15 of 15 Permanent Vulnerability Management Jobs in Scotland

Delivery & Operations function. Our Service Delivery & Operations function operates in accordance with ITIL best practice and Group Global standards for Service Desk operation, Request Management, Change Management, Incident Management, Configuration Management, Problem management, Disaster Recovery, Site Management and Reporting. What will you be doing … the relationships between CIs and the services they support. Continuous improvement will also be required to document the existing process and identify improvements. Asset Management – Maintaining an accurate inventory of all IT Assets. Establish process documentation with defines the audit process to verify data accuracy. Working with disparate teams … to ensure compliance with existing IT Controls & Policies. Configuration Management –Defining the process for regularly auditing and maintaining the CMDB in its entirety. Support IT Service Management by providing accurate configuration data, which will supplement improvement actions. Lifecycle Management – Monitoring the lifecycle of IT Assets from acquisition More ❯

Morgan Hunt are currently recruiting for the University of Glasgow, who require a Threat and Vulnerability Analyst on a permanent basis. The Threat and Vulnerability Analyst will lead and support the organisation's vulnerability management operations. This involves using specialist tools to identify, assess, and respond … threat intelligence to enrich assessments and spot emerging risks. Key Responsibilities: Monitor multiple threat intelligence sources to identify emerging risks and recommend mitigations. Oversee vulnerability scanning processes, ensuring compliance across all assets. Evolve and embed the organisation's vulnerability policy and strategic direction. Operate and manage security infrastructure … focusing on vulnerability and endpoint protection tools. Collaborate with technical and business units to ensure the integration of vulnerability solutions. Act as a subject matter expert, supporting threat reporting and coordinating technical remediation with peers. Plan and oversee remediation efforts based on risk analysis and organisational priorities. Design More ❯

ensuring that organisational security is constantly improving amidst ongoing IT transformation projects, and who has a wide range of security skills, including system security, vulnerability management, access management and data protection. Day-to-day of the role: Work within IT strategy teams across the organisation on all … and conduct investigations. Manage security certificates and plan the removal of outdated systems. Participate in various audits (internal, client, financial, external) and provide quarterly management reports. Ensure the security of the supply chain and stay updated with current cybersecurity trends and best practices. Research and implement best solutions and … Proven experience in Senior/supervisory IT Security roles, ideally managing a team. Strong technical background in IT security, including network routing, firewalls, access management, and endpoint security. Familiarity with security best practices and standards, including NIST, CIS and ISO. The ability to identify gaps in the organisations security More ❯

ensuring that organisational security is constantly improving amidst ongoing IT transformation projects, and who has a wide range of security skills, including system security, vulnerability management, access management and data protection. Day-to-day of the role: Work within IT strategy teams across the organisation on all … and conduct investigations. Manage security certificates and plan the removal of outdated systems. Participate in various audits (internal, client, financial, external) and provide quarterly management reports. Ensure the security of the supply chain and stay updated with current cybersecurity trends and best practices. Research and implement best solutions and … Proven experience in Senior/supervisory IT Security roles, ideally managing a team. Strong technical background in IT security, including network routing, firewalls, access management, and endpoint security. Familiarity with security best practices and standards, including NIST, CIS and ISO. The ability to identify gaps in the organisations security More ❯

months Inside IR35 A small Edinburgh Financial Services organisation is currently seeking an experienced Information Security Analyst or Engineer with a strong background in vulnerability management , to join their team on an initial 6 month Contract. The Contract will involve assessing vulnerability reports and collaborating with cross … functional teams to ensure timely mitigation & to be successful, key knowledge & experience should include: Recent experience working as a Security Analyst, Security Engineer or Vulnerability Analyst with strong experience with complex information security projects . In-depth knowledge & expertise of Information Security standards, technologies & methodologies etc (e.g., ISO27001 ). … Strong grasp of security best practices , risk management , and compliance . Particular focus on Vulnerability Management utilising SAST/DAST tools , especially Tenable . Familiarity with Azure DevOps for tracking work items. Ability to work independently and in agile teams. Excellent communication and stakeholder management skills More ❯

Morgan Hunt are currently recruiting for the University of Glasgow, who require a Threat and Vulnerability Specialist on a permanent basis. You will be responsible for supporting and operating the organisation's vulnerability management function. Uses scanning tools and threat intelligence to identify risks, drive remediation efforts … to improve security posture and develop policies, procedures, and reporting. Key Responsibilities: Monitor threat feeds to identify risks and propose mitigations. Manage and configure vulnerability scans; ensure policy compliance. Maintain and enhance vulnerability management policies and strategy. Operate key security tools (e.g., endpoint protection, scanners). Collaborate … apply insights to strategy. Essential Criteria: Knowledge & Qualifications: Relevant degree/HND or equivalent experience in a technical/security role. Strong understanding of vulnerability tools, techniques, and best practices. Skills: Able to solve complex problems independently. Strong planning, analytical, and communication abilities. Comfortable translating technical issues for non More ❯

will drive adoption of modern technology meeting HMRCs business driven need towards rationalised strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and/or services. Person specification Ideal candidate … security controls and services. Focused expertise to develop and lead within one or many security technology domains aligning capability to security tooling. Key stakeholder management experience across senior business and technical environments including vendors, partners and other government departments. Able to demonstrate a proven history of delivering high value … Innovation and Adoption: Research, validate, and adopt new technologies and methodologies, contributing to the organization's broader security technology strategy. Governance, Mentorship, and Stakeholder Management: Represent the organization at governance boards, provide peer reviews and mentoring, and build strong relationships with stakeholders across the civil service, departments, suppliers, vendors More ❯

sense of purpose behind it. You'd be joining a close knit but globally connected InfoSec function, with a specific focus on Attack Surface Management and Vulnerability Management . It's a hands on, technical role where you'll be responsible for leading the charge on identifying … covering everything from Mac and Linux, to Windows, Cloud, OT and Lab infrastructure. You'll be the go to person for running and improving vulnerability scanning architecture, working with tools like Qualys , CrowdStrike , and Splunk , and you'll collaborate across engineering and security teams to make real impact. You … to work with senior stakeholders and execs on making security decisions that matter. Ideally, you'll have: Strong experience across multiple InfoSec domains (vuln management, risk, incident response, etc.) A good understanding of modern security tooling; ideally hands on with Splunk, Qualys, CrowdStrike Knowledge of frameworks like NIST, ISO More ❯

Operational Technology Vulnerability Analyst - Hyrbid - Permanent We're working with a market leader in the UK's energy transition who is on a mission to deliver a zero-emission future—and they need a Vulnerability Analyst like you to help protect it. As a Vulnerability Analyst, you … in a regulated critical infrastructure environment where your insights will directly impact the company — from cloud infrastructure to industrial control systems. Key Responsibilities: Conduct vulnerability assessments across OT systems, networks, and assets. Evaluate and prioritise risks specific to industrial control systems (ICS), SCADA, and other OT environments. Collaborate with … and cybersecurity teams to mitigate vulnerabilities and drive remediation. Maintain awareness of emerging OT threats, vulnerabilities, and attack vectors. Assist in developing and enhancing vulnerability management processes and tooling tailored for OT environments. Qualifications: Experience performing vulnerability assessments in Operational Technology or industrial environments. Familiarity with OT More ❯

ensuring strong engagement with clients and internal teams 2-3 days per week in the office (Edinburgh or Glasgow.) Key Responsibilities:: Client Advisory & Relationship Management • Act as a trusted advisor to clients, providing expert cyber security guidance and ensuring compliance with industry regulations, frameworks, and best practices (e.g., FCA … a top business priority. • Identify key cyber security challenges and provide tailored solutions to mitigate risks and enhance resilience. • Support clients in cyber risk management, governance, and regulatory compliance, helping them to align their security strategies with business objectives and industry mandates. Strategic Leadership & Business Growth • Work closely with … clients, ensuring successful project delivery within agreed timelines and budgets. • Provide strategic oversight on a wide range of cyber security areas, including: Threat and vulnerability management Identity and access management (IAM) Cloud security and data protection Cyber incident response and resilience Security architecture and digital transformation initiatives More ❯

in-depth technical support for the identification, investigation, and resolution of security vulnerabilities and threats Work with internal support teams to advise and guide vulnerability remediation , improving organisational resilience Collaborate with the Group and the Information Security Leader to support key security processes and contribute to agreed security objectives … timely response, mitigation, and lessons learned 🧠 Skills & Experience Required Strong background in technical information security, with a focus on security controls, system hardening, and vulnerability management Demonstrated experience managing and operating enterprise-grade security tools and platforms (e.g., SIEM, DLP, endpoint protection, identity & access management) Familiarity with More ❯

in advisory capacity, to external audits and due diligence questionnaires. Key Technologies: Strong practical knowledge of M365 stack from a security perspective (Defender, Azure) Vulnerability Management Web Application Filtering DLP Cloudflare Secure File Transfer Firewalls Remote Access/VPN PKI Infrastructure DNS Email Gateways Security Audits ISO27001 Azure More ❯

architecture for IT security and end-user service domains, ensuring security is integrated into all aspects of the organisation's IT. Driving and facilitating vulnerability management and secure the design of IT services. Monitoring, identifying, resolution activities, and reporting IT security KPI's and incidents. Liaising with the More ❯

of systems security and maintain security compliance with internal security standards and external laws, regulations and industry schemes. Comprehensive knowledge of security testing and vulnerability management. Experience of leading and promoting a strong security culture and sharing cyber security knowledge and awareness. Proven success in delivering complex accountabilities with More ❯

for the represented network service capability. The network delivery lead represents all DXC Network Services seamlessly and provides a conduit between our DXC account management team, network operations, project, engineering, architecture, other DXC support groups, client counterparts, and other third-party network service providers or suppliers where required. The … reporting line to the account delivery executive (ADE) directly or through the account run lead (ARL) and a hard line to the Network Delivery Management Organization. Practice 'extreme ownership' of everything DXC network services manage, to an extreme degree. Be responsible for not just those tasks which you directly … DXC GNS should be accompanied by a formal Risk Acceptance Form or similar signed by the persons who have accepted the risk. Ensure proactive management of network performance and operability. Work with ASO to ensure compliance with contractually agreed security vulnerability management and or security report findings. More ❯