19 of 19 Permanent Vulnerability Management Jobs in the Midlands

Life on the team The Vulnerability Governance Analyst role will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security … incident procedures Build, manage and update Vulnerability Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident … management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical and non-technical teams to coordinate changes and More ❯

work as part of a team providing a range of capabilities and may operate across one or more contexts including the following: Hosting environments and landing zone management. Security, management, governance and automation of DfE's centrally managed hosting environments and cloud landing zones. Includes design, build, operate and maintain core cloud computing IT infrastructure services, ensuring that they … and that they continue to meet requirements. Managed infrastructure service. Build, operate & maintain cloud and on-premises infrastructure resources for business applications. Updates and patching, back-up & restore, security vulnerability management, capacity management, service optimisation, incident resolution, request fulfilment, service controls, and asset management. Service improvement. Develop new, and enhance existing IT infrastructure products, services or processes … Service (PaaS), and Infrastructure as a Service (IaaS) so that the Department and its partners can embrace the government's Cloud First policy. Create and sustain modern deployment and management standards, practices, and techniques for our cloud resources. Lead, support, coach, and mentor less experienced Infrastructure Engineers in managing, supporting and maintaining the Department's infrastructure. Advocate user-centric More ❯

security alerts from various tools such as WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance … initiatives (e.g., ISO 27001, NIST, GDPR). Document incidents, procedures, and technical findings clearly and accurately. Ensure timely management and resolution of tickets, both internal/partner and third-party suppliers. Remain up to date with the latest security threats, trends, and technologies. Skill Requirements: Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network … Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for automating security tasks. Cloud Security: Knowledge of MS Azure. Privileged/Identity& Access Management More ❯

Engineering expertise in at least one of these core areas: Email Security: e.g. Secure Email Gateways, Phishing Protection Cloud Security: e.g. Cloud Access Security Broker (CASB), Cloud Security Posture Management (CSPM) SaaS Security: e.g. SaaS Security Posture Management (SSPM) Internet Security : e.g. Zero Trust Network Access (ZTNA), Secure Web Gateway (specific experience with zScaler would be particularly beneficial … might mean flexible or compressed hours, job sharing or shorter hour contracts, where possible. Please discuss this further with the hiring manager during your interview. Similar Jobs (1) Senior Vulnerability Management Analyst locations Bracknell posted on Posted 10 Days Ago At the John Lewis Partnership we're not just employees, we're co-owners, and that's why More ❯

with the outsourced SOC service provider and respond to alerts, incidents and other support requests Implement and enforce security best practices across infrastructure, systems and access control. Conduct regular vulnerability assessments and assist in remediation planning. Monitor and respond to threats via the Darktrace Dynamic Threat dashboard. Support compliance with ISO27001, GDPR, and other regulatory or audit requirements, working … service quality Essential Skills Proven 3rd Line Support Experience with strong focus on Microsoft 365 stack Strong knowledge of managing Azure AD, conditional access, virtual networks, MFA, SSO, Identity management and subscription governance. In-depth experience administering Exchange Online, SharePoint, Teams, Intune and OneDrive for Business. Strong hands-on knowledge of Information Protection and DLP, eDiscovery and Purview, Insider … Risk Management, Defender for Cloud, Defender for Endpoint, Defender Vulnerability Management, Microsoft Sentinel, Azure Log Analytics, Azure Backup and Recovery, Azure VMs Knowledge of DNS, DHCP, VPNs, firewalls, and IP routing in cloud environments. Hands-on knowledge with secure data exchange using SFTP and other technologies Understanding of ISO27001 and GDPR; familiar with enforcing security policies and More ❯

those related to physical security. Maintain and enhance the security posture of servers for both existing and new applications, on-premise and in Azure cloud environments. Monitor and manage vulnerability scanning tools, address findings, and coordinate remediation efforts with infrastructure and development teams. Support the development, testing, and annual validation of disaster recovery and backup plans. Create and maintain … To Be Considered for This Role, You Will Need: Cybersecurity Experience: Demonstrated experience in implementing and managing security controls across hybrid environments. Familiarity with endpoint protection, threat detection, and vulnerability management tools. Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents. Skilled in structured analysis and incident remediation to ensure rapid recovery. Threat Awareness … Clear and confident verbal communication skills, including the ability to explain technical information to non-technical audiences. Proficient in written communication, including technical documentation, reports, and presentations. Strong time management and organisational skills to balance multiple priorities and meet deadlines. Capable of managing competing demands and shifting priorities in line with business objectives. High attention to detail and a More ❯

to security events and incidents, as well as spearheading engaging user awareness campaigns and training sessions. In addition, you'll play a vital role in supporting the implementation and management of identity, access, and threat management controls throughout our IT environment. Identify, analyse, and respond to security events and incidents, escalating as per the incident response plan. Develop … and deliver IT Security Education and Awareness materials for the entire organisation. Support IT Security Penetration Tests, Assessments, and audits, resolving findings promptly. Analyse vulnerability scans and provide recommendations to prioritise corrective actions. Continuously identify and implement security measures and improvements. Collaborate with Service Line Leads to review and update IT security guidelines and policies. Assist in executing projects … Strong understanding of Active Directory (AD) and Entra ID (Azure AD), MFA, SSO, conditional access, Azure RBAC, PIM Experience with the following products and technologies: Microsoft Defender, Exchange Online, vulnerability management tools, phishing simulation tools Experience creating policies, procedures and response plans Excellent communicator with the ability to reduce complex issues and ideas to simple terms and express More ❯

to security events and incidents, as well as spearheading engaging user awareness campaigns and training sessions. In addition, you'll play a vital role in supporting the implementation and management of identity, access, and threat management controls throughout our IT environment. Identify, analyse, and respond to security events and incidents, escalating as per the incident response plan. Develop … and deliver IT Security Education and Awareness materials for the entire organisation. Support IT Security Penetration Tests, Assessments, and audits, resolving findings promptly. Analyse vulnerability scans and provide recommendations to prioritise corrective actions. Continuously identify and implement security measures and improvements. Collaborate with Service Line Leads to review and update IT security guidelines and policies. Assist in executing projects … Strong understanding of Active Directory (AD) and Entra ID (Azure AD), MFA, SSO, conditional access, Azure RBAC, PIM Experience with the following products and technologies: Microsoft Defender, Exchange Online, vulnerability management tools, phishing simulation tools Experience creating policies, procedures and response plans Excellent communicator with the ability to reduce complex issues and ideas to simple terms and express More ❯

major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and … Manager in review of any service delivery processes and workflows, identifying areas for optimization and implementing best practices. Co-ordinate the running and reporting of a risk-based vulnerabilities management including: Scanning systems, networks, and applications to detect potential security weaknesses. Prioritize vulnerabilities based on their risk level, potential impact, and the criticality of the affected assets, ensuring that … challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security More ❯

across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role Are you … across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands More ❯

across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role Are you … across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands More ❯

SIEM and XDR, ensuring rapid detection and resolution of security incidents. Collaborating in an Agile environment with multiple teams to embed security best practices throughout the business. Conducting regular vulnerability assessments, supporting patch management, and improving our overall security posture. Creating and maintaining clear, concise documentation for security processes, configurations, and incident response procedures. Participating in the Information … systems (Windows based, AD, DNS, DHCP, etc) Familiarity with SIEM and XDR tools for threat detection, monitoring, and incident response. A solid understanding of network security, identity and access management (IAM), and vulnerability management. A proactive mindset with a passion for staying ahead of emerging threats and evolving security practices. Strong communication skills - able to explain technical concepts More ❯

are operating effectively. Provide technical advice to product owners on future visions, strategies and roadmaps aligned with IAG Lead a team of cyber engineers, providing both technical and line management support Forecast and manage cyber resourcing across multiple products, ensuring cost alignment and consistency in approach Ensuring timely and effective resolution of Engineering incidents on BA Cyber products Maintain … detailed documentation of BA security policies, procedures, and incidents What you'll bring to British Airways: High proficiency in Security Tools and Technologies, such as; SIEM, Vulnerability Management, EDR and Identity Experience in leading and mentoring a team of security professionals and an ability to foster a collaborative and learning-oriented environment Proven track record of implementing and More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

builder to streamline and strengthen how security gets done. Respond to incidents with confidence, contribute to security audits, and answer client queries like a pro. Harden our systems: lead vulnerability management, champion new security policies, and help us stay two steps ahead of threats. Always be learning-dive into the latest security tools and trends, and shape our More ❯

WHAT DO YOU NEED TO BRING TO SONEPAR UK? • Technical Cybersecurity Expertise: Demonstrated experience in implementing and managing security controls across hybrid environments, including endpoint protection, threat detection, and vulnerability management tools.• Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents, minimizing impact and ensuring rapid recovery through structured analysis and remediation.• Threat Awareness More ❯

team members Ensure accurate documentation and incident records Participate in team meetings and contribute to service improvements Use monitoring tools to track and resolve incidents Support compliance, patching, and vulnerability management Liaise with 3rd Line teams to drive service enhancements Deliver small project work to customer timelines What you'll need We're looking for a team player More ❯

responsible for driving the technical direction, team growth, and execution of software initiatives that support our business goals. The ideal candidate combines deep technical expertise with strong leadership, project management, and cross-functional collaboration skills. We are ideally looking for someone who can primarily be office based, with flexibility for home working when required. Key Responsibilities * Lead and mentor … and resource plans. * Serve as the technical voice in executive discussions and strategic planning. * Ensure all systems and software meet internal standards and external compliance requirements. * Oversee incident response, vulnerability management, and disaster recovery plans. As a visionary and strategic technology leader, the Director of Software Engineering is responsible for shaping and executing the software development strategy that More ❯

development, you will follow best practices to ensure that both new and existing code is secure and maintainable, following best practices for secure design, secure coding, security testing, and vulnerability management. Key skills a successful applicant must demonstrate A deep understanding and knowledge of WordPress from theme and plugin development Core skill set of PHP, HTML 5, CSS … and JavaScript with a demonstrable track record of systems delivery in this stack. Comfortable using version control (git) collaboratively, following branch strategies and pull-request based change management workflows. Understanding of the importance of Information Security and best practices for developing secure applications and websites. Familiarity with Scrum, Agile and Waterfall development methodologies. Sub-set of skills and appreciation More ❯