1 to 25 of 53 Permanent Vulnerability Management Jobs in London

a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role We're seeking a passionate and experienced Vulnerability Lead to shape and lead the creation and ongoing operation of our comprehensive vulnerability management program. This is a unique opportunity to establish a critical security function … define best practices, and significantly enhance our overall security posture. A key aspect of this role involves the end-to-end management and continuous improvement of the vulnerability management programme. This includes defining scanning strategies, conducting risk-based triage and prioritisation, overseeing remediation efforts, and providing actionable reporting to enhance the Engine's security posture. What you … ll get to do Conduct vulnerability scans regularly and proactively as needed. Validate findings and use a risk-based approach. Enrich findings with threat intelligence and business impact to determine exploitability. Be an enabler for resolver groups by triaging and prioritising vulnerabilities to facilitate timely resolution of outstanding findings using a risk based approach Track and manage remediation through More ❯

Vulnerability Engineer London - 2 days a week on site £90K + great benefits An impressive global media company is looking to hire a Vulnerability Engineer to take ownership of vulnerability remediation across a cloud and on-prem environment. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The … successful Vulnerability Engineer will drive and automate the vulnerability management programme across this business. This is a great opportunity for a passionate Vulnerability Engineer to build out a remediation programme and collaborate with a variety of stakeholders at all levels of this international superbrand Vulnerability Engineer Duties and Responsibilities The successful Vulnerability Engineer will … Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools. Create and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as NIST or ISO 27001. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed; this More ❯

Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . … s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and … Provide regular updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication More ❯

Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . … s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and … Provide regular updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

both technologists and engineers about the wide range of assets and risks our business has. Key Responsibilities Develop and implement a global OT cybersecurity strategy, aligned with enterprise risk management and business objectives. Lead design, deployment, operation and continuous improvement of security controls for OT environments, including ICS, SCADA, and IIoT systems. Partner with engineering, operations, and Technology teams … and compliance programs (NIST, IEC 62443, ISO 27001, etc.) for OT cybersecurity. Lead a high-performing OT cybersecurity team, developing our people as well as technology. Oversee OT-focused vulnerability management, solutions development, conformance support, and incident response. Engage with regulators, customers, and industry partners to maintain bps position as a leader in OT security. Advise senior leadership … role Relocation Assistance: Relocation may be negotiable for this role Remote Type: This position is a hybrid of office/remote working Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management Legal Disclaimer: We are an equal opportunity More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

to a sustainable, net zero world. We’re looking for a Head of I&T Service Operations. Based at our Paddington site, you’ll be responsible for the definition, management, implementation and delivery of I&T Operations and Service Management across the URENCO Group incorporating: • Delivering iterative Service Strategy and Innovation focussed on how a best in class … IT Operations function works in modern enterprises • Lead on IT Service Continuity planning and testing with multiple outsourced service providers • Manage relationships with partners and service providers including contract management and continual service improvement • Leadership grounded in ITIL/ISO global standards for all I&T operational services • Stakeholder management specifically in reference to Service Outages, Testing Services … and Project Transition to Service • Service Protection in direct delivery of appropriate vulnerability management, risk management and patching services • Lead the management and operation of cloud and SaaS based subscription services • Financial planning for all Operational Services including renewals and upgrades of infrastructure and applications as required • Accountability for Monthly Global Service Reviews for all suppliers More ❯

Cyber Security Engineer CyberSec Engineer/IT Security Specialist – Disaster Recovery, Resilience Testing, CyberSec Improvements, Vulnerability Scanning/Management, Infrastructure, Nutanix, Commvault, VMware, Azure, PowerShell, Python; Law Firm, Permanent, London/Hybrid (3/2). £80k - £95k (On Experience) +Bonus +Benefits Global Low Firm seeks experienced Cyber Security Engineer/IT Security Specialist to join the IT … infrastructure tooling and at least one scripting language (PowerShell or Python preferred). Experience with Nutanix, VMware, Commvault, and hybrid cloud platforms Azure (preferred), AWS or GCP. Understanding of vulnerability management, monitoring, and orchestration tools. Relevant certifications such as Microsoft SC-200, Certified Ethical Hacker (CEH), CBCP/CBCI or equivalent. We are open to receiving applications from More ❯

