1 to 25 of 66 Threat and Vulnerability Management Jobs in London

Friday 9.30am-5.30pm Hybrid work pattern Overall Objective of Role: The Cyber Security Operations Team is a critical component of the Thomas Miller security infrastructure, responsible for monitoring, detecting, and responding to security threats in real time. The team partner with a 3rd party to ensure constant vigilance over the security landscape. The Cyber Security Analyst detects, analyses, investigates and … responds to alerts and threats within the environment. Specific Responsibilities: Monitor security alerts, events, and potential threats using SOC tools. Respond to and investigate cyber security incidents, including malware outbreaks, phishing attempts and data breaches. Perform incident response, including triaging, investigation, and resolution of security incidents. Analyse network traffic, logs, and alerts to detect malicious activity. Conduct root-cause analysis … on security breaches and vulnerabilities. Prepare and maintain detailed incident reports and post-incident documentation. Collaborate with other teams to improve overall security posture. Implement and follow standard operating procedures (SOPs) for threat management and incident response. Perform regular vulnerability assessments and recommend remediation. Stay updated with emerging security trends, vulnerabilities, and exploits. Participate in red and blue More ❯

About the Role: We are seeking a highly skilled and experienced Deputy Chief Information Security Officer (Deputy CISO) to join our dynamic cybersecurity team. This is an exciting opportunity for someone with a robust understanding of information security, policy development, and hands-on technical expertise. The Assistant CISO will play a key role in rewriting and implementing information security standards … collaborating with key stakeholders to ensure alignment with organisational risk management practices, and fostering a proactive security culture across the company. As a key partner to the CISO, this role involves both strategic thinking and practical, hands-on execution of information security activities. The Assistant CISO will contribute to the development, maintenance, and enforcement of security policies and standards … while also ensuring that security risks are actively managed through collaboration with the Joint Risk Committee (JRC) and other relevant teams. Key Responsibilities: Standards Development & Rewriting: Oversee the review, rewriting, and continuous improvement of security standards to ensure they meet current industry best practices and align with legal, regulatory, and organisational requirements. Develop and implement guidelines for adherence to these More ❯

Cyber Security Engineer Reports to: Director/VP of Security Architecture & Engineering About Strada Global Strada Global is a leading provider of HR and payroll services, empowering businesses worldwide with innovative technology and secure, scalable solutions. As we continue to evolve, cybersecurity is at the core of our strategy, ensuring the protection of critical data, customer trust, and regulatory compliance. … Strada is in the midst of a major transformation, separating from our previous parent company and building a security-first culture to enable business growth. This is an exciting time to join as we migrate IT systems, strengthen cyber resilience, and develop a world-class security function. Role Overview The Cyber Security Engineer will play a critical role in designing … implementing, and maintaining security solutions that protect Strada’s cloud and on-prem infrastructure. This role will be deeply technical and hands-on, working across security operations, engineering, and risk management to strengthen our security posture while enabling the business. This position offers an opportunity to work closely with security architects, BISOs, and cloud security teams, helping Strada establish More ❯

A leading bank is seeking a skilled Security Operations Manager to strengthen its IT Security team. This role involves optimizing security controls, frameworks, and processes while supporting the integration of new technologies to enhance the bank's security posture. You will act as the right hand to the Head of IT Security, ensuring robust security services across the organization. Key … Responsibilities: Security Operations: Oversee and improve IT Security operations, ensuring efficient and compliant management of security services. Vendor Management: Manage outsourced security providers, ensuring performance meets established SLA standards. Incident Response: Lead and manage IT security incidents, including forensics when necessary. Security Services: Drive the delivery of services including Threat & Vulnerability Management, Privileged Access Management, IAM, DLP, Network Security, and Penetration Testing. Project Leadership: Lead IT/Cybersecurity improvement projects as an SME. Risk & Compliance: Evaluate IT changes for security risks, ensuring compliance with security policies and frameworks like ISO 27001/NIST. Security Controls: Operate and manage security controls to protect IT systems, ensuring alignment with regulatory and industry best practices. Continuous Improvement More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including OT, IT, web … applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial tactics, excellent communication skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments … such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current threat landscape knowledge and attacker TTPs. Develop and maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce More ❯

