26 to 50 of 236 Vulnerability Management Jobs in England

and maintain the organization's information security strategy, policies, standards, and procedures in alignment with business objectives and regulatory requirements. Lead the development and implementation of an Information Security Management System (ISMS), based on ISO 27001 Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate mitigation strategies. Stay up-to-date with the latest cybersecurity threats, trends, technologies … Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response … ensure security is embedded in the design, implementation, and maintenance of all IT infrastructure, including cloud environments (e.g., Azure, AWS, GCP), networks, servers, and endpoints. Manage access controls, identity management (e.g., Entra ID/Azure AD), and privileged access management (PAM) systems. Manage access control processes to 3rd party applications, and 3rd party relations. Oversee the patching and More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Key Skills Proven experience leading More ❯

and access across the enterprise. Endpoint Control Configure endpoint security solutions including EDR, anti-malware (Defender), and DLP. Application Deployment Deploy applications for on-premises and cloud (Intune) solutions. Vulnerability Management Perform vulnerability assessments using Tenable, driving remediation and continuous improvement. Cloud Infrastructure Design, execution and optimisation of technical platforms & services including Azure services, Intune and MDM … technologies (Windows Server/Desktop, Active Directory, Group Policies, WSUS, Certification Authority). Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials). Excellent problem-solving skills and ability to work under pressure. Strong communication More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

East and Africa, Asia and Oceania, and East Asia The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.As one of the top financial groups globally with a vison to be the world's most trusted, we want to attract, nurture and retain the most talented … and MUFG Americas Holdings.Please visit our website for more information - Security department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting Head Office Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department supports and monitors security solutions such as virus protection … vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.Main Purpose of the Role :We are seeking a highly skilled Privileged Access Management (PAM) Lead with deep expertise in CyberArk to drive the strategy, implementation, and continuous improvement of our enterprise PAM program. The ideal candidate will possess strong technical leadership, hands-on More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

key role in supporting the delivery of the Government Cyber Security Strategy by coordinating and providing centralised cyber services to public sector organisations. These services help strengthen resilience, improve vulnerability management, and enhance the security of core internet services such as DNS, email and web. Role Overview As a Senior Business Analyst , you will support the design, improvement … improvements that enhance service performance and security. Key Responsibilities Engage with public sector organisations to understand cyber security services and challenges Model current processes, systems and data, particularly around vulnerability management Share analysis and findings with service owners and project teams Identify opportunities for improvement across processes and services Work closely with User Researchers and Service Designers to … across organisational boundaries Skills & Experience Required Aligned to the Senior Business Analyst role level in the Government Digital & Data Profession Framework: Strong practitioner-level experience in business modelling, requirements management, stakeholder management, process improvement and problem analysis Proven ability to analyse business problems across multiple organisations or business units Experience developing complex models to support solution development Ability More ❯

role for someone who enjoys implementing business-appropriate structure & process improvement, whilst balancing strategic problem-solving. Key Responsibilities Security Lead and manage customer questionnaires and client audits Oversight of vulnerability management and ensure remediation across environments is in line with company policy Oversight of applicable SIEM and monitoring process to ensure that security response is in line with … enable transparent, informed decision-making Coordinate external audit processes, including ISO 27001, ISO9001 Oversight of the asset register for all customer environments to support audits and effective control Risk Management Manage project compliance risks (including privacy, compliance and security risks), proactively identifying issues before they escalate Assess and mitigate third-party and supply chain security risks, ensuring partners meet … robust standards in line with company policy Oversight of change management processes, ensuring major software or infrastructure changes are performed in line with company policy Partner with business units to embed risk management into day-to-day decision-making Maintaining the Risk Register, tracking remediation tasks and preparing risk reports Customer Engagement Serve as the internal point of More ❯

You will ensure robust, efficient and globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line … with regional regulation and to support the management of cyber incidents. It is essential the individual who will fill this role has prior management experience, has supported building security teams previously and has knowledge around their responsibility at this level to report incidents and security concerns within regulatory timelines and standards. About the role Within this role, you … will have been supporting the Group CISO by managing the security team and programmes of work in your responsibility area. You will be responsible for the management of any global Cyber Incidents by supporting the CISO team. Additionally, you will be: Working collaboratively with the SOC to ensure 24/7 visibility and threat detection across global environments, driving More ❯

s Network Segmentation capability. Operational Excellence and Governance Regulatory and Security Compliance: Ensure network segmentation initiatives comply with regulatory, operational, and security standards, adhering to HSBC's Operational Risk Management Framework. Governance and Risk Management: Oversee governance mechanisms to evaluate, review, and implement network segmentation solutions. Proactively identify, monitor, and manage risks, ensuring alignment with architectural principles. Continuous … segmentation in hybrid environments. Security Zones and Policies: Understanding of security zones, VLANs, subnets, and firewall policies to design and enforce segmentation across large scale networks. Threat Modelling and Vulnerability Management: Expertise in threat modelling and vulnerability management practices to safeguard critical assets and infrastructure. Cloud Security and Development: Understanding of cloud environments (e.g., AWS, GCP More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement: Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management: Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

