51 to 75 of 225 Vulnerability Management Jobs in England

Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk … Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention … systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and More ❯

/3 days a week) Rate: £465 per day inside IR35 Start Date: ASAP What's the role? This is a technically diverse Security Analyst position covering areas like: Vulnerability management (Tenable.io or equivalent) SIEM monitoring (Elastic preferred) and log analysis Incident detection, triage, and escalation (CrowdStrike or similar EDR) Compliance audits (ISO27001, STIGs) Infrastructure hardening and security … playbooks, and security runbooks Who are we looking for? Ideal candidates will bring: At least 2 years' experience in a Security Analyst or SOC-type role Strong understanding of vulnerability management, EDR/SIEM alert triage, and incident response Experience with compliance frameworks (ISO 27001, NIST, etc.) A working knowledge of VMware, AD, Windows Server, Linux Comfort handling More ❯

Develop, review, and maintain information security policies and procedures. Manage third-party risk processes and contribute to vendor assurance activities. Align business functions with regulatory and security requirements. Oversee vulnerability management efforts in collaboration with IT and SOC teams. Conduct security architecture reviews and evaluate controls for improvement. Support deployment of new security tools and technologies. Provide oversight … We’re Looking For 3+ years in Information Security roles, with GRC and technical exposure. Experience working with ISO 27001, NIST, or equivalent frameworks. Understanding of risk assessment and vulnerability management processes. Excellent communication and stakeholder engagement skills. Strategic mindset and ability to lead and mentor. Strong analytical and problem-solving skills. 💼 The Organisation This is a well More ❯

of the business, helping guide solutions that align with security and project requirements by articulating the real-world cyber security risks associated. You will also be responsible for our Vulnerability Management program ensuring that agreed SLAs are achieved and provide consultation when solutions are not straight forward. As the Senior Cyber Security Consultant, you will be providing mentorship … requests, you will provide subject matter expertise for internal projects and stakeholders, identifying risks and advising on the correct approach to mitigate those risks You will have responsibility for Vulnerability Management managing outputs from internal tooling and external vendors in order to prioritise remediation by relevant internal parties in order to ensure the identified risks are mitigated You … of the Team, fostering an inclusive, supportive and engaged learning environment, being a key contributor to a high performing and professional Security Team. Knowledge, skills and experience Strong stakeholder management skills A strong understanding of enterprise ICT and security principles A strong understanding of cloud security concepts and technologies Understanding of the CI/CD process and security integrations More ❯

Vulnerability Analyst – 3-month contract My Customer is seeking a proactive and skilled Vulnerability Analyst to join their team in a highly regulated, mission-critical 24/7 environment. Their infrastructure includes over 450 servers operating across both Windows and Linux platforms — making secure access and timely response essential. Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools is needed for this role. Key Skills from the Vulnerability Analyst: Demonstrated experience in vulnerability management within large-scale enterprise or corporate environments . Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools. Strong working knowledge of Windows and Linux operating systems , including their associated technology … stacks. Able to operate effectively in a secure, complex, and highly regulated setting with restricted access considerations. Key responsibilities for the Vulnerability Analyst: Daily monitoring and analysis of security events and vulnerabilities. Proactively reviewing Qualys reports to identify missing patches, misconfigurations, and other potential threats. Collaborating closely with infrastructure and operations teams to coordinate and apply remediation actions. Ensuring More ❯

Vulnerability Analyst – 3-month contract My Customer is seeking a proactive and skilled Vulnerability Analyst to join their team in a highly regulated, mission-critical 24/7 environment. Their infrastructure includes over 450 servers operating across both Windows and Linux platforms — making secure access and timely response essential. Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools is needed for this role. Key Skills from the Vulnerability Analyst: Demonstrated experience in vulnerability management within large-scale enterprise or corporate environments . Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools. Strong working knowledge of Windows and Linux operating systems , including their associated technology … stacks. Able to operate effectively in a secure, complex, and highly regulated setting with restricted access considerations. Key responsibilities for the Vulnerability Analyst: Daily monitoring and analysis of security events and vulnerabilities. Proactively reviewing Qualys reports to identify missing patches, misconfigurations, and other potential threats. Collaborating closely with infrastructure and operations teams to coordinate and apply remediation actions. Ensuring More ❯

business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage risk effectively Contributing to compliance efforts including ISO27001, supplier security and data privacy, helping … and product teams to embed secure thinking into design and delivery Keeping pace with emerging threats and contributing to strategic conversations about how we evolve our approach Experience with vulnerability management Experience with scaling tools such as CSPM, SIEM, IAM and Endpoint protection You're hands on, curious and motivated by solving real problems You enjoy working closely More ❯

the IT Service Desk Providing support via tickets, email and phone Assisting with pre-sales technical support Leading the response during P1 critical issues Completing BAU tasks including patch management , vulnerability management , and backend system troubleshooting Onboarding new clients when needed Supporting non-technical colleagues with escalated issues Reporting directly to the Service Desk Manager The Person More ❯

sales engineering within a relevant sector. Experience in network technologies, and certification (NSE7, CCNA, CCNP, Network +, or similar). Experience in Cyber Security (Security Operations, Risk Mitigation, Incident Management, Vulnerability Management, or similar disciplines). Experience in Compliance and Governance (ISO (phone number removed), NIST, GDPR, Cyber Essentials, or similar frameworks). Can build and develop More ❯

Life on the team The Vulnerability Governance Analyst role will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security … incident procedures Build, manage and update Vulnerability Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident … management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical and non-technical teams to coordinate changes and More ❯

Life on the team The Vulnerability Governance Analyst role will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security … incident procedures Build, manage and update Vulnerability Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident … management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical and non-technical teams to coordinate changes and More ❯

Life on the team The Vulnerability Governance Analyst role will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security … incident procedures Build, manage and update Vulnerability Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident … management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical and non-technical teams to coordinate changes and More ❯

Cyprus, Greece, Hong Kong, Japan, and Singapore. Overall Job Purpose : The Junior Information Security Officer (JISO) will assist the Information Security team in implementing and maintaining the information security management system with the objective of managing risks to information assets to an acceptable level. The JISO will develop a good understanding of the information security policies, standards and procedures … organisation's technology landscape to help identify potential threats and vulnerabilities. Key Responsibilities: Assist in maintaining the information security standards, procedures and guidelines. Participate in the information security risk management process to identify, assess, treat and monitor risks. Manage information security incidents and events to protect information assets. Help develop and implement incident response plans and procedures to ensure … Assist with the quarterly cybersecurity ITSC and Board updates and key risk indicator reporting. Maintain the information security awareness training program and conduct phishing tests. Maintain the Privileged Access Management, Security and Event Management and Vulnerability Management systems. Assist in identifying security solutions that will be effective in mitigating risks to information assets. Manage the implementation More ❯

and ensuring our products and cloud infrastructure are secure, resilient, and compliant. In this role, you will have the unique opportunity to lead our SOC2 audit activities, perform risk management reviews, and drive our vulnerability management program in alignment with industry best practices. Your keen eye for detail and exceptional problem-solving skills will be invaluable in … and external standards. Translate audit findingsand test results into clear, actionable tasks for the engineering and DevOps teams. Perform vendor security assessments, managing risk across our supply chain. Manage vulnerability and patch management, ensuring critical software libraries are kept up to date. Enforce security policies, particularly regarding open-source software and licensing compliance. Plan and lead annual Business More ❯

rewarded. OVERVIEW OF THE DEPARTMENT/SECTION IT Risk, Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting the global Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department deploys, supports and monitors security solutions such as virus … protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk. NUMBER OF DIRECT REPORTS 1-2 MAIN PURPOSE OF THE ROLE To manage the technical delivery of various cybersecurity projects and contribute to the overall success of the Cybersecurity programme function by: Ensuring that projects are delivered according to scope, on time and … etc. Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Threat Intelligence, Risk Evaluation, Security Assessment/Testing, Incidence Management and Vendor/Cloud products assessment. Possessing high level of analytical ability where problems are typically unusual and More ❯

the senior lead to ensure our state of the art security centre is as effective and as efficient as can possibly be. As well as the proactive and responsive management of your team you will also have input for the strategy and future direction of our operation. Main tasks and responsibilities: Manage Shared SOC for more than 100 FTE … improvisation to achieve operational objectives Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre Management, administration & maintenance of security devices under the purview of SOC which consists … build and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents More ❯