Job Description: Head of Cyber Threat Exposure Permanent London/Staines/Manchester (Hybrid Working) We consider all types of flexibility, including locations, hours and working patterns. We make health happen. At Bupa, we are at the forefront of an exhilarating digital transformation journey, driven by our ambition to become the world's most customer-centric healthcare provider. Our mission … is simple yet profound: to help people live longer, happier, healthier lives, and to make a better world. As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination of … vulnerability management and offensive security servicesacross all technology in Bupa. How you’ll help us make health happen Lead a team of technical security experts to drive a continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats. End to end management and delivery of security services including More ❯

Job Title: Security Analyst Location: Remote Job Summary: We are seeking a skilled and experienced Security Analyst to join our team. The ideal candidate will have a strong background in vulnerability management and experience working with Security Information and Event Management (SIEM) tools such as Microsoft Sentinel. You will play a critical role in ensuring the security … of our cloud environments, infrastructure, and business units by identifying, analyzing, and addressing vulnerabilities and threats. Key Responsibilities: Vulnerability Management: Develop, implement, and operate vulnerability management capabilities using tools like Tenable One. Deploy, configure, and manage vulnerability assessment tools (e.g., Tenable, NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools. Deliver a … seamless vulnerability management service across infrastructure and business units, ensuring the effectiveness of security measures. Threat Analysis: Utilize various sources of information to identify, analyze, and report on relevant threats and vulnerabilities. Continuously monitor and assess the threat landscape to adjust security measures accordingly. SIEM and EDR: Implement and manage SIEM tools such as Microsoft Sentinel to monitor More ❯

As Security Operations Manager at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with … GRC practices and policies as they evolve to align with current and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing, you will help train and upskill your fellow Two Circlers on topics … such security awareness, OWASP Top 10 and Security by Design, as well as understanding and feeding into their processes and workflows, to keep good security practice on the agenda. Externally, this role will also engage with our fascinating clients as appropriate to support their security assurance needs, as well as our technology partners and suppliers to ensure their alignment with More ❯

Company Description We are part of the International Airlines Group, a leading airline group operating to over 270 destinations and serving more than 100 million passengers annually. Our platform offers scalable, best-in-class procurement, finance, and IT services to brands including Aer Lingus, British Airways, IAG, IAG Cargo, IAG Loyalty, Iberia, Iberia Express, LEVEL, and Vueling. We focus on … combining functional expertise with excellent customer service to strengthen our Group's competitiveness and efficiency. Job Description This is a strategic, high-impact role suited for a hands-on cybersecurity professional. You will define and implement the operational model for collaboration between the central Security Operations Center (SOC) and supporting functions, including process formulation, technology stack setup, and establishing deliverables … for scalable security operations. Initial responsibilities include contributing to the selection and onboarding of a Managed Security Services Provider (MSSP), working closely to define operational procedures, KPIs, and SLAs. Building a strong relationship with the MSSP will be key. Long-term, you will develop a business case for internal capabilities, laying the groundwork for an in-house team and transitioning More ❯

weeks ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features. This range is provided by Two Circles. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range Role Profile: As Security Operations Manager at Two Circles, you play a key … role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and policies as they evolve to align with current … and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing, you will help train and upskill your fellow Two Circlers on topics such security awareness, OWASP Top 10 and Security by Design, as More ❯

Hello, let us introduce ourselves! We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches. With experience informed by years of simulating sophisticated cyber attacks against some of the world's largest organisations … our mission is to enable organisations to continuously understand how an attacker would successfully compromise their business-with cutting-edge Attack Surface Management and Continuous Automated Red Teaming technology. watchTowr was named within Gartner's Emerging Tech Impact Radar report in 2023, in Gartner's Innovation Impact report for ASM in 2024, and is utilised by Fortune 500 and … other large enterprises globally. Our research is well-known and respected across the cybersecurity industry and can be found in various news outlets-while fuelling the watchTowr Platform. We are a young, high-energy, and high-performing team delivering world-class technology to help our clients prevent breaches. We are in a high and aggressive growth phase of our journey More ❯

