1 to 25 of 63 Permanent Vulnerability Management Jobs in the South East

Vulnerability Management Architect - Product Selection and Design 5 Month Contract - Outside IR35 Hybrid - travel to Bracknell and London, Pimlico as and when required Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in … modernising the company's vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework. Accountabilities: Explore and document our baseline vulnerability management architecture Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will … evaluate the drivers and benefits for change Provide market assessment as appropriate, partnering with our procurement teams as needed Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic) Compile vendor solution options to address the above (with More ❯

at the heart of the global economy! The Department for International Trade (DIT) and Inspire People are partnering together to bring you an exciting opportunity for a Threat and Vulnerability Manager to protect DIT and the wider UK government from cyber threats in a fast paced and exciting role, responsible for the Vulnerability Management and Threat Hunting … Salary is dependent on location and technical skills as assessed at interview. Flexible, hybrid working from London, Salford, Birmingham, Cardiff, Darlington, Edinburgh or Belfast. As the Cyber Threat and Vulnerability Manager you will be helping to protect DBT and the wider UK government from cyber threats in a fast paced and exciting role.? Reporting to the Head of Cyber … Security Operations, the Cyber Threat and Vulnerability Manager will manage and be responsible for the Threat and Vulnerability Management function within the SOC, by providing leadership on identification and improvement opportunities, and ensuring service owners are aware of weaknesses in their security posture and are empowered with the right information to take appropriate actions. A healthy curiosity More ❯

and proactively. The ideal candidate thrives with minimal oversight, takes ownership of tasks, and can translate high-level project outcomes into actionable deliverables. You will be working on Asset & Vulnerability Management solutions within the OT (Operational Technology) space , supporting initiatives to enhance cyber and operational resilience. Key Responsibilities: Work closely with the Project Manager, receiving high-level direction … and defined outcomes. Independently plan, analyze, and execute tasks to meet project goals. Gather, document, and validate business requirements for Asset & Vulnerability Management solutions. Translate complex operational and technical processes into clear, actionable requirements. Collaborate with technical teams and stakeholders to ensure requirements are understood and implemented effectively. Provide proactive insights, recommendations, and risk assessments relevant to Asset … Vulnerability Management initiatives. Contribute to project documentation, status reports, and presentations with minimal oversight. Experience & Skills Required: Proven experience as a Business Analyst, ideally in Asset & Vulnerability Management projects. Strong understanding of OT environments and associated cybersecurity considerations. Ability to work independently and take initiative, with minimal day-to-day supervision. Excellent analytical, problem-solving, and More ❯

We are seeking a highly experienced and strategic senior leader to oversee our Cyber Engineering, Identity & Access Management (IAM), and Data Loss Prevention (DLP) functions. This role will be responsible for driving the design, delivery, and governance of enterprise-wide security engineering solutions, while ensuring secure, scalable, and resilient identity and data protection services. The ideal candidate will combine … deep technical expertise with strong leadership skills to shape the future of cybersecurity, identity, and data protection within the organization. This position is designated as a Senior Management Function (SMF) under the Financial Conduct Authority regime, carrying personal accountability for compliance, operational resilience, and security effectiveness. The Role: Strategic Leadership Define and execute the global strategy for Cyber Engineering … NYDFS), Sarbanes-Oxyley (SOX), and the Financia Conduct Authority(FCA). Cyber Engineering Oversight Lead engineering teams responsible for core security platforms, including endpoint protection, cloud security, network defense, vulnerability management, and DevSecOps integrations. Build and mature a comprehensive vulnerability management program, including continuous scanning, risk-based prioritization, remediation tracking, and Board-level reporting. Drive innovation More ❯

