1 to 25 of 110 Threat and Vulnerability Management Jobs in England

Friday 9.30am-5.30pm Hybrid work pattern Overall Objective of Role: The Cyber Security Operations Team is a critical component of the Thomas Miller security infrastructure, responsible for monitoring, detecting, and responding to security threats in real time. The team partner with a 3rd party to ensure constant vigilance over the security landscape. The Cyber Security Analyst detects, analyses, investigates and … responds to alerts and threats within the environment. Specific Responsibilities: Monitor security alerts, events, and potential threats using SOC tools. Respond to and investigate cyber security incidents, including malware outbreaks, phishing attempts and data breaches. Perform incident response, including triaging, investigation, and resolution of security incidents. Analyse network traffic, logs, and alerts to detect malicious activity. Conduct root-cause analysis … on security breaches and vulnerabilities. Prepare and maintain detailed incident reports and post-incident documentation. Collaborate with other teams to improve overall security posture. Implement and follow standard operating procedures (SOPs) for threat management and incident response. Perform regular vulnerability assessments and recommend remediation. Stay updated with emerging security trends, vulnerabilities, and exploits. Participate in red and blue More ❯

About the Role: We are seeking a highly skilled and experienced Deputy Chief Information Security Officer (Deputy CISO) to join our dynamic cybersecurity team. This is an exciting opportunity for someone with a robust understanding of information security, policy development, and hands-on technical expertise. The Assistant CISO will play a key role in rewriting and implementing information security standards … collaborating with key stakeholders to ensure alignment with organisational risk management practices, and fostering a proactive security culture across the company. As a key partner to the CISO, this role involves both strategic thinking and practical, hands-on execution of information security activities. The Assistant CISO will contribute to the development, maintenance, and enforcement of security policies and standards … while also ensuring that security risks are actively managed through collaboration with the Joint Risk Committee (JRC) and other relevant teams. Key Responsibilities: Standards Development & Rewriting: Oversee the review, rewriting, and continuous improvement of security standards to ensure they meet current industry best practices and align with legal, regulatory, and organisational requirements. Develop and implement guidelines for adherence to these More ❯

Cyber Security Engineer Reports to: Director/VP of Security Architecture & Engineering About Strada Global Strada Global is a leading provider of HR and payroll services, empowering businesses worldwide with innovative technology and secure, scalable solutions. As we continue to evolve, cybersecurity is at the core of our strategy, ensuring the protection of critical data, customer trust, and regulatory compliance. … Strada is in the midst of a major transformation, separating from our previous parent company and building a security-first culture to enable business growth. This is an exciting time to join as we migrate IT systems, strengthen cyber resilience, and develop a world-class security function. Role Overview The Cyber Security Engineer will play a critical role in designing … implementing, and maintaining security solutions that protect Strada’s cloud and on-prem infrastructure. This role will be deeply technical and hands-on, working across security operations, engineering, and risk management to strengthen our security posture while enabling the business. This position offers an opportunity to work closely with security architects, BISOs, and cloud security teams, helping Strada establish More ❯

A leading bank is seeking a skilled Security Operations Manager to strengthen its IT Security team. This role involves optimizing security controls, frameworks, and processes while supporting the integration of new technologies to enhance the bank's security posture. You will act as the right hand to the Head of IT Security, ensuring robust security services across the organization. Key … Responsibilities: Security Operations: Oversee and improve IT Security operations, ensuring efficient and compliant management of security services. Vendor Management: Manage outsourced security providers, ensuring performance meets established SLA standards. Incident Response: Lead and manage IT security incidents, including forensics when necessary. Security Services: Drive the delivery of services including Threat & Vulnerability Management, Privileged Access Management, IAM, DLP, Network Security, and Penetration Testing. Project Leadership: Lead IT/Cybersecurity improvement projects as an SME. Risk & Compliance: Evaluate IT changes for security risks, ensuring compliance with security policies and frameworks like ISO 27001/NIST. Security Controls: Operate and manage security controls to protect IT systems, ensuring alignment with regulatory and industry best practices. Continuous Improvement More ❯

Your new company A prominent UK-based institution in the higher education sector, this organisation delivers a broad spectrum of undergraduate and postgraduate courses spanning the sciences, business, arts, and humanities. It is well-regarded for its impactful research, international collaborations, and dedication to environmental sustainability. With a dynamic campus life and a diverse student community, it plays a key … role in driving local economic growth and fostering innovation through academic and civic engagement. Your new role Digital Technology Services plays a vital role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and … responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and external threats. The M365, Identity, and Security functions are central to this position, leading a team of specialist engineers to More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including OT, IT, web … applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial tactics, excellent communication skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments … such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current threat landscape knowledge and attacker TTPs. Develop and maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce More ❯

Job Description: Head of Cyber Threat Exposure Permanent London/Staines/Manchester (Hybrid Working) We consider all types of flexibility, including locations, hours and working patterns. We make health happen. At Bupa, we are at the forefront of an exhilarating digital transformation journey, driven by our ambition to become the world's most customer-centric healthcare provider. Our mission … is simple yet profound: to help people live longer, happier, healthier lives, and to make a better world. As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination of … vulnerability management and offensive security servicesacross all technology in Bupa. How you’ll help us make health happen Lead a team of technical security experts to drive a continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats. End to end management and delivery of security services including More ❯

Global Head of Information Security and Data Protection Join to apply for the Global Head of Information Security and Data Protection role at Oxfam Global Head of Information Security and Data Protection 3 days ago Be among the first 25 applicants Join to apply for the Global Head of Information Security and Data Protection role at Oxfam Oxfam is a … end the injustice of poverty. Are you a visionary leader with a passion for safeguarding sensitive information on a global scale? Do you have the technical expertise to develop and implement leading information security and data protection strategies that ensure compliance and security? Can you inspire teams to prioritise information security in an ever-evolving digital landscape? The Role Oxfam … GB is looking for a global Head of Information Security and Data Protection that will lead the Cybersecurity, Data Protection, and Information Governance teams to manage risk across these areas, while maintaining compliance to with necessary regulations and control frameworks. As well as its duties within OGB it is also responsible for coordinating Information Security efforts across the wider Oxfam More ❯

Job Title: Security Analyst Location: Remote Job Summary: We are seeking a skilled and experienced Security Analyst to join our team. The ideal candidate will have a strong background in vulnerability management and experience working with Security Information and Event Management (SIEM) tools such as Microsoft Sentinel. You will play a critical role in ensuring the security … of our cloud environments, infrastructure, and business units by identifying, analyzing, and addressing vulnerabilities and threats. Key Responsibilities: Vulnerability Management: Develop, implement, and operate vulnerability management capabilities using tools like Tenable One. Deploy, configure, and manage vulnerability assessment tools (e.g., Tenable, NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools. Deliver a … seamless vulnerability management service across infrastructure and business units, ensuring the effectiveness of security measures. Threat Analysis: Utilize various sources of information to identify, analyze, and report on relevant threats and vulnerabilities. Continuously monitor and assess the threat landscape to adjust security measures accordingly. SIEM and EDR: Implement and manage SIEM tools such as Microsoft Sentinel to monitor More ❯

Our Client is a leading Fintech, delivering Risk Management & Payment Solutions to some of the world's most respected organisations, backed by a number of globally respected institutions and responsible for transacting £Billions. They are now looking for a dynamic and ambitious SecOps Engineer to join their ever-growing Cyber & Information Security Department . Working closely with other SecOps … Engineers and the AppSec & GRC Teams , you'll be working on a scheduled rota & reporting to the SecOps Manager as part of a fast-growing SecOps Team . You will be monitoring & maintaining secure systems & networks as well as mitigating & containing real-time risks & identified threats. You will also be involved in vulnerability management, threat hunting, playbook designing … would include: Provide SecOps support capability working with information security alerts using Security Information & Event Management (SIEM) to triage, mitigate & escalate issues as needed while capturing essential details and artefacts. Perform analysis of security alerts to evaluate risk, determine containment action & identify required preventative measures. Review & triage security vulnerabilities detection. Identify trends, potential new technologies & emerging threats which may More ❯

As Security Operations Manager at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with … GRC practices and policies as they evolve to align with current and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing, you will help train and upskill your fellow Two Circlers on topics … such security awareness, OWASP Top 10 and Security by Design, as well as understanding and feeding into their processes and workflows, to keep good security practice on the agenda. Externally, this role will also engage with our fascinating clients as appropriate to support their security assurance needs, as well as our technology partners and suppliers to ensure their alignment with More ❯

Company Description We are part of the International Airlines Group, a leading airline group operating to over 270 destinations and serving more than 100 million passengers annually. Our platform offers scalable, best-in-class procurement, finance, and IT services to brands including Aer Lingus, British Airways, IAG, IAG Cargo, IAG Loyalty, Iberia, Iberia Express, LEVEL, and Vueling. We focus on … combining functional expertise with excellent customer service to strengthen our Group's competitiveness and efficiency. Job Description This is a strategic, high-impact role suited for a hands-on cybersecurity professional. You will define and implement the operational model for collaboration between the central Security Operations Center (SOC) and supporting functions, including process formulation, technology stack setup, and establishing deliverables … for scalable security operations. Initial responsibilities include contributing to the selection and onboarding of a Managed Security Services Provider (MSSP), working closely to define operational procedures, KPIs, and SLAs. Building a strong relationship with the MSSP will be key. Long-term, you will develop a business case for internal capabilities, laying the groundwork for an in-house team and transitioning More ❯

weeks ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features. This range is provided by Two Circles. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range Role Profile: As Security Operations Manager at Two Circles, you play a key … role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and policies as they evolve to align with current … and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing, you will help train and upskill your fellow Two Circlers on topics such security awareness, OWASP Top 10 and Security by Design, as More ❯

