1 to 25 of 109 Remote Permanent Vulnerability Management Jobs

a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role We're seeking a passionate and experienced Vulnerability Lead to shape and lead the creation and ongoing operation of our comprehensive vulnerability management program. This is a unique opportunity to establish a critical security function … define best practices, and significantly enhance our overall security posture. A key aspect of this role involves the end-to-end management and continuous improvement of the vulnerability management programme. This includes defining scanning strategies, conducting risk-based triage and prioritisation, overseeing remediation efforts, and providing actionable reporting to enhance the Engine's security posture. What you … ll get to do Conduct vulnerability scans regularly and proactively as needed. Validate findings and use a risk-based approach. Enrich findings with threat intelligence and business impact to determine exploitability. Be an enabler for resolver groups by triaging and prioritising vulnerabilities to facilitate timely resolution of outstanding findings using a risk based approach Track and manage remediation through More ❯

Vulnerability Remediation Management Analyst – Bristol/Edinburgh (Hybrid) In this position, you’ll be based in either the Bristol or Edinburgh office for a minimum of three days a week, with the flexibility to work from home for some of your working week. Find out more about our flexible work culture at computershare.com/flex. We give you … a world of potential The Global Information Security team is responsible to drive the development, deployment, monitoring and management of information and Cyber Security across the Computershare businesses, globally. Through partnerships with the business units, Technology Services and other support functions, the Global Information Security team actively supports the business objectives whilst reducing the overall composite risk to Computershare. … the Cyber Assurance team, who are responsible for delivering a complementary suite of security assessment, testing and assurance services globally across Computershare environments. A role you will love The Vulnerability Remediation Management Analyst plays a critical role in safeguarding the organisation’s global infrastructure by driving the timely and effective resolution of identified security vulnerabilities. You will be More ❯

Cyber Threat Intelligence & Vulnerability Management Lead Flexible location Hybrid working Permanent, full time Closing date: Monday 3rd November 2025 Who we are Were not just talking about making a difference, were making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the … to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of Cyber Threat Intelligence and Vulnerability Management, but particularly in the development of the threat landscape to Drax. Youll also assist in the development of Technical Controls in accordance with policy, standards and regulatory … requirements. Youll help to develop and support senior management with the technical controls and cyber threat intelligence skills within the group-wide security team and through the rollout of tools, technical controls, policies and procedures, and coaching and mentoring. The role will also have responsibility for working with asset owners to ensure that they understand their responsibilities regarding risk More ❯

types of attacks and vulnerabilities. You will be responsible for planning and implementing appropriate security controls to ensure that the information within is kept secure. Key functions/outputs: Vulnerability Scanning & Reporting Endpoint Security Incident Management & Tickets System Hardening Change Work Participation in Regular Meetings Documentation Vulnerability Scanning & Reporting Code Scans: perform regular code scans to audit … code quality metrics, potential bugs, and security vulnerabilities. Vulnerability Management Tooling: perform regular Vulnerability Management Scans and ensure that the warehouse and plugins are kept up to date to capture new vulnerabilities. Reporting: assist the Vulnerability and Patch Manager with generating regular vulnerability management reports, which are to be provided to the cyber … and threats are being blocked. Access Control: ensuring that access controls have been implemented correctly to only allow authorised users to gain access to certain data and systems. Incident Management & Tickets: Incident Identification: help to recognise and confirm potential incidents through alerts, logs and user reports. This includes distinguishing between true threats and false positives. Incident Response: respond to More ❯

Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . … s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and … Provide regular updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication More ❯

Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . … s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and … Provide regular updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication More ❯

assurance Electric Vehicle Scheme About the Role This is an exciting opportunity for a security professional who wants to make a real impact by leading and maturing an organisations vulnerability management programme. You will: Own and optimise the vulnerability management lifecycle using Tenable.io, Tenable.sc, and Nessus Perform and analyse vulnerability scans across on-premise, cloud … bring the expertise and confidence to influence both technical and strategic decisions. We are looking for someone with: At least 5 years experience in cybersecurity, with a focus on vulnerability management and threat analysis Proven hands-on experience with Tenable.io, Tenable.sc, and Nessus Strong understanding of operating systems, networking, cloud platforms and containers The ability to interpret CVEs More ❯

who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy. We are looking for a Staff Information Security Engineer who will operate as a vulnerability management engineer inside the U.S. Federal IL6 (SCIF) environment. This fully onsite role is based in, or near, the Washington, D.C. Metro Area and operates strictly within a … including runbooks, SOPs, exception governance, and change control processes within the SCIF Minimum Qualifications U.S. citizenship and active U.S. Top Secret (TS) clearance (must be maintained) 5+ years in Vulnerability Management, or Security Engineering within restricted/SCIF environments, including air-gapped scanning (Tenable.sc/Nessus Manager or equivalents) and offline plugin lifecycle Experience with CSPM concepts and … concepts within constrained perimeters Exposure to FedRAMP High/Moderate operations, including monthly monitoring programs (scanning, evaluation, patching, reporting) and familiarity with Jira/ServiceNow for ticketing and exception management in isolated environments Zscaler's salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target More ❯

Tasks include the following: Perform review and analysis of cybersecurity event logs Conduct and review technical cybersecurity assessments Coordinate with security personnel and recommend mitigation strategies Identify points of vulnerability and non-compliance with established cybersecurity standards and regulations Collaborate with our DevOpsSec team to help with analyzing scan results and remediation of findings Manage and maintain a library … of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues Perform and maintain vulnerability scans using Assured Compliance Assessment Solution (ACAS) and create reports Track and report Information Assurance Vulnerability Management (IAVM) compliance using Assured Compliance Assessment Solution (ACAS) Maintain Authorization … POA&M) compliance Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems Apply system security engineering expertise in one or more of the following to : system security design process; engineering life cycle; information More ❯

developers, systems engineers, and Government counterparts to perform a full spectrum of cybersecurity engineering tasks and ensure compliance with multiple regulatory frameworks. Required Skills Experience configuring, running, and analyzing vulnerability scans. Experience with XACTA, eMASS, or similar tools. Familiarity with NIST Special Publications (SP 800-27, 30, 37, 53, 60). Experience with CNSS Publication CNSSI 1253. Experience with … incident response plans, POA&Ms, risk management plans, and vulnerability management plans. Strong analytical, communication, problem-solving, and interpersonal skills. Experience establishing a System Security Engineering (SSE) management process to integrate security and privacy controls into complex hardware and software systems. Qualifications Bachelor's degree and 8+ years of experience; additional years may be considered in … e.g., CCNA Security, CySA+, Security+ CE, SSCP, CISSP or Associate). One year of experience developing and reviewing security CONOPS, System Security Plans, Risk Assessments, Contingency Plans, and Configuration Management Plans. Capabilities Review and analyze cybersecurity event logs. Conduct and review technical cybersecurity assessments. Coordinate with security personnel and recommend mitigation strategies. Identify points of vulnerability and non More ❯

sharing through team briefings and technical exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure … and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement. Compliance & Governance Align security controls with frameworks such as ISO 27001, NIST, CIS, and … knowledge of Microsoft technologies (Windows Server/Desktop, Active Directory, Group Policies). Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials). Excellent problem-solving skills and ability to work under pressure. Strong communication More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates. Create of Waivers or Risk Acceptance Memos to assist in the effective management of system risks. Conduct an annual assessment in accordance with guidance in the DHS Information Security Performance Plan. Review and update security authorization documents as needed, but at least … Contingency Plan tests at least annually and update the plan. Perform system self-assessments as part of the customer's Ongoing Authorization program. Monitor and respond to Information Security Vulnerability Management (ISVM)/Patch Management. Provide audit support for assigned systems (Financial, A-123, FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and Post Audit). Maintain … Agile, SecDevOPs). Use DHS' and mandated enterprise IA Compliance Tools. Ensure CM processes are followed to ensure that any changes do not introduce new security risks. Support the management system Information Security Vulnerability Management (ISVM) Compliance. Experience leading a team of ISSOs Required Qualifications: Education: Bachelor's degree preferred Experience/Skills: 5+ years Cybersecurity experience More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

