12 of 12 Vulnerability Management Jobs in Birmingham

VULNERABILITY MANAGEMENT ANALYST Up to £70,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces … behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management/SOCAnalyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes & Schedules related … to Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management/SOC Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of SOC/Vulnerability Management Analyst role More ❯

working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … Assist in managing third party risk processes by evaluating external partners' security postures and ensuring compliance with internal requirements. Work closely with Security Operations and IT teams to oversee vulnerability assessments and coordinate remediation efforts effectively. Conduct thorough reviews of security architecture for new systems and services to ensure robust protection measures are in place from the outset. Evaluate … necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate progress against More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

a leadership role within Defra's operational IT function, Group Infrastructure and Operations (GIO). The role requires demonstration of deep and wide-ranging IT leadership skills in service management and strategic direction setting of the Service Operations functions. The Head of Service Operations is responsible for the effectiveness of operational IT services and user support to ensure optimum … strategy, to remain effective whilst supporting modern service delivery approaches, including Agile and DevOps. As such the role requires the ability to function seamlessly between strategic thinking and operational management of live services. The role's level of operational responsibility is high and includes leading through major disruption at times of major incidents including cyber security ones. As a … be required to develop strong relationships with Defra group's delivery bodies and Arms Length Bodies (ALBs) in order to deliver core IT services as part of the Service Management Operating Model. Key Responsibilities Primary responsibility is to ensure service availability is maintained at required levels, and in doing so own the responsibilities of: Sets the vision, and strategy More ❯

a strategic and hands-on role where you'll be the key bridge between clients and operational teams, ensuring smooth delivery of security services, incident response coordination, and ongoing vulnerability management. If you’ve got a deep background in cybersecurity operations, excel under pressure, and know how to guide both clients and internal teams, this could be your next … remediation activities Managing client-facing service reviews (weekly/monthly), presenting clear reports and insights Supporting internal delivery teams to ensure SLAs are met and quality standards maintained Overseeing vulnerability scanning and prioritisation , and guiding clients on remediation Supporting and managing IDS/IPS configuration and updates Driving continuous improvement across service delivery processes What We’re Looking For … 10+ years in Security Operations or SOC-related service delivery Strong technical understanding of incident response, vulnerability management, IDS/IPS Proven experience handling client relationships, stakeholder management , and crisis situations Excellent communication skills — both technical and non-technical Experience leading cross-functional teams in fast-paced environments Relevant certifications (e.g. CISSP, GCIH, CICM) UK SC clearance More ❯

major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation … Manager in review of any service delivery processes and workflows, identifying areas for optimization and implementing best practices. Co-ordinate the running and reporting of a risk-based vulnerabilities management including: Scanning systems, networks, and applications to detect potential security weaknesses. Prioritize vulnerabilities based on their risk level, potential impact, and the criticality of the affected assets, ensuring that … challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise: Very strong experience in providing technical support and advice for a Security Operations Centre Demonstrate More ❯

long-term career growth. What you'll do: As an IT Compliance Analyst, you will be at the heart of the organisation's efforts to maintain robust governance, risk management, and compliance standards. Your day-to-day activities will involve managing client audit inboxes, responding promptly to information requests, completing detailed questionnaires, and ensuring all documentation is up-to … participating in training programmes, you will help embed a culture of security awareness throughout the business. This role offers you the chance to expand your knowledge in governance, risk management, data protection, and information security within a dynamic international environment. Take ownership of completing and coordinating client security questionnaires and due diligence requests by gathering accurate information from relevant … demanding clients. Your familiarity with leading frameworks such as ISO 27001 and Cyber Essentials Plus will enable you to navigate complex requirements efficiently. Your keen interest in governance, risk management, data protection laws, and information security means that you are always looking for ways to enhance existing processes. A methodical approach ensures that documentation is meticulously maintained while your More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

builder to streamline and strengthen how security gets done. Respond to incidents with confidence, contribute to security audits, and answer client queries like a pro. Harden our systems: lead vulnerability management, champion new security policies, and help us stay two steps ahead of threats. Always be learning-dive into the latest security tools and trends, and shape our More ❯

skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial systems Ensuring compliance with GLBA, PCI, FFIEC, and other regulatory frameworks Supporting risk reviews, vendor assessments, and internal audits Participating in security exercises … What You'll Need to be Considered 3-5+ years of relevant experience Prior experience in financial services, banking, or fintech cybersecurity Expertise with SIEM, EDR, NGFW, and vulnerability management tools Familiarity with scripting (Python, PowerShell) for automation and threat detection Experience conducting third-party risk reviews and regulatory reporting ITAC Solutions firstName lastName Email Address Phone More ❯