risk and enrich findings with threat intelligence and business impact analysis. Facilitate resolution by triaging vulnerabilities for … and ensure timely patching of critical vulnerabilities. Maintain visibility across all technology environments, including cloud, data centers, containers, and web apps. Generate reports and metrics to support risk-based vulnerability management. Identify gaps in scan coverage and asset inventory. Stay updated on zero-day vulnerabilities and emerging threats. Maintain dashboards and reports on vulnerability trends, KPIs, and SLAs. More ❯

IT Operation s Platforms and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks … and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection More ❯

IT Infrastructure Operation s and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and … access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such More ❯

environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks … a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. The role requires the ability to "lead by example" and perform line management for direct reports and manage service partners reporting into the function. Additional responsibilities are to respond to support requests by Key Responsibilities: IT Operations & Cloud Platform Management Lead … business continuity (BC) and disaster recovery (DR) plans, ensuring cloud- based solutions support resilience and rapid recovery. Manage Global Infrastructure (Cloud, On-prem and Virtual product) Solution Life Cycle Management and removal (via decommissioning and succession planning) of technical debt. Drive a document first culture to new and legacy platforms/solutions. Oversee management of the End User More ❯

ensure the effective day-to-day delivery of IT services across both shared and in-house environments, with a strong focus on ITIL disciplines - Incident, Problem, Change, and Asset Management - and Cyber Security risk management . The postholder will act as the customer-facing lead for operational IT, ensuring services are reliable, secure, and responsive to user needs. … Key Responsibilities Manage the performance and quality of outsourced, shared service and in-house IT services Own and operate the ITIL processes: Incident , Problem , Change , and Asset Management Act as the operational interface with the other organisation (the shared service provider) Maintain the CMDB and configuration item lifecycle tracking Lead on cyber security risk assessments , patch assurance , vulnerability management , and coordination with SOC/XDR providers Ensure compliance with cyber and data protection standards (e.g. Cyber Essentials) Monitor service level agreements (SLAs), escalate issues, and lead service reviews Coordinate change activity to ensure minimal business disruption Deliver customer-focused service improvement initiatives Support audits and business continuity planning Essential Skills and Experience Demonstrable experience managing operational More ❯

Security Lead In summary the Client is looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk - ideally from within the banking or insurance sector. The IT Operational … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks … technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection More ❯

threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure. Oversee and enhance vulnerability management processes, focusing on strategic remediation, root cause analysis, and preventative measures. Contribute to drive implementation of security automation across cloud infrastructure configuration, vulnerability management, and … expertise in designing, implementing, securing, and managing a wide range of AWS security services . Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and supporting the adoption of … as Code (IaC) , particularly Terraform, and implementing relevant security checks. Solid experience with container security and securing container orchestration platforms (Kubernetes/EKS). Proven ability contributing significantly to vulnerability management programs, including advanced triaging, root cause analysis, risk assessment, and strategic remediation planning. Strong communication and influencing skills, with the ability to articulate complex security concepts clearly More ❯

a strong focus on automation, detection and secure by design principles. Additionally, as part of the role you will be leading and participating in threat detection, incident response and vulnerability management remediation. You will be serving as both a technical leader and operational responder, working closely with Product, infrastructure and Security Operations teams. We are looking for a … system visibility by expanding logging coverage and implementing additional monitoring capabilities. Maintain, update, and regularly test incident response runbooks, containment strategies, and escalation protocols. Lead the end-to-end vulnerability management process for ION Markets systems, from identification to remediation. Provide support for security architecture reviews of developed systems to ensure alignment with best practices. Stay up to … or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc. About us We're a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations More ❯

to the modern backbone of the Royal Navy. We pioneer with fierce curiosity, dedication, and innovation, we seek to solve the worlds most challenging problems. Responsibilities Leadership and line management - Motivate and drive the Hardware function to meet key business and operational unit objectives. Develop an open and inclusive team culture that supports doing the right thing and achieving … excellence. Ensure behaviours in teams meet standards expected of NG employees. Influences others and supports colleagues through changes expected within a large multi-functional organisation. Capability Management - Management of capability needs in the Hardware function Career management of the Hardware function Resource management - Resource supply and demand, Capacity planning and recruitment, and outsource management. Functional delivery … as a Suitably qualified individual in either mechanical or electro-mechanical field of expertise. May be functional lead within projects/issues for most critical/complex needs. Process Management - Highlight process needs and work with the Technical Directorate to develop bespoke, efficient and fully integrated processes. Asset management - Identify tools and Management of tools Communication - Develop More ❯

of required Metrics at committees and forums, as well as representing the team where required. Critical Work Support the ongoing and periodic regulatory and compliance responses and engagements Audit management and coordination Issue remediation oversight and closure validation Responding to customer RFIs using standardised formats and frameworks Quality assurance on library of responses required for customer RFIs etc. Impact … operating centres - UK, Europe, US & Asia Cyber security qualification e.g. CISMP/Apprenticeship (desirable) Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud … security. IT and cybersecurity policies and standards Operational risk frameworks Regulatory compliance Operational Resilience Good understanding of data protection controls Financial Services sector experience Technology & Cyber Security Leadership and management experience Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives. Personal skills and capabilities Critical thinking Objective analysis of More ❯

candidate will have a strong technical background, leadership experience, and a proactive approach to managing cyber risks in a dynamic technology environment. What You'll Do: Leadership and Team Management: Lead, mentor, and manage a team of Security Engineers, fostering a culture of collaboration, innovation, and continuous improvement. Define team goals, assign responsibilities, and ensure the successful execution of … security initiatives. Conduct regular performance reviews and provide professional development opportunities for team members. Ability to work across the organisation and communicate at all levels Security Posture Management: Develop and maintain a comprehensive security posture management program to proactively identify and address vulnerabilities. Continuously assess the organization's security posture through vulnerability assessments, penetration testing, and threat … modelling. Collaborate with cross-functional teams to implement security best practices and ensure compliance with industry standards and regulations. Cyber Exposure Risk Management: Identify, analyse, and prioritize cyber exposure risks across the organization's infrastructure, applications, and systems. Develop and implement strategies to mitigate risks, including patch management, configuration management, and secure coding practices. Monitor and respond More ❯

Security Operations Securely manage M365 & Azure resources, implementing comprehensive security policies and initiatives. Implement security measures and controls for EUC environments, including endpoint security, access controls, and device management. Vulnerability Management Conduct and oversee regular vulnerability assessments on systems, networks, and applications. Identify, analyse, and prioritise vulnerabilities based on risk and potential impact and utilise threat intelligence … analysis to determine the risk posed by identified vulnerabilities. Collaborate with the IT MSP to develop and implement remediation plans, drive remediation efforts and identify improvements in the vulnerability management program. Monitor and track the status of identified vulnerabilities and ensure timely resolution. Security Monitoring and Incident Response Leverage Microsoft Defender EDR/XDR and other security tools More ❯

JS11154CF £450 - 500 per day Infrastructure Engineer Location: London (4 days a week onsite) Type: Contract Our client is seeking an experienced Infrastructure Engineer with strong vulnerability management experience to join their dynamic IT team. This is a fantastic opportunity to play a key role in strengthening the organisation's cyber resilience and ensuring a secure, compliant IT … environment. Key Responsibilities: Automate patch management across servers, endpoints, appliances, and network equipment using tools like SCCM, Intune, and ManageEngine. Analyse vulnerabilities from Tenable scans, determine effective remediation strategies, and implement solutions. Lead the technical implementation of a new patch management platform and drive resolution of vulnerabilities outside SLA. Prepare risk acceptance submissions when direct fixes are not … feasible. Skills & Experience Required: Hands-on experience patching and hardening IT systems, including configuration-level vulnerability remediation. Strong knowledge of Microsoft technologies including Windows Server, SQL Server, Windows 10, Microsoft 365, and Azure. Experience managing GPOs, Azure Policies, and various patch management tools (e.g., SCCM, Intune, Ivanti). Familiarity with scripting, vulnerability management, and security tooling. More ❯

