51 to 75 of 349 Permanent Vulnerability Management Jobs

mission critical systems leveraging the latest technologies to deliver cutting edge solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure and data analytics. Responsibilities: Lead the design, deployment, and management of enterprise server environments, including Windows Server, Linux, VMware vSphere … Group Policy, and related services. Plan, schedule, and perform system patches, firmware upgrades, and security hardening in accordance with DISA STIGs, CIS Benchmarks, and NIST 800-53 controls. Conduct vulnerability assessments using tools such as Tenable.SC; remediate findings and document corrective actions. Administer centralized storage solutions, including SAN/NAS environments and perform backup and recovery operations using enterprise … or Security+ Information Technology Infrastructure Library (ITIL) 4 Foundation certification must be completed within 6 months. Exceptional oral and written communication skills, capable of delivering clear, concise technical and management-level reporting across all organizational levels. Excellent interpersonal skills with the ability to work independently, prioritize tasks, and manage multiple initiatives with minimal supervision. Strong analytical and problem-solving More ❯

teams. Key Responsibilities: Design and implement secure architecture solutions for terrestrial and space-based systems. Lead cybersecurity efforts in support of system development, testing, and deployment. Apply RMF (Risk Management Framework) to obtain and maintain system ATOs. Conduct vulnerability assessments and support mitigation planning using tools like ACAS, Nessus, STIGs, and SCAP. Develop and maintain cybersecurity documentation, including … DoD or defense aerospace environment. Deep knowledge of RMF, NIST 800-53, STIGs, and DISA compliance tools. Familiarity with DoD systems engineering lifecycle and security accreditation processes. Proficient in vulnerability management, incident response, and network hardening. Excellent technical writing and documentation skills. DoD 8570 IAT Level II or III certification (e.g., Security+, CASP+, CISSP, CISM). Preferred Qualifications More ❯

We are seeking experienced IT and Cyber Risk Management Professionals to support organizations in the financial sector, in strengthening their IT security posture. As a key part of the second line of defense, you will oversee risk management processes and provide independent validation and assurance to ensure that the first line is adhering to IT and cybersecurity standards. … on IT and cybersecurity risk management. Roles & Responsibilities: Monitor and assess IT and cybersecurity risks across the organization, focusing on second-line oversight of the first line's risk management practices. Conduct independent risk assessments and challenge the first line's processes and control effectiveness across applications, business solutions, assets, and third-party relationships. Review and validate risk assessments … compliance. Conduct audits and provide oversight of IT and cybersecurity practices within the first line of defense, especially in third-party risk management. Produce independent risk reports for senior management and governance committees, synthesizing security risks and providing recommendations for risk mitigation. Advise on risk management strategies and propose improvements to enhance the organization's security posture and More ❯

security threats across hybrid environments. Managing and enhancing security configurations for Windows VMs, SQL databases, and PaaS solutions like Logic Apps. Administering security tools, including firewalls, endpoint protection, and vulnerability management systems. Ensuring data security by managing encryption, access controls, and compliance requirements. Performing security assessments, audits, and penetration testing. Developing security automation processes for identity and access … management (IAM), network security, and patch management. Collaborating with stakeholders to ensure security best practices are integrated into new and existing solutions. Managing third parties delivering security, cloud, or infrastructure services. Keeping up to date with emerging threats and security trends, advising the organization on proactive measures. The Successful Applicant A successful Security Engineer should have: Strong experience with … Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems to adhere to security guidelines proactively and reactively. What's on Offer A More ❯

and ensuring our products and cloud infrastructure are secure, resilient, and compliant. In this role, you will have the unique opportunity to lead our SOC2 audit activities, perform risk management reviews, and drive our vulnerability management program in alignment with industry best practices. Your keen eye for detail and exceptional problem-solving skills will be invaluable in … and external standards. Translate audit findingsand test results into clear, actionable tasks for the engineering and DevOps teams. Perform vendor security assessments, managing risk across our supply chain. Manage vulnerability and patch management, ensuring critical software libraries are kept up to date. Enforce security policies, particularly regarding open-source software and licensing compliance. Plan and lead annual Business More ❯

