1 to 25 of 120 Permanent Vulnerability Assessment Jobs in the UK

is for you. What you will do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents … the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong … capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP/IP, and core network security principles. Proficiency in scripting and programming (i.e. More ❯

SIEM use cases: log ingestion, analytics rules, playbooks and workbooks. Deploy and manage Microsoft Defender solutions (Defender for Cloud, Defender for Servers, Defender for Containers) to harden Azure workload Vulnerability & Patch Management Operate vulnerability management tools to discover and prioritise flaws across cloud and on-prem systems. Define and run patch management processes for virtual machines, containers and … serverless functions. Integrate vulnerability scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI/CD pipelines. Security Analysis & Incident Response Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks and Logic Apps when required. CI/CD & Automation Integrate automated … services (IAM, networking, Key Vault). Proven track record configuring and optimising Microsoft Sentinel (SIEM) and Microsoft Defender tools. Familiarity with Azure Policy and Azure Blueprints for compliance enforcement. Vulnerability & Patch Management Practical experience with vulnerability scanners (Qualys, Tenable, or Azure Defender Vulnerability Assessment). Knowledge of patch management frameworks (WSUS, Azure Update Management, third-party More ❯

logging, cloud infrastructure security and policy-as-code.What You'll Do: Assess Acadian's cloud IAAS environments for Indicators of Misconfiguration (IOMs) utilizing AWS built-in and third-party assessment tools. Utilizing tools like AWS Config, Security Hub, Inspector, Guardduty, and Crowdstrike Falcon, assess monitor and prioritize remediation of Cloud security vulnerabilities. Develop and maintain tools to detect and … desired. Additional certifications such as CCNA/CCNP, AWS Security etc. desired. 10+ years of IT experience, ideally with some project management. Familiarity with AWS, infrastructure-as-code, firewalls, vulnerability assessment tools, DLP, TCP/IP, web content filtering, VPN, endpoint protection, password management/Vaults, log management and correlation, and device/application hardening. Understanding of API More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and more. Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The Role … ability to work collaboratively with clients and internal teams. Key Responsibilities Design, implement, and maintain security solutions to protect networks, applications, and data. Conduct security assessments, penetration testing, and vulnerability management. Monitor and respond to security incidents, ensuring swift mitigation and resolution. Develop and enforce security policies, procedures, and best practices. Perform security audits and risk assessments to identify … alignment with industry standards and regulations. Requirements Proven experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for security More ❯

Security Engineer, Vulnerability Management and Remediation Operations Job ID: Amazon Data Services UK Limited Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team! Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team … is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem. Key Job Responsibilities Analyse public and private vulnerability disclosures and exploit code. Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications. Investigate and triage vulnerabilities, identifying severity and the scope of potential … impact to Amazon. Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner. Engineer high quality, scalable, and accurate vulnerability detection mechanisms. Design and implement automation, tools and workflows to enhance our operations capabilities. Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring More ❯

cyber threats. What You'll Do Design and implement secure software solutions, applying security-by-design principles and recognised standards (ISO 27001, NIST). Conduct threat modelling, code reviews, vulnerability assessments, and penetration tests to identify and mitigate risks. Respond to security incidents, perform root cause analysis, and enhance incident response capabilities and documentation. Collaborate with developers and clients … to embed secure coding practices and provide expert security guidance. Contribute to team development through mentoring, knowledge sharing, and continuous improvement initiatives. Contribute to security assurance procedures and vulnerability analysis across systems and networks. Assist with defence security assessment and authorisation processes. What You'll Bring Experience in Cyber Security Analysting, ideally within defence, government, or critical infrastructure … sectors Strong knowledge of secure software development, security protocols, and cyber security principles Skilled in using vulnerability assessment and penetration testing tools (e.g. Nessus, Burp Suite) Familiarity with security frameworks (ISM, PSPF, ISO 27001) and tools like SIEM, IDS/IPS, and threat intelligence platforms Excellent problem-solving, communication, and collaboration skills, with strong attention to detail and More ❯

IT and engineering teams to implement security improvements. Stay current with Security product enhancements and manage implementation. Monitor security tools and systems for anomalies and potential incidents. Assist in vulnerability assessments and penetration testing coordination. Maintain and update security documentation, procedures, and controls. Analyse logs, reports, and security data to identify potential threats or vulnerabilities. Investigate and respond to More ❯

Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical More ❯

The Role: The Vulnerability Management Analyst is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Vulnerability Management Manager who reports to the Global Head of IT … Security. As a member of the ION Security team, you will build and lead a team of Security professionals specialising in Vulnerability Management along with managing the partners and technology vendor deliverables and of course building and owning the strategy to deliver a world class Vulnerability Management program. The candidate must understand their role in the broader vulnerability … of varying technical ability. The role would suit a technically strong candidate with an extensive cybersecurity background, at least 5+ years working in a security role, with focus on Vulnerability Management. Responsibilities: This role may require work-out of hours in support of 24x7 globally coordinated operation The primary responsibilities of this role are to: Personnel Management Align deliverables More ❯

business teams to monitor, analyse, and respond to evolving cyber threats, lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint More ❯

business teams to monitor, analyse, and respond to evolving cyber threats, lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint More ❯

business teams to monitor, analyse, and respond to evolving cyber threats, lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint More ❯

business teams to monitor, analyse, and respond to evolving cyber threats, lead forensic investigations, and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint More ❯

Technical Skills (some of these include): Operating Systems: Proficiency on Windows, Linux, and Unix environments. Database Management: Knowledge of SQL, Oracle, and other database management systems. Cybersecurity: Experience with vulnerability assessments, penetration testing, and incident response. IT Governance: Knowledge of ITIL, ISO 27001, and other IT governance frameworks. Software Development: Understanding of SDLC, DevOps practices, and application security. Data More ❯

protocols to identify vulnerabilities. Collaborate with engineering teams to propose remediation strategies. Cross-Functional Collaboration Partner with engineering teams to interpret test results and implement effective security measures. Threat Assessment & Response Lead efforts to evaluate vulnerabilities against emerging threats, determine root causes, and develop mitigation plans. Communicate findings to internal teams and external stakeholders. Process Standardization Support and document … industry standards and frameworks (e.g., NIST 800-53, NIST CSF, NIST 800-171, IEC 62443, ISO 27001) Proficiency in network, application, and database security architecture Hands-on experience with vulnerability testing and threat analysis In-depth knowledge of OS and network security (including virtual and cloud-based environments such as AWS) Familiarity with security systems: endpoint protection, firewalls, IDS …/IPS, wireless security, authentication, encryption, and log management Experience in application and database security design Governance and risk management expertise, particularly in vulnerability assessment Proven ability to lead technical projects from inception to completion Strong technical writing skills for engineering design specifications Excellent communication skills to convey complex security concepts and risks Self-motivated and dependable in More ❯

Your Profile: Experience: 2-3 years of experience in cybersecurity or related IT fields. Familiarity with network security, cloud infrastructure, SaaS tools, and identity management. Exposure to risk and vulnerability management. Strong communication skills in English - verbal and written. Analytical mindset and structured problem-solving approach. Comfortable working in a team and eager to grow professionally. Technical Skills: Networking … Systems: Basic knowledge of hardening Windows, Linux, and Unix environments. Security Tools: Familiarity with firewalls, antivirus, and IDS/IPS systems. Scripting: Basic understanding of Python, Bash, or PowerShell. Vulnerability Assessment: Experience using tools like Nmap, Nessus, or OpenVAS. Incident Response: Foundational knowledge in managing and responding to security incidents. Security Frameworks: Awareness of common frameworks such as … Wolf is committed to fostering a welcoming, accessible, respectful and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our recruitment, assessment and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities. If you require a reasonable accommodation for any part of the application or More ❯

to integrate security practices into the DevOps pipeline Oversee the deployment and management of security monitoring tools to ensure real-time visibility and response capabilities Conduct threat assessments and vulnerability assessments, and implement appropriate mitigation strategies Upskill and mentor the security team on best practices, emerging threats, and innovative security solutions Stay current on the latest cybersecurity trends, technologies More ❯

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. This role requires an understanding of TVM concepts, technologies, and … Tester Help support and develop an internal penetration testing function. Conduct network, application penetration testing, code and security reviews. Identify and exploit vulnerabilities through proof-of-concept testing. Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained. Responsible for supporting the creation of the operating model for … vulnerability management, that it is shared, agreed and operates effectively across the business. Develop and maintain penetration testing documentation, policies, and procedures. Integrate cybersecurity solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure. Evaluate and recommend technologies, tools, and vendors to meet business needs. Investigate newly identified cybersecurity vulnerabilities and provide appropriate mitigation actions. Liaise and More ❯

Security, preferably in a senior or advanced analyst role. Proven experience in managing and auditing Information Security Management Systems (ISMS) aligned with ISO 27001 standards. Strong skills in risk assessment, vulnerability identification, and development of practical security solutions for complex IT environments. Experience with penetration testing and vulnerability assessments; certifications such as CEH (Certified Ethical Hacker) are More ❯

of network security, application security, and cloud security, specifically with Azure. Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST, GDPR). Familiarity with penetration testing and vulnerability assessment tools. Hands-on experience with security incident response and forensic analysis ECS Recruitment Group Ltd is acting as an Employment Agency in relation to this vacancy. More ❯

skills, with the ability to lead cross-functional teams and work independently. Technical Expertise Required Network Security Technologies: Expertise in Network Access Control (NAC), IPS, Firewalls (FW), Endpoint Protection, Vulnerability Assessment tools, Mobile Device Management (MDM), and other similar cybersecurity solutions for both IT and OT environments. Networking Protocols & Infrastructure: Deep understanding of networking technologies such as routing More ❯

risk mitigation and technical controls. Roles and Responsibilities Internal Cybersecurity Program: Develop, implement, and oversee the organization's comprehensive cybersecurity strategy, policies, and procedures. Conduct regular risk assessments and vulnerability assessments to identify potential threats. Manage cybersecurity incident response and recovery plans. Ensure compliance with relevant industry regulations and standards. Build and maintain a strong security culture within the More ❯

we do. This is a brilliant time to join our business. We are on an exciting growth journey to become the UK's most loved retirement expert. Purpose The Vulnerability Manager is responsible for leading the identification, assessment, and remediation of security vulnerabilities across the organization's estate. This role is crucial for maintaining an effective vulnerability management program, which is a key requirement under ISO27001. The Vulnerability Manager provides regular reporting to demonstrate control effectiveness, reduces the attack surface, and supports informed decision-making, helping the business stay ahead of emerging threats. Job Accountabilities Develop and implement a comprehensive vulnerability management program in alignment with ISO27001 standards. Lead the identification, assessment, and … prioritization of security vulnerabilities across the organization's systems and networks. Coordinate with IT and security teams to remediate identified vulnerabilities in a timely and effective manner. Conduct regular vulnerability scans and assessments to ensure continuous monitoring and improvement. Provide regular reporting on vulnerability management activities, including metrics and key performance indicators (KPIs). Stay updated with the More ❯

Strong experience in building secure web and mobile apps Experience with Security architecture, Application Security assessments, penetration testing, vulnerability assessment, Secure SDLC, and Static code reviews Certified Secure Software Lifecycle Professional (CSSLP) (desirable) Responsibilities: - Design, develop, and implement security frameworks and solutions to safeguard company's assets and infrastructure. - Conduct regular security audits and risk assessments to identify More ❯