GCP) Hands-on with IaC tools (Terraform, Bicep, CloudFormation) and CI/CD pipelines Proficient in Python or Bash scripting Knowledge of cloud security best practices (e.g. IAM, encryption, vulnerability management) Familiar with Docker, Kubernetes, serverless, and event-driven architectures Comfortable working with both SQL and NoSQL databases A passion for engineering excellence and staying on top of … acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas. More ❯

cyber security into business operations Work across a range of industries and environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in … Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall methodologies Team leadership across on-site and remote teams Strong client stakeholder engagement from technical teams to board More ❯

cyber security into business operations Work across a range of industries and environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in … Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall methodologies Team leadership across on-site and remote teams Strong client stakeholder engagement from technical teams to board More ❯

Information Security strategy. - Ability to build strong relationships and collaboration across all levels of the organisation (including c suite). - At least 3-5 years experience in information security management, ideally operating at Head of level. - Expertise in developing, implementing, and enforcing security policies and standards Proficiency in creating, enforcing, and updating security policies and standards to maintain robust … security practices. - Strong experience in risk management, vulnerability management and security operations. - Strong familiarity with regulatory requirements (ISO 27001, GDPR, Cyber Essentials). - Professional certifications such as CISSP or CISM (highly desirable). Head of Information Security In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited More ❯

ll Be Doing Conducting Cyber Security Assessments and audits across Microsoft 365 and Azure environments Performing Cyber Essentials and Cyber Essentials PLUS audits in line with IASME standards Delivering vulnerability assessments, remediation, and penetration testing across infrastructure, networks, and applications Contributing to client reporting, assurance audits, and scoping security solutions Acting as an escalation point for security-related technical … work in a Managed Service Provider (MSP) environment A Strong understanding of Microsoft 365 & Azure Cloud Experience with technical audits and offensive security tools (e.g. Kali Linux) Familiarity with vulnerability management tools like Tenable or Qualys OSCP (Offensive Security Certified Professional) status Microsoft SC-200 and AZ-500 certifications Experience with Microsoft Defender suite (XDR, Endpoint, Cloud, Office … Good knowledge of Microsoft Sentinel SIEM Expertise with Azure Firewalls and Email Security Solutions (Mimecast, Egress) Experience with Endpoint Detection & Response (SentinelOne) and Vulnerability management tools (e.g. Tenable, Qualys) You will be part of a recognised, established and fast-growing MSP, regularly ranked among the best UK tech companies to work for. You will work alongside a collaborative More ❯

Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk … Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention … systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and More ❯

Cyprus, Greece, Hong Kong, Japan, and Singapore. Overall Job Purpose : The Junior Information Security Officer (JISO) will assist the Information Security team in implementing and maintaining the information security management system with the objective of managing risks to information assets to an acceptable level. The JISO will develop a good understanding of the information security policies, standards and procedures … organisation's technology landscape to help identify potential threats and vulnerabilities. Key Responsibilities: Assist in maintaining the information security standards, procedures and guidelines. Participate in the information security risk management process to identify, assess, treat and monitor risks. Manage information security incidents and events to protect information assets. Help develop and implement incident response plans and procedures to ensure … Assist with the quarterly cybersecurity ITSC and Board updates and key risk indicator reporting. Maintain the information security awareness training program and conduct phishing tests. Maintain the Privileged Access Management, Security and Event Management and Vulnerability Management systems. Assist in identifying security solutions that will be effective in mitigating risks to information assets. Manage the implementation More ❯