defences across both on-prem and cloud environments (cloud being a key area of focus) Implementing, configuring, and regularly updating a wide range of security toolsets including EDR, SIEM, vulnerability management, IAM, and cloud security solutions Collaborating closely with IT, Development, and third-party teams to embed security into all aspects of our operations Conducting regular risk assessments … vulnerability scans, and open-source intelligence (OSINT) investigations Monitoring emerging threats, including zero-day vulnerabilities and newly published CVEs, and evaluating their relevance and impact Investigating and responding to security incidents, identifying root causes, and driving continuous improvements Shaping and delivering engaging security awareness training across the business Advising on the security implications of new technologies and contributing to … explain complex technical issues to both technical and non-technical audiences Hands-on experience configuring and managing tools in the cloud security space Experience working with Identity and Access Management (IAM) solutions, including previous configuration work Proficiency in the day-to-day management and monitoring of Endpoint Detection and Response (EDR) tooling Experience with vulnerability management More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

on strengthening our security posture through technical expertise and cross-departmental collaboration. You will report into the IT Information Security Manager with expected collaboration with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to … wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report/escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create More ❯

on strengthening our security posture through technical expertise and cross-departmental collaboration. You will report into the IT Information Security Manager with expected collaboration with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to … wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report/escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

Key Responsibilities - Develop, implement, and maintain information security assurance programs. Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF). Conduct risk assessments and vulnerability management activities. Maintain robust security controls across enterprise assets, software, networks, and applications. Support incident response and recovery processes, including penetration testing and audit log management. Deliver training … expert advice on secure configurations, malware defences, and network monitoring strategies. Qualifications & Experience - Mandatory: At least 5 years' experience in information security assurance roles. Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST). Strong understanding of security controls across data, networks, applications, devices, and users. Desirable: Familiarity with regulations in the Nuclear industry … and ability to engage with diverse stakeholders. A proactive, curious, and analytical mindset with strong problem-solving skills. Technical Skills: Comprehensive knowledge of security controls, including: Data Protection, Account Management, and Access Control Management. Continuous Vulnerability Management and Incident Response. Penetration Testing and Security Awareness Training. Secure Configuration and Network Monitoring. More ❯

Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance security monitoring, logging and alerting (including SIEM/threat detection). Create security documentation (designs, risk assessments, mitigation plans, ops … and data protection (classification, encryption) policies. Experience aligning builds to recognised frameworks (e.g., NIST, CIS Controls, ISO 27001, Cyber Essentials Plus). Implementing monitoring/logging/alerting and vulnerability management tools including SIEM. Ability to define security configurations and drive consistent adoption across estates. Experience producing security artefacts (risk assessments, hardening standards, runbooks). Understanding of security More ❯

security analysts, manage relationships with Managed Security Service Providers, and act as the first line of defence for security incidents. You’ll drive maturity in our security operations, oversee vulnerability management, and ensure our response to cyber threats is swift and effective. This is a hands-on leadership role that combines technical expertise, strategic influence, and people development. … embed robust processes that protect the business globally. What we’re looking for: Proven experience leading a Security Operations or Incident Response function Strong technical background across SIEM, EDR, vulnerability management, and cloud security (Azure preferred) In-depth understanding of security frameworks such as NIST CSF, ISO 27001, and MITRE ATT&CK Excellent stakeholder engagement and vendor management More ❯

and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through capabilities including Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a consulting led Security Advisory practice. As a Senior Security Engineer, you will be responsible for designing, implementing and maintaining … CrowdStrike or Elastic • Proven ability to build and tune detection rules, dashboards and automation playbooks • Knowledge of scripting or automation using KQL, PowerShell, Python or similar • Familiarity with log management, APIs and data normalisation • Understanding of cloud security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving … CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to threat hunting, vulnerability management or red team automation What You’ll Get • Competitive salary £65,000 to £85,000 depending on experience • Hybrid and flexible working arrangements • Funded training and certification More ❯

services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through a powerful mix of Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a world class Security Advisory function. As a Senior SOC Analyst, you will take a leading role in identifying, investigating … and a collaborative mindset Passion for learning and knowledge sharing Desirable Experience Experience with scripting or automation using PowerShell, KQL or Python Exposure to threat hunting, threat intelligence or vulnerability management Experience mentoring or coaching junior analysts What You’ll Get Competitive salary £40,000 to £55,000 depending on experience Hybrid working and flexible hours Funded training More ❯

security analysts, manage relationships with Managed Security Service Providers, and act as the first line of defence for security incidents. You'll drive maturity in our security operations, oversee vulnerability management, and ensure our response to cyber threats is swift and effective. This is a hands on leadership role that combines technical expertise, strategic influence, and people development. … embed robust processes that protect the business globally. What we're looking for: Proven experience leading a Security Operations or Incident Response function Strong technical background across SIEM, EDR, vulnerability management, and cloud security (Azure preferred) In-depth understanding of security frameworks such as NIST CSF, ISO 27001, and MITRE ATT&CK Excellent stakeholder engagement and vendor management More ❯