1 to 25 of 111 Permanent Vulnerability Management Jobs in the UK excluding London

VULNERABILITY MANAGEMENT ANALYST/VM ANALYST Up to £75,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a … major driving forces behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes … Schedules related to Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. Youll also assist in the development of Technical Controls in accordance with policy, standards and regulatory … requirements. Youll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities regarding risk More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. Youll also assist in the development of Technical Controls in accordance with policy, standards and regulatory … requirements. Youll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities regarding risk More ❯

Engineer Are you looking for more in life than just building another web app? Does upending cyber security resonate with you? We're a rapidly expanding cybersecurity startup revolutionizing vulnerability management for organizations of all sizes. For our customers, vulnerability management has always been a game of catch-up, with limited asset coverage and manual processes. … Nucleus Security's primary mission is to create a fast, scalable platform that not only addresses these challenges but also makes vulnerability management simple, fun, and effortless. Currently, we're looking for a passionate Senior Python Software Engineer to join our growing team of engineers. About Nucleus Security Nucleus Security is transforming how security and development teams manage … vulnerabilities at scale. Our platform unifies vulnerability data across scanners and environments, enabling organizations to prioritize and remediate vulnerabilities efficiently. We work with some of the most security-forward enterprises, empowering them with tools that accelerate secure software delivery and infrastructure hardening. Role Overview As a Senior Software Engineer in our Engineering team, you'll operate at the frontier More ❯

Cyber Threat Not sure what skills you will need for this opportunity Simply read the full description below to get a complete picture of candidate requirements. Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are We re not just talking about making a difference, we re making … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. You ll also assist in the development of Technical Controls in accordance with policy, standards and … regulatory requirements. You ll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities More ❯

Cyber Threat Not sure what skills you will need for this opportunity Simply read the full description below to get a complete picture of candidate requirements. Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are We re not just talking about making a difference, we re making … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. You ll also assist in the development of Technical Controls in accordance with policy, standards and … regulatory requirements. You ll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities More ❯

Cyber Threat Not sure what skills you will need for this opportunity Simply read the full description below to get a complete picture of candidate requirements. Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are We re not just talking about making a difference, we re making … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. You ll also assist in the development of Technical Controls in accordance with policy, standards and … regulatory requirements. You ll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities More ❯

Cyber Threat Not sure what skills you will need for this opportunity Simply read the full description below to get a complete picture of candidate requirements. Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are We re not just talking about making a difference, we re making … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. You ll also assist in the development of Technical Controls in accordance with policy, standards and … regulatory requirements. You ll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

native platform that helps security teams investigate, triage, and remediate vulnerabilities faster using LLMs and autonomous agents. The Role You’ll be the strategic owner of an AI-powered vulnerability management product, accountable for ARR growth and POC conversion. This is an early hire with broad scope: define the vision, validate with customers, partner deeply with engineering, and … bring zero-to-one capabilities to market. What You’ll Do Own product strategy & roadmap for an agentic vulnerability management platform; prioritize use cases that drive measurable revenue and customer value. Partner with engineering as true collaborators in discovery and delivery—enable research and iteration, not just handoffs. Ship zero-to-one : take concepts from idea to GA … output. Communicate technical depth : bridge AI agent capabilities and security workflows for both engineers and customers. What You’ll Bring Security domain expertise (must-have): hands-on familiarity with vulnerability management, risk assessment, EDR/NDR, cloud security, or adjacent areas. 4–7 years in product management with shipped products that moved business metrics. Technical fluency across More ❯

s ready to move into a Head of role, take ownership, and shape strategy while staying close to the tech. What you'll be doing: Owning implementation, consolidation, and vulnerability management across the group Leading a team (3 direct reports by year-end) - mentoring, developing, and embedding best practice Overseeing infrastructure, EUC, platform, cloud, and building security Partnering … with stakeholders across multiple business units to understand systems and improve visibility Driving improvements in security tooling, processes, and response Vulnerability management tools (e.g. Rapid7, Microsoft Defender suite) Core enterprise security toolsets Networking, cloud infrastructure, and EUC environments You'll have: Experience as a team lead or manager (formal or informal) with direct reports or leadership responsibility Strong … grounding in infrastructure and security - ideally having moved from networking/cloud into security Hands-on experience with vulnerability management tools and security platforms Why join? Progression: Step into a Head of role with mentoring from an experienced Group Infrastructure Director Influence: Work at a group level across multiple industries More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Proven experience leading cyber security More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Key Skills Proven experience leading More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management … and resiliency patterns (graceful degradation, bulkheads, back pressure), empowering teams to deliver robust solutions. Experience leading and governing SRE/DevOps practices at scale, including CI/CD, incident management, post-mortems, and capacity & cost management, fostering a culture of operational excellence and continuous improvement. Sponsor and champion security leadership, including secure SDLC, identity/authorization (SAML/… innovation with pragmatic delivery and customer commitments. Ability to set and evolve technical standards, patterns, and guardrails for a modern SaaS platform. Skilled in org design, career ladders, performance management, and fostering a high-bar engineering culture. Ability to drive reliability, performance, and cost efficiency in cloud environments. Skilled sponsor and champion of secure SDLC, threat modelling, vulnerability More ❯

the Head of Cyber and IT will manage cloud infrastructure to ensure availability, scalability, and performance. The role also involves ensuring compliance with security standards, leading incident response and vulnerability management, and overseeing internal IT support and enterprise system administration. Additionally, the position requires building and leading a scalable team, aligning with DevOps on infrastructure maturity and security … cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and antivirus platforms. Secure and implement policies and procedures for disaster recovery and business continuity. Work with the CTO and … the rest of the executive team to embed security into all operations (DevSecOps). IT Management Lead internal IT support, device management, enterprise system administration and SaaS tooling. Manage identity and access controls (IAM), endpoint security, and network infrastructure (including physical and virtual servers and storage systems). Find, implement, and operationalize hardware environment improvements through a continual More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world click apply for full job details More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the More ❯

Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience … and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior analysts and support More ❯

security initiatives, influence secure design standards, and mentor colleagues in best practices. Key Responsibilities Lead application and cloud security initiatives, ensuring systems and software are secure by design. Drive vulnerability management and implement a risk-based approach across the technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls … hands-on experience in application and cloud security engineering. Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices. Proficiency with security testing tools and vulnerability management platforms. Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.). Familiarity with security frameworks and principles such as Zero Trust and risk-based More ❯