As our Information Security Management Specialist (m/f/d) , you'll provide experienced support in the implementation and management of the Information Security Management System (ISMS) framework in alignment of current ISO 27001 standard and guidelines. With a focus on cybersecurity, this role involves leading risk assessments, ensuring alignment with industry standards and regulations, and … systems are assessed against Information Security criteria and operate in compliance with the instructional Information Security documentation. Conduct company-wide gap assessment of ISMS clauses and control implementation. Ensure vulnerability management, tracking and reporting. Collaborate with the IT department to set Information security standard for Cyber Security Support in preparing management Information Security reports and dashboards. Review … Multilingual skills are an advantage. Skilled proficiency in conducting risk assessments, analyzing security controls, and policy management. Excellent communication and interpersonal skills for collaborating with various stakeholders. Strong project management skills for handling security initiatives. Strong familiarity with aspects related to information security. Strong knowledge of ISO 27001 and further relevant standards. What we offer you An agile company More ❯

in aligning on best practice, and delivering improvements in our security posture. Key Responsibilities Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling … across the business Protecting the data entrusted to us by our clients at all times Requirements Managing technical risks and proposing solutions and recommendations Security Operations procedures, i.e. Incident management and response Configuring, optimising and reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but experience of … Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to suit you and your lifestyle! Out of a More ❯

plans, ensuring a proactive and preventative security posture. Establish and mature a global Security Operations Centre (SOC) to strengthen detection, monitoring, and incident response capabilities. Lead enterprise-wide threat management initiatives , addressing vulnerabilities, mitigating risks, and reducing the likelihood and impact of cyber threats and attacks. Act as the principal security SME , providing leadership and oversight across Cloud Security … Product Security, GRC, Enterprise Security, and IT. Partner with senior IT leadership and business executives to embed security principles within operations, digital transformation, and corporate strategy. Cyber Governance & Risk Management: Enhance and maintain the organisation's Information Security Management Framework (ISO27001, NIST). Oversee vulnerability management, audits, incident response, and disaster recovery processes. Ensure compliance with … all applicable regulations and standards across global jurisdictions. Operations & Performance: Oversee selection, implementation, and monitoring of appropriate security technologies and controls. Deliver timely management information, risk analysis, and performance reports to support executive decision-making. Manage budgets effectively and monitor return on investment for all security initiatives. Key Outcomes & Success Measures Zero material cyber incidents impacting the business. Implementation More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development We are seeking a highly experienced Head of Cyber Security to lead the delivery of a best-in-class security posture within a large, complex public sector organisation. This … experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident response, threat detection and vulnerability management activities. Strong leadership and stakeholder management skills, with the ability to engage senior executives, boards, and technical teams alike. Experience influencing and embedding a culture of … step up into a "Head of" role. Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do More ❯

world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They … Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to … such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary More ❯

This is a role for an engineer who loves to build, automate, and solve complex security problems through code. You'll be working on projects covering identity and access management, cloud and network security, vulnerability management, security monitoring, security hardening, compliance reviews, and more. It's a very varied role with lots of close interaction with the … tooling to enforce security controls and simplify compliance (e.g., automating evidence collection for frameworks like SOC 2, ISO 27001, or PCI DSS) Build, manage, and automate identity and access management controls to ensure secure access to our cloud platforms and applications Write and review Infrastructure-as-Code (Terraform) to securely configure our AWS and GCP environments Secure our CI … of container runtimes Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs Understanding of integrating security into the software development lifecycle Experience in Cryptography management & enhancements Experience configuring and utilising cloud-native security logging, monitoring, and detection services Experience performing secure code reviews and security approvals including the use of static and dynamic application More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯

CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: Incident Response & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies, and/or Asset isolation tools • Experience with cloud environment • Networking More ❯