We'll inspire and empower you to deliver your best work so you can evolve, grow and succeed - today and into tomorrow. We offer an exciting range of opportunities to develop your career within a supportive and diverse team who always strive to do the right thing for our people, clients and communities. People are our greatest asset, and we … offer a competitive package to retain and attract the best talent. In addition to the benefits you'd expect, UK employees also receive free single medical cover and digital GP service, family-friendly benefits such as enhanced parental leave pay and free membership of employee assistance and parental programmes, plus reimbursement towards relevant professional development and memberships. We also give … back to our communities through our Collectively program which incorporates matched-funding, paid volunteering time and charitable donations. Work-life balance and flexibility is a key focus area for us. We're happy to discuss hybrid, part-time and flexible working hours, patterns and locations to suit you and our business. About the opportunity We are currently seeking a dynamic More ❯

As part of the SIC Team, you will: Monitor security tooling, conduct triage and analysis of alerts, events, and security incidents. Validate, verify, and report on protective or countermeasure solutions, both technical and administrative. Coordinate and investigate security incidents through to resolution. Collaborate with resolver groups to respond to and investigate security incidents. Manage functional mailboxes and respond to email … inquiries from the account and clients. Oversee security ticket queues and review and raise security incidents in ticketing systems. Assist in security reporting, ensuring timely and quality delivery. Prepare and present reports using Microsoft PowerPoint and Excel. Provide Critical Incident Response Reports and lessons learned to stakeholders. Handle legal and law enforcement-related issues as necessary. Review security incidents periodically … for trend analysis and recommend improvements or sales opportunities to the Security Delivery Lead. Respond to incidents following playbooks and the Security Incident Management Process. Advise the account on Critical Security Advisories, including responses to Threat Advisories, ModCerts, Carecert, and emergency patches. Develop and maintain a vulnerability management system for zero-day vulnerabilities. Manage security information requests More ❯

Direct message the job poster from QA Ltd Remote (Once a month to London or Leeds office) This senior role will involve you in strategic decision-making, system implementations, and the adoption and testing of new processes and procedures which improve the security and robustness of QA’s organisational infrastructure and associated IT systems. As a Head of Cyber Security … Operations you will be responsible for safeguarding QA from intrusion, security threats, security weaknesses, software bugs and exploits. You will be responsible for direct and virtual teams involved in keeping QA secure. Role Responsibilities: Management of the Security Operations Centre service, ensuring resources are aligned to monitor and protect QA IT assets including 24/7 out of hours … on call coverage. Responsible for security event monitoring, incident response and cyber/threat intelligence across QA. To respond rapidly and effectively to any IT security incidents, co-ordinating and managing them through to a successful conclusion. Ensure that the monitoring, logging, and prevention toolsets are aligned to the needs of the security function/the business and are delivering More ❯

looking for an Information Security Risk Lead to join their growing team. The Information Security Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by my client to identify, measure, monitor and mitigate information security risks. The successful … candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of information security processes and controls. This position is highly engaged with the firm-wide Information Security teams who provide security solutions as well as all corporate departments that own information security risk. What they are looking for: 10+ years … of experience specifically related to information security governance, operations, and risk management. Broad-based technology experience at substantial scale and complexity in a global, highly regulated, high-volume transaction environment. Experience must include time operating within transaction services environments characterized by the need for continuous availability and the highest levels of security. Experience with developing and managing Operational Risk programs More ❯

Cyber Security Engineer to join their team, securing the infrastructure of high–profile customers alongside the internal environment. This business partners with leading tech vendors including Microsoft, Cisco, Juniper, and many more. They add to their customer base year upon year leading them to where they are today, one of the UK's best rated MSPs with an extensive list … of clients nationwide. The position offers full responsibility for ensuring customers' data, systems, and networks remain secure, and any possible threats eliminated. The position will see you accountable for implementing, configuring, and maintaining security tools and platforms to prevent future vulnerabilities and attacks. You'll also be responsible for helping to maintain accreditation with information security policies and frameworks, including … Cyber Essentials, ISO27001, etc. Duties include: Reviewing current security procedures and processes. Researching, advising, and implementing new tools and countermeasures to better protect systems and data. Monitoring for attacks and instructions. Responding to alerts, threats, and breaches, with resolutions. Keeping company up to date and compliant with industry best practice, policies, and guidelines. Contributing to deployment of Cybersecurity related projects More ❯

role at Jobs via eFinancialCareers 1 day ago Be among the first 25 applicants Join to apply for the Analyst - Bloomberg role at Jobs via eFinancialCareers Our Team: The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure … the confidentiality, integrity, and availability of Bloomberg systems and the data we process. