6 of 6 Permanent Vulnerability Management Jobs in Reading

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. This role requires an understanding of TVM concepts, technologies … Tester Help support and develop an internal penetration testing function. Conduct network, application penetration testing, code and security reviews. Identify and exploit vulnerabilities through proof-of-concept testing. Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained. Responsible for supporting the creation of the operating model … for vulnerability management, that it is shared, agreed and operates effectively across the business. Develop and maintain penetration testing documentation, policies, and procedures. Integrate cybersecurity solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure. Evaluate and recommend technologies, tools, and vendors to meet business needs. Investigate newly identified cybersecurity vulnerabilities and provide appropriate mitigation actions. More ❯

by Three and its partners, ensuring that effective governance and technical assurance can be performed. Maintain and improve the use of artefact templates. Ensure that there is effective capacity management and planning in place for the security services and solutions assigned to you and ensure that the solution is incorporated into the 18-month technical and budget roadmap for … capacity expansion and service improvement. Support the Programme and Project Manager in project planning, risk and issue management and the budgeting process. Our people make us who we are. We're a diverse and inclusive bunch, and it's important you can feel you belong here. We value everybody for who they are and what they bring to the … exploit these vulnerabilities Experience in one or more of the following technical domains: Cloud/Hybrid security, Infrastructure and data centre security, Network security, Application security, Identity and access management, Vulnerability Management Expertise in defining and then governing the delivery of security contractual/business outcomes and know how to influence/negotiate technical outcomes with 3rd More ❯

a leadership role within Defra's operational IT function, Group Infrastructure and Operations (GIO). The role requires demonstration of deep and wide-ranging IT leadership skills in service management and strategic direction setting of the Service Operations functions. The Head of Service Operations is responsible for the effectiveness of operational IT services and user support to ensure optimum … strategy, to remain effective whilst supporting modern service delivery approaches, including Agile and DevOps. As such the role requires the ability to function seamlessly between strategic thinking and operational management of live services. The role's level of operational responsibility is high and includes leading through major disruption at times of major incidents including cyber security ones. As a … be required to develop strong relationships with Defra group's delivery bodies and Arms Length Bodies (ALBs) in order to deliver core IT services as part of the Service Management Operating Model. Key Responsibilities Primary responsibility is to ensure service availability is maintained at required levels, and in doing so own the responsibilities of: Sets the vision, and strategy More ❯

everything we dofrom infrastructure to application design. Key Responsibilities Design and implement security controls across cloud platforms (AWS, Azure, or GCP) Develop and maintain security tooling for threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into CI/CD … and documentation What Were Looking For Proven experience as a security engineer with a strong background in cloud security (AWS, Azure, or GCP) Solid understanding of networking, identity & access management, and encryption technologies Hands-on experience with tools like Terraform, Kubernetes, SIEM platforms, and security scanners Familiarity with DevSecOps practices and modern CI/CD pipelines Strong scripting or More ❯

templates, and standards. Assist in the development and localisation of standard test scripts, ensuring they are tailored to specific control environments and aligned with the organisation's Enterprise Risk Management Framework. Conduct control testing activities to evaluate the design and operational effectiveness of assigned controls, documenting results clearly and raising issues where appropriate Ensure timely delivery of assigned control … in this role, the essential criteria you'll need are: Proven experience in performing control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, risk management, and control frameworks. Experience in IT, OT and Cloud environments. Clear and professional verbal and written communication, including the ability to explain technical issues to non-technical audiences. Ability … minimal supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy. Strong understanding of Cyber Security Domains including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to have More ❯

building out something exciting, with a fantastic long term career path, then this is the role for you! Within this role you will: Lead and evolve the cybersecurity risk management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO … NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans, implement corrective actions, and report on key risk indicators and control effectiveness. Drive continuous improvement of cybersecurity policies and practices, while fostering strong relationships to embed a risk … and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication and stakeholder management, including experience presenting risk insights to senior leadership and working across technical and business teams. Proven experience in cybersecurity disciplines, ideally 5-7 years in roles covering risk management More ❯