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related Field [Preferred More ❯

and maintain the organization's information security strategy, policies, standards, and procedures in alignment with business objectives and regulatory requirements. Lead the development and implementation of an Information Security Management System (ISMS), based on ISO 27001 Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate mitigation strategies. Stay up-to-date with the latest cybersecurity threats, trends, technologies … Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response … ensure security is embedded in the design, implementation, and maintenance of all IT infrastructure, including cloud environments (e.g., Azure, AWS, GCP), networks, servers, and endpoints. Manage access controls, identity management (e.g., Entra ID/Azure AD), and privileged access management (PAM) systems. Manage access control processes to 3rd party applications, and 3rd party relations. Oversee the patching and More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

role for someone who enjoys implementing business-appropriate structure & process improvement, whilst balancing strategic problem-solving. Key Responsibilities Security Lead and manage customer questionnaires and client audits Oversight of vulnerability management and ensure remediation across environments is in line with company policy Oversight of applicable SIEM and monitoring process to ensure that security response is in line with … enable transparent, informed decision-making Coordinate external audit processes, including ISO 27001, ISO9001 Oversight of the asset register for all customer environments to support audits and effective control Risk Management Manage project compliance risks (including privacy, compliance and security risks), proactively identifying issues before they escalate Assess and mitigate third-party and supply chain security risks, ensuring partners meet … robust standards in line with company policy Oversight of change management processes, ensuring major software or infrastructure changes are performed in line with company policy Partner with business units to embed risk management into day-to-day decision-making Maintaining the Risk Register, tracking remediation tasks and preparing risk reports Customer Engagement Serve as the internal point of More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement: Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management: Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

on strengthening our security posture through technical expertise and cross-departmental collaboration. You will report into the IT Information Security Manager with expected collaboration with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to … wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report/escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create More ❯

on strengthening our security posture through technical expertise and cross-departmental collaboration. You will report into the IT Information Security Manager with expected collaboration with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to … wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report/escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create More ❯

and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible for designing, implementing and maintaining … CrowdStrike or Elastic • Proven ability to build and tune detection rules, dashboards and automation playbooks • Knowledge of scripting or automation using KQL, PowerShell, Python or similar • Familiarity with log management, APIs and data normalisation • Understanding of cloud security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving … CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to threat hunting, vulnerability management or red team automation What You’ll Get • Competitive salary £65,000 to £85,000 depending on experience • Hybrid and flexible working arrangements • Funded training and certification More ❯

services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through a powerful mix of Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a world class Security Advisory function. As a Senior SOC Analyst, you will take a leading role in identifying, investigating … and a collaborative mindset Passion for learning and knowledge sharing Desirable Experience Experience with scripting or automation using PowerShell, KQL or Python Exposure to threat hunting, threat intelligence or vulnerability management Experience mentoring or coaching junior analysts What You’ll Get Competitive salary £40,000 to £55,000 depending on experience Hybrid working and flexible hours Funded training More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

security initiatives, influence secure design standards, and mentor colleagues in best practices. Key Responsibilities Lead application and cloud security initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls … hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity with security frameworks and principles such as Zero Trust and risk-based More ❯

Cyber Security Engineer CyberSec Engineer/IT Security Specialist – Disaster Recovery, Resilience Testing, CyberSec Improvements, Vulnerability Scanning/Management, Infrastructure, Nutanix, Commvault, VMware, Azure, PowerShell, Python; Law Firm, Permanent, London/Hybrid (3/2). £80k - £95k (On Experience) +Bonus +Benefits Global Low Firm seeks experienced Cyber Security Engineer/IT Security Specialist to join the IT … infrastructure tooling and at least one scripting language (PowerShell or Python preferred). Experience with Nutanix, VMware, Commvault, and hybrid cloud platforms Azure (preferred), AWS or GCP. Understanding of vulnerability management, monitoring, and orchestration tools. Relevant certifications such as Microsoft SC-200, Certified Ethical Hacker (CEH), CBCP/CBCI or equivalent. We are open to receiving applications from More ❯

and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. … and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment … platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Ability to analyse complex technical and security issues, identify root causes and implement More ❯