both technologists and engineers about the wide range of assets and risks our business has. Key Responsibilities Develop and implement a global OT cybersecurity strategy, aligned with enterprise risk management and business objectives. Lead design, deployment, operation and continuous improvement of security controls for OT environments, including ICS, SCADA, and IIoT systems. Partner with engineering, operations, and Technology teams … and compliance programs (NIST, IEC 62443, ISO 27001, etc.) for OT cybersecurity. Lead a high-performing OT cybersecurity team, developing our people as well as technology. Oversee OT-focused vulnerability management, solutions development, conformance support, and incident response. Engage with regulators, customers, and industry partners to maintain bps position as a leader in OT security. Advise senior leadership … role Relocation Assistance: Relocation may be negotiable for this role Remote Type: This position is a hybrid of office/remote working Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management Legal Disclaimer: We are an equal opportunity More ❯

both technologists and engineers about the wide range of assets and risks our business has. Key Responsibilities Develop and implement a global OT cybersecurity strategy, aligned with enterprise risk management and business objectives. Lead design, deployment, operation and continuous improvement of security controls for OT environments, including ICS, SCADA, and IIoT systems. Partner with engineering, operations, and Technology teams … and compliance programs (NIST, IEC 62443, ISO 27001, etc.) for OT cybersecurity. Lead a high-performing OT cybersecurity team, developing our people as well as technology. Oversee OT-focused vulnerability management, solutions development, conformance support, and incident response. Engage with regulators, customers, and industry partners to maintain bps position as a leader in OT security. Advise senior leadership … role Relocation Assistance: Relocation may be negotiable for this role Remote Type: This position is a hybrid of office/remote working Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management Legal Disclaimer: We are an equal opportunity More ❯

a hybrid working model is acceptable. Your future duties and responsibilities: • Security Architecture Design: Developing and implementing security architectures for information systems, including hardware, software, and network components. • Risk Management: Identifying and assessing security risks, developing mitigation strategies, and implementing security controls to address identified vulnerabilities. • Security Compliance: Ensuring systems comply with relevant security policies, regulations, and standards, such … as NIST, RMF, and ICD 503. • Vulnerability Management: Conducting vulnerability scans, analyzing results, and recommending remediation actions. • Security Documentation: Creating and maintaining security documentation, including system security plans, security assessment reports, and risk management plans. • Collaboration and Communication: Working closely with system administrators, network engineers, software developers, and other stakeholders to integrate security into the system … years of experience • Security Clearance: Candidates must possess an active TS/SCI clearance with polygraph • Technical Expertise: Strong knowledge of security principles, technologies, and best practices. • Risk Management Framework (RMF): Experience with the Risk Management Framework and its application to information systems. • Security Architecture: Understanding of secure system design principles and experience developing secure architectures. • Security Controls More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … inner workings of various software and system level applications. DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Willingness More ❯

certified woman owned small business established in 2015 in Columbia, MD. They specialize in cyber security operations and engineering, software development, data science and analytic development, security engineering, risk management, and cloud migration. This client offers extremely competitive benefits: fully-paid medical benefits, 4 weeks PTO, 6% 401k, over 5k for training and pay for every hour worked. If … with federal and DoD policy. -Experience with DoD RMF system accreditation processes. -Assess use case and operational risk of integrated open source, and GOTS/COTS software components. -Use vulnerability management systems, automated security scanning tools, and system accreditation record systems. -Provide security planning, assessment, risk analysis, and risk management support. -Apply existing knowledge of IAT to … with DOD systems Accreditation processes (ie. DIACAP and RMF) -DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) -Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. -The ability to work independently and as part of a team is needed. -Work More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … inner workings of various software and system level applications. DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Work More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … inner workings of various software and system level applications. DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Work More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … . A deep understanding of systems engineering and an ability to quickly understand the inner workings of various software and system level applications. Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Desired More ❯

Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience … and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior analysts and support More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … and services, computer architectures, and network topologies is required. DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Must More ❯