We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches. With experience informed by years of simulating sophisticated cyber attacks against some of the world's largest organisations, our mission is to enable … organisations to continuously understand how an attacker would successfully compromise their business—with cutting-edge Attack Surface Management and Continuous Automated Red Teaming technology. watchTowr was named within Gartner’s Emerging Tech Impact Radar report in 2023, in Gartner's Innovation Impact report for ASM in 2024, and is utilised by Fortune 500 and other large enterprises globally. Our … research is well-known and respected across the cybersecurity industry and can be found in various news outlets—while fuelling the watchTowr Platform. We are a young, high-energy, and high-performing team delivering world-class technology to help our clients prevent breaches. We are in a high and aggressive growth phase of our journey and are excited to continue More ❯

Summary: We are seeking an experienced and strategic Network Security Architect to design secure, scalable, and resilient network architectures across the enterprise. The ideal candidate will possess deep knowledge of : Traditional network infrastructure - LAN; WAN; WIFI etc Cybersecurity including Zero Trust Architecture Cloud Security Architecture Be capable of aligning security controls with business objectives and compliance requirements. Key Responsibilities: Lead … the design and implementation of secure network architectures for on-premises, cloud, and hybrid environments. Define network security standards, frameworks, and policies aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Develop and maintain secure designs for firewalls, VPNs, intrusion prevention systems (IPS/IDS), network segmentation, and zero trust network access (ZTNA). Collaborate with IT, cloud … and cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools and technologies, and stay informed More ❯

We'll inspire and empower you to deliver your best work so you can evolve, grow and succeed - today and into tomorrow. We offer an exciting range of opportunities to develop your career within a supportive and diverse team who always strive to do the right thing for our people, clients and communities. People are our greatest asset, and we … offer a competitive package to retain and attract the best talent. In addition to the benefits you'd expect, UK employees also receive free single medical cover and digital GP service, family-friendly benefits such as enhanced parental leave pay and free membership of employee assistance and parental programmes, plus reimbursement towards relevant professional development and memberships. We also give … back to our communities through our Collectively program which incorporates matched-funding, paid volunteering time and charitable donations. Work-life balance and flexibility is a key focus area for us. We're happy to discuss hybrid, part-time and flexible working hours, patterns and locations to suit you and our business. About the opportunity We are currently seeking a dynamic More ❯

cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, incident response, and compliance. Our mission is to protect businesses from cyber threats by delivering tailored security solutions that keep them resilient and secure. The Role We are seeking a Security Analyst to … join our team and play a key role in threat detection, incident response, and security monitoring. The ideal candidate will have a strong analytical mindset, an understanding of cyber threats and attack techniques, and the ability to implement effective security controls to mitigate risks. This role involves proactively monitoring security events, investigating potential breaches, and supporting clients with vulnerability management and security best practices. About You You are passionate about cybersecurity and have a strong ability to think critically, solve complex problems, and anticipate security threats before they happen. You thrive in a fast-paced environment, working both independently and collaboratively as part of a security team. You are detail-oriented and have a methodical approach to More ❯

Cyber Security Operations role at QA Ltd Remote (Once in a month to London or Leeds office) This senior role will involve you in strategic decision-making, system implementations, and the adoption and testing of new processes and procedures which improve the security and robustness of QA’s organisational infrastructure and associated IT systems. As a Head of Cyber Security … Operations you will be responsible for safeguarding QA from intrusion, security threats, security weaknesses, software bugs and exploits. You will be responsible for direct and virtual teams involved in keeping QA secure. Role Responsibilities Management of the Security Operations Centre service, ensuring resources are aligned to monitor and protect QA IT assets including 24/7 out of hours … on call coverage. Responsible for security event monitoring, incident response and cyber/threat intelligence across QA. To respond rapidly and effectively to any IT security incidents, co-ordinating and managing them through to a successful conclusion. Ensure that the monitoring, logging, and prevention toolsets are aligned to the needs of the security function/the business and are delivering More ❯