effectively, escalating issues as necessary to maintain productivity and minimize downtime. Implement and enforce cybersecurity best practices, ensuring the security and integrity of all systems and data. Perform regular vulnerability assessments, patch management, and security audits to safeguard infrastructure and prevent unauthorized access. Monitor systems for security incidents, respond to threats, and conduct investigations and root cause analysis … Demonstrated ability to recognize and work with our Permission to Play Values. Preferred Advanced proficiency in managing cloud infrastructure, especially Microsoft Azure or Amazon Web Services (AWS), including identity management, hybrid integrations, and cost optimization. Experience supporting and optimizing IT systems within a manufacturing, warehousing, or industrial automation environment, including knowledge of plant-floor technologies and ruggedized networking. Familiarity … with Zero Trust architecture, NIST cybersecurity frameworks, or CMMC compliance. Hands-on experience implementing or managing SIEM tools, endpoint detection and response (EDR) solutions, or vulnerability management platforms. Practical experience with Infrastructure as Code (IaC) tools such as Terraform, Ansible, or PowerShell DSC in enterprise or hybrid cloud settings. Experience configuring and supporting Palo Alto firewalls, including VPNs More ❯

those related to physical security. Maintain and enhance the security posture of servers for both existing and new applications, on-premise and in Azure cloud environments. Monitor and manage vulnerability scanning tools, address findings, and coordinate remediation efforts with infrastructure and development teams. Support the development, testing, and annual validation of disaster recovery and backup plans. Create and maintain … To Be Considered for This Role, You Will Need: Cybersecurity Experience: Demonstrated experience in implementing and managing security controls across hybrid environments. Familiarity with endpoint protection, threat detection, and vulnerability management tools. Incident Response & Problem Solving: Ability to respond swiftly and effectively to security incidents. Skilled in structured analysis and incident remediation to ensure rapid recovery. Threat Awareness … Clear and confident verbal communication skills, including the ability to explain technical information to non-technical audiences. Proficient in written communication, including technical documentation, reports, and presentations. Strong time management and organisational skills to balance multiple priorities and meet deadlines. Capable of managing competing demands and shifting priorities in line with business objectives. High attention to detail and a More ❯

Security Lead London | Hybrid - 3 days in-office per week Up to £90,000 + ~20% Bonus + 10% Pension Are you passionate about cloud security and cyber risk management? A leading international business has completed a major IT transformation and is now expanding its technology team. They're looking for a highly skilled Cloud Security Lead to help … of experience in technical cyber roles (SOC, security engineering, threat analysis) Minimum 3-5 years working in cloud environments Deep knowledge of Microsoft Azure (and ideally AWS) Expertise in vulnerability management, incident response, and cyber risk triage Strong understanding of cloud security principles and the shared responsibility model Familiarity with frameworks like MITRE ATT&CK and Zero Trust More ❯

Work for an award-winning provider of Security Services, specialising in Cyber Security Services such as Vulnerability Management, Information Security, Penetration Testing, and Managed Security Services. We boast a fully managed Security Operations Centre (SOC) staffed by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise More ❯

in cybersecurity frameworks (e.g., MITRE ATT&CK, NIST, CIS), incident response, and threat intelligence In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management Strong background in cloud security operations and monitoring across AWS, Azure, and GCP Preferred Proven success in incident resolution within SLAs and based on severity. Experience in More ❯

configuration, and ongoing buildout of Splunk ES, including onboarding new data sources, tuning correlation rules, and developing new detection use cases. • Collaborate with other teams to support incident response, vulnerability management, and threat hunting activities. • Conduct threat analysis, log analysis, and data enrichment using Splunk and other security tools. • Participate in regular security reviews and audits, providing evidence More ❯

Offensive security and exploitation techniques. Digital Forensics : Host, network, or memory-based investigation. Threat Hunting : Detection engineering and hypothesis-driven threat investigation. Knowledge of modern security tooling (SIEM, EDR, vulnerability management, SOAR). Strong documentation and communication skills; fluent in written and spoken English. Diversity, Inclusion, and Equal Opportunity We hire, promote, and compensate employees based on their More ❯

have now closed. We're seeking an experienced Cyber Defence Manager to safeguard our digital infrastructure View job & apply Location: Frankfurt Salary: 145,000 + Benefits Sector: Banking, Asset Management & Funds We're hiring an experienced IAM Lead to take ownership of identity governance and access controls View job & apply Location: Frankfurt Salary: 145000 + Benefits Job type: Permanent … Sector: Banking, Asset Management & Funds A growing investment firm headquartered in Frankfurt is looking to appoint a senior IT Governance View job & apply Location: Fully Remote Job type: Contract Position Overview: Fast growing FinTech seeking a highly motivated and technically capable DevSecO View job & apply SOC Manager Location: Fully Remote Job type: Contract Position Overview: Rapidly growing FinTech company … seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A fast-growing investment firm based in Frankfurt is looking for a motivated IT Governance & View job & apply Technical IAM Consultant Location: London when needed Job type: Contract More ❯

industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR. We are currently seeking a Nessus Engineer for an onsite position in Chantilly, VA. This position supports our cybersecurity initiatives by conducting vulnerability assessments and … ensuring the overall security of our networks and systems. This position is critical in maintaining and improving the integrity and safety of our infrastructure using the Nessus vulnerability scanning tool. The ideal candidate will have hands-on experience with Nessus or similar vulnerability management tools, a solid understanding of security best practices, and a passion for mitigating … risks in complex IT environments. Minimum of 10+ years' experience in vulnerability management, cybersecurity, or IT security. Hands-on experience with Nessus (or similar tools such as OpenVAS, Qualys) for vulnerability scanning and management. Experience with network protocols (TCP/IP, HTTP, DNS, etc.), operating systems (Windows, Linux, macOS), and security best practices. Installing and Configuring Nessus More ❯

a crucial role in leading and managing complex Cyber Security projects, ensuring the successful execution of initiatives that safeguard our clients' organisations against evolving threats. Leveraging your extensive project management expertise and technical knowledge, you will partner with and contribute to the enhancement of the overall Cyber Security posture and resilience of our clients, collaborating with cross-functional teams … and resource allocation approaches. Conduct comprehensive risk assessments and develop mitigation strategies to address potential security threats and project risks. Utilise industry frameworks and standards to ensure robust risk management practices. Oversee and manage projects end-to-end in line with the Association for Project Management guidance. Manage projects such as Security Framework Audits and Implementation, Cyber Strategy … Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and clients, serving More ❯

individual with a passion for defending complex digital environments from sophisticated threats. The successful candidate will be part of a dedicated team responsible for executing and advancing a comprehensive Vulnerability Management Program supporting mission-critical systems in a high-security environment. Essential Duties and Responsibilities (but not limited to): • Conduct proactive cyber monitoring and vulnerability management activities across a diverse enterprise IT environment. • Support the execution of vulnerability scanning, analysis, reporting, and remediation efforts, using tools such as Tenable Security Center (or equivalent platforms). • Collaborate with cross-functional teams to drive vulnerability remediation plans and lead working groups to assess, prioritize, and track mitigation efforts. • Collect, analyze, and validate open-source intelligence … enterprise intrusion detection systems (IDS/IPS), host/network security tools, firewalls, HIPS, WAFs, and event correlation. • Proven experience in cybersecurity operations, including threat analysis, incident response, and vulnerability remediation across multiple OS platforms (Linux, Windows, Mac). • Technical expertise in at least one scripting/programming language: Python, PowerShell, Bash, C++, etc. • Familiarity with cyber threat intelligence More ❯

your personal journey. Your Job Responsibilities: Drawing up security project plans : Develop comprehensive project plans for implementing security measures across IT systems, outlining the scope, objectives, and deliverables. People management for the members of the various (security) teams : Lead and manage security teams, ensuring effective collaboration and performance among team members. Planning the security project in terms of timeline … Ensuring that security solutions comply with standards and best practices : Ensure that all security solutions adhere to industry standards and best practices, including resilience patterns, monitoring, and postmortems. Stakeholder management : Proactively coordinate with various project stakeholders to understand their security needs and ensure their requirements are met throughout the implementation process. Regular coordination with the steering group : Maintain regular … provide updates and receive guidance on security projects. Coordination with suppliers and external partners : Collaborate with suppliers and external partners to ensure the successful implementation of security solutions. Change management : Implement change management processes to ensure smooth transitions and adoption of new security measures. Reporting : Prepare and present regular reports on security project progress, risks, and outcomes to More ❯

support the development and delivery of the products (whilst considering cyber resilience) with the ambition to meet the Secure by Design principles. You'll ensure the development, implementation, and management of security protocols, tools, and practices on maturing products meets the appropriate standards and Def Cons. Working closely with the Integrated Product Team (IPT) frameworks with specialists from other … wider Product IA and Security community across Leonardo Electronics UK, influencing corporate policies, processes and guidance. Managing architects such as the generation of Technical Risk Assessments, Security Design and Management Documentation, and Remediation Action Plans. As well as this, you'll oversee the generation and approval of Product Security and Information Assurance Management Plan; Product Design Reviews; generation … of Product Security deliverable information (Product Integrity certificates, product security cases.) What you will be doing as a Lead Security Engineer; Risk Management: Perform risk assessments to identify potential security risks and work product development teams to implement mitigations and preventive measures. Incident Response & Mitigation: Assess and maintain the Incident Response Plan, lead the response to security incidents and More ❯