Sr. Cloud Security Architect professionals to be part of leading-edge technology projects. Cognizant's Cloud, Infrastructure & Security Services Practice provides end-to-end solutions covering architecture, design, implementation, management, and on-going support across the entire enterprise technology infrastructure. Our services include a spectrum of management, consulting, and systems integration services to help our clients maximize value … Shield Advanced, AWS Secrets Manager, AWS Inspector, AWS Macie, AWS GuardDuty, AWS Detective, AWS CloudTrail, and AWS Security Hub. Ensure cloud environments meet organizational and compliance security standards, Firewall Management Manage, configure, and troubleshoot Checkpoint Firewall to maintain network perimeter security and prevent unauthorized access, Infrastructure as Code (IaC) Develop and maintain IaC using AWS CloudFormation or Terraform for … automated deployment, configuration management, and consistent infrastructure provisioning. Security Configuration and Optimization Configure and optimize security measures, including IAM policies, security groups, network access controls, and encryption protocols. Monitoring and Incident Response Monitor AWS security alerts and incidents using AWS tools. Respond to and mitigate threats in real-time, conducting post-incident analysis and documentation. Risk and Compliance Management More ❯

systems proactively for suspicious activity. Maintain and update cyber security procedures and documentation. Provide IT support when required, including first, second, and third line assistance. Attend monthly cyber/vulnerability meetings and contribute expertise as needed. Essential Skills & Experience: Minimum 2 years' experience in an IT security-related role ???. Experience with vulnerability management and reporting tools. … verbal communication skills to explain risks to both technical and non-technical stakeholders. CompTIA Security+ or equivalent qualification ??. Desirable: Experience with SIEM systems, EDR, IDS/IPS, and vulnerability scanners. Previous experience in a law firm or professional services environment. Familiarity with Practice Management Systems (PMS) and Document Management Systems (DMS). Personal Attributes: Methodical, thorough More ❯

managing and enhancing the IT and Information Security risk landscape. Reporting directly to the Head of Risk and Assurance, you will play a key role in embedding effective risk management practices across the company's technology and cybersecurity domains. As a Risk & Assurance Manager, you'll be responsible for and have ownership for: Partnering with senior IT, Security, and … business leaders to embed risk management practices into operational processes and strategic initiatives. Owning and maintaining IT Risk and Control Matrices (RCMs) , ensuring they remain current, comprehensive, and aligned with industry standards and audit expectations. Reviewing effectiveness of first line functions in testing and validation of key IT controls (e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes (e.g., ISO 27001, Cyber Essentials, ISO22301, etc.), acting as the primary point of More ❯

for an Information Security Officer to lead the organisation's security strategy, operations, and compliance efforts. This hands-on role blends strategic security architecture with day-to-day operational management and regulatory compliance oversight. The ideal candidate will establish and maintain security standards across the product portfolio, oversee secure system environments, and act as the primary contact for ISO … for new features and system changes. Evaluate and recommend security technologies and tools. Operational (40%) Manage security environments across Azure and AWS infrastructure. Lead incident response efforts and coordinate vulnerability remediation activities. Manage continuous security monitoring, alerting, and detection systems. Administer vulnerability management and penetration testing programs. Maintain strong identity, access, and privilege management controls. Compliance More ❯

Kubernetes platforms (AKS/EKS/GKE), service mesh (Istio/Linkerd), ingress, and autoscaling. Implement CI/CD (GitHub Actions/Azure DevOps/GitLab), environment promotion, secrets management, artifact repos. Security & Compliance Define guardrails (CIS benchmarks), cloud security posture management (Defender for Cloud, AWS Security Hub, GCP SCC). Vaulting and KMS (AWS KMS, Azure Key … Vault, GCP KMS), key rotation, data classification & encryption. Threat modelling, zero trust patterns, vulnerability management, incident runbooks. Data & Integration Reference architectures for streaming/batch (Kafka/MSK, Event Hubs, Pub/Sub), data lakes, warehouses (BigQuery, Synapse, Redshift), ETL/ELT. API strategy (APIM/API Gateway/Apigee), messaging (SQS/SNS/Service Bus/…/SLIs, error budgets. Governance & Cost Landing zone governance, tagging/labels, budget alerts, reserved/savings plans. Operating model definition (RACI), platform backlog, roadmap, and risk management. Stakeholder Management Run workshops, architecture reviews, and design clinics. Collaborate with InfoSec, Network, Data, and App teams; mentor engineers. Required Experience 8+ years in cloud architecture/engineering; 3+ years multi More ❯