My client, an International Financial Services client based in London, are looking for an Information Security Risk Lead to join their growing team. The Information Security Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by my client … to identify, measure, monitor and mitigate information security risks. The successful candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of information security processes and controls. This position is highly engaged with the firm-wide Information Security teams who provide security solutions as well as all corporate departments that … procedures, guidelines, and structure. Functional expertise, with operational knowledge of and exposure to various current and emerging information security areas such as: v Cyber resilience v Identity & privileged access management v Secure coding practices v Third-party risk management v Cloud security configuration and control frameworks v Threat/vulnerability management v Network security B.S. in More ❯

and work closely with stakeholders to ensure compliance and security best practice across the business. You will also assist with maintaining and improving the company’s accredited Information Security Management System (ISMS), with a particular focus on ISO 27001 and Cyber Essentials Plus requirements. In addition, you will help mentor team members, providing guidance and support to develop their … is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat intel research and recommends security improvements. Qualifications Extensive … PHP, MySQL, PostgreSQL, Nginx, Mercurial and Git. Good understanding of cyber security practices in relation to cloud hosting, preferably with experience of AWS. Good understanding of open-source risk management using enterprise management tools. An understanding of Service Management disciplines, ideally using the ITIL framework. Ability to keep up to date with technology trends and to understand More ❯

and work closely with stakeholders to ensure compliance and security best practice across the business. You will also assist with maintaining and improving the company’s accredited Information Security Management System (ISMS), with a particular focus on ISO 27001 and Cyber Essentials Plus requirements. In addition, you will work collaboratively with the wider Cyber Security team to define and … is considered throughout the entire SDLC. Create and maintain documentation around the use of cyber security technology in the organisation. Carry out threat detection and incident response. Carry out vulnerability management and remediation. Collaborate as needed with third-party security vendors for expert advice and issue resolution. Carry out threat intel research and recommend security improvements. What do … PHP, MySQL, PostgreSQL, Nginx, Mercurial and Git. Good understanding of cyber security practices in relation to cloud hosting, preferably with experience of AWS. Good understanding of open-source risk management using enterprise management tools. An understanding of Service Management disciplines, ideally using the ITIL framework. Ability to keep up to date with technology trends and to understand More ❯

on CV's he has seen so far:The CVs I've seen don't seem to have experience in conducting testing of controls specifically, they have more technical management of security tools or policy strategy focused. About the IT Security Goverance and Risk AVP role: The individual will be part of the security function that is responsible for … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

our enterprise client's security is of paramount concern. Main tasks and responsibilities: Provide expertise on resolution that requires a higher level of resolution. Assist with Problem and Change management support for the resolution of incidents. Proactively identify opportunities of improvement from a technical perspective. Perform threat management, threat modelling, identify threat vectors and develop use cases for … security monitoring Pre-requisites: Experience of 9-12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Further info: Competitive Basic/day rate London To apply: Please either More ❯

with stakeholders to maintain compliance with industry standards such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks More ❯

The role involves: • Managing, maintaining and upgrading enterprise server and storage hardware • Providing internal support for office hardware including, PCs, laptops, mobile devices (Windows OS, iOS, MacOS and Android) • Vulnerability management using scanning tools such as Nessus • Remediation/automation of software rollout using Ninite/PDQ • Configuring and monitoring of Anti-virus software & Mobile Device Management • Firewall/Switch management - Configuration, patching and upgrading • Administering Microsoft Active Directory, Exchange Server & Office 365 • Achieving recognised Cyber Security accreditation • Management of video conferencing • Management of enterprise level phone system • Monitoring and managing the availability and scalability of resources, including CPU usage, disk usage and storage systems including network troubleshooting • Continuously improving and keeping up More ❯

Trust in digital transactions and financial technologies is crucial for the smooth functioning of modern society. Neelam Kadbane, our next pathbreaker, Senior Vulnerability Analyst at Mastercard, identifies and addresses security vulnerabilities within Mastercard's environment & products by conducting network penetration tests. Neelam talks to Shyam Krishnamurthy fromThe Interview Portal about the innumerable challenges and the satisfacation of her work … . It was a significant achievement for me, especially since it's rare for companies to hire freshers directly into the InfoSec domain. At Qualys, I worked with the Vulnerability Management team, where we researched new CVEs and zero-day vulnerabilities, and developed signatures for vulnerability scanners. A zero-day vulnerability is a security flaw in … software or hardware that is unknown to the vendor or developer. Since the vendor is unaware of the vulnerability, no patch or fix is available, making it highly dangerous. The term "zero-day" comes from the fact that once the vulnerability is discovered by malicious actors, the vendor has zero days to fix it before it can be More ❯