authorization Advise program managers on AO determination utilizing OVL documentation Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program Providing support regarding the agile authorization and OVL processes Provide independent risk analysis and recommendation Collaborate between the AO and the … other related degree fields (master's degree is preferred or at least 10 years of related experience) At least 10+ years of cybersecurity experience including a senior technical or management role, project or program management experience At least 1 IAT/IAM or equivalent security certifications ex. CISSP, CCSP, CISM, CISA, or CASP Must have an active TS …/SCI security clearance Preferred Have a strong background in ISSM, risk management, and GRC Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships Manage multiple priorities in a high-paced and fast-changing environment Experience supporting and assessing risks within a CI/CD DevSecOps environment Key areas of experience would include More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years’ experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

audits and assessments to verify compliance and address any identified gaps. Security Controls Implementation: Lead the implementation and maintenance of security controls, such as access controls, data encryption, and vulnerability management. Collaborate with IT and other departments to integrate security controls into existing and new systems. Incident Response Management: Manage the organization's security incident response process, including … Risk Assessment and Mitigation: Conduct security risk assessments to identify potential threats and vulnerabilities. Develop and implement risk mitigation strategies to address identified risks, including the creation of risk management plans and the prioritization of security initiatives. Documentation and Compliance: Generate and maintain documentation required for Risk Management Framework (RMF) processes, including Standard Operating Procedures (SOPs), security plans … policies. External Stakeholder Engagement: Represent the organization in meetings and communications with external stakeholders, including government agencies, auditors, and vendors. Prepare and present security reports and updates to senior management and external parties as required. Continuous Improvement: Continuously monitor and evaluate the effectiveness of the information security program and make improvements as necessary. Foster a culture of continuous improvement More ❯

resource management. Review Azure Monitor analytics and Azure portal logs to identify and remediate subscription and resource issues. Manage containerized workloads using Docker and Azure Container Registries for image management and deployment. Implement automated monitoring, logging, and alerting systems using Azure Monitor, Log Analytics, and Application Insights. Collaborate with development and engineering teams to ensure seamless integration of applications … administering DevSecOps tools, including GitHub Advanced Security (CodeQL, Dependabot, SBOM), GitHub Workflows, and Visual Studio Code/Enterprise. Experience with security tools such as Trellix, Invicti, and Anchore for vulnerability management and compliance. Strong Windows Server administration skills, including troubleshooting SCCM issues and client-side domain joins. Familiarity with Linux (Ubuntu) administration for server and appliance management. Proficiency … of SQL integration in Azure environments. Familiarity with Infrastructure-as-Code tools (e.g., Terraform, Bicep) and configuration management. Experience with helpdesk support, including ticket ownership, problem resolution, and incident management using Remedy or similar ticketing systems. Knowledge of cloud security principles, including identity management, network security, and compliance frameworks (e.g., NIST 800-53, DoD STIGs). Understanding of More ❯

compute and storage infrastructures, delivering efficiency through automation, and ensuring scalability, flexibility, and compliance. Responsibilities • System administration tasks for Windows Server 2022 and RHEL 8 including regular platform upgrades, vulnerability management, troubleshooting, automation with native scripting languages, performance management, application inventory and administration, and compliance to regulatory baselines. • Development and execution of deployments using infrastructure-as-code … of SSL certificates and associated infrastructure and domains. • Manage and test data backups and disaster recovery policies. • Active Directory • Manage human and system identity lifecycles including onboarding, offboarding, role management, just-in-time privilege escalation, and regular access reviews. • Implement, update, and regulate group policy and identities in Active Directory and Azure EntraID in conjunction with the Enterprise Access More ❯

requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk … WILL YOU DO? "Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective information on cyber risks for IT and business management with both summary and detailed reporting Assess risk within subject specialty area to evaluate the design and effectiveness of security controls Work collaboratively with all Lines of Defense, coordinate … the control operation. Provide insight and classify data to assess Risk assessments Coordinate the completion of risk mitigating actions and providing status updates of all issues statuses to senior management Investigates large or repetitive loss events impacting the division to assess for potential systemic weaknesses and to ensure appropriate corrective action is taken. Provide insight and classify data to More ❯