As part of the SIC Team, you will: Monitor security tooling, conduct triage and analysis of alerts, events, and security incidents. Validate, verify, and report on protective or countermeasure solutions, both technical and administrative. Coordinate and investigate security incidents through to resolution. Collaborate with resolver groups to respond to and investigate security incidents. Manage functional mailboxes and respond to email … inquiries from the account and clients. Oversee security ticket queues and review and raise security incidents in ticketing systems. Assist in security reporting, ensuring timely and quality delivery. Prepare and present reports using Microsoft PowerPoint and Excel. Provide Critical Incident Response Reports and lessons learned to stakeholders. Handle legal and law enforcement-related issues as necessary. Review security incidents periodically … for trend analysis and recommend improvements or sales opportunities to the Security Delivery Lead. Respond to incidents following playbooks and the Security Incident Management Process. Advise the account on Critical Security Advisories, including responses to Threat Advisories, ModCerts, Carecert, and emergency patches. Develop and maintain a vulnerability management system for zero-day vulnerabilities. Manage security information requests More ❯

Direct message the job poster from QA Ltd Remote (Once a month to London or Leeds office) This senior role will involve you in strategic decision-making, system implementations, and the adoption and testing of new processes and procedures which improve the security and robustness of QA’s organisational infrastructure and associated IT systems. As a Head of Cyber Security … Operations you will be responsible for safeguarding QA from intrusion, security threats, security weaknesses, software bugs and exploits. You will be responsible for direct and virtual teams involved in keeping QA secure. Role Responsibilities: Management of the Security Operations Centre service, ensuring resources are aligned to monitor and protect QA IT assets including 24/7 out of hours … on call coverage. Responsible for security event monitoring, incident response and cyber/threat intelligence across QA. To respond rapidly and effectively to any IT security incidents, co-ordinating and managing them through to a successful conclusion. Ensure that the monitoring, logging, and prevention toolsets are aligned to the needs of the security function/the business and are delivering More ❯

looking for an Information Security Risk Lead to join their growing team. The Information Security Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by my client to identify, measure, monitor and mitigate information security risks. The successful … candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of information security processes and controls. This position is highly engaged with the firm-wide Information Security teams who provide security solutions as well as all corporate departments that own information security risk. What they are looking for: 10+ years … of experience specifically related to information security governance, operations, and risk management. Broad-based technology experience at substantial scale and complexity in a global, highly regulated, high-volume transaction environment. Experience must include time operating within transaction services environments characterized by the need for continuous availability and the highest levels of security. Experience with developing and managing Operational Risk programs More ❯

Job Description Job Title: Level 3 Security Analyst Role: As a Level 3 Security Analyst, you will be at the forefront of our Security Operations Center (SOC), monitoring and responding to security incidents, performing threat analysis, and contributing to the continuous improvement of our cybersecurity services. You will work within a dynamic team, ensuring the protection of our clients' digital … assets while maintaining service excellence. Level 3 Analysts will take on additional responsibilities, such as mentoring junior team members, leading complex incident investigations, and driving strategic security improvements. What’s in it for you? Work with cutting-edge security technologies and develop expertise in industry-leading tools. Be part of an award-winning cybersecurity team with a clear path for … career progression. Hybrid working environment with opportunities for professional growth and certification support. Responsibilities: Monitor, analyse, and respond to security events and incidents within the SOC, ensuring timely detection and resolution in line with SLAs. Conduct thorough threat analysis and vulnerability assessments to identify potential security risks and implement mitigation strategies. Develop and refine incident response plans and playbooks More ❯

Cyber Security Engineer to join their team, securing the infrastructure of high–profile customers alongside the internal environment. This business partners with leading tech vendors including Microsoft, Cisco, Juniper, and many more. They add to their customer base year upon year leading them to where they are today, one of the UK's best rated MSPs with an extensive list … of clients nationwide. The position offers full responsibility for ensuring customers' data, systems, and networks remain secure, and any possible threats eliminated. The position will see you accountable for implementing, configuring, and maintaining security tools and platforms to prevent future vulnerabilities and attacks. You'll also be responsible for helping to maintain accreditation with information security policies and frameworks, including … Cyber Essentials, ISO27001, etc. Duties include: Reviewing current security procedures and processes. Researching, advising, and implementing new tools and countermeasures to better protect systems and data. Monitoring for attacks and instructions. Responding to alerts, threats, and breaches, with resolutions. Keeping company up to date and compliant with industry best practice, policies, and guidelines. Contributing to deployment of Cybersecurity related projects More ❯

Select how often (in days) to receive an alert: Create Alert BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Cyber Threat Hunter … Job Title: Cyber Threat Analyst Requisition ID: 121703 Location: Leeds and surrounding area Grade: GG08 - GG09 Role Description BAE Systems have been contracted to undertake the day-to-day operation of (and incremental improvement of) a dedicated Security Operations Centre (SOC) to support the defence of a major UK Critical National Infrastructure (CNI) organisation. The networks protected are predominantly hosted … platforms, with many hundred systems within these environments that must be protected. The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of SC clearance with the potential for DV Clearance in the More ❯

Role Overview: Utilising knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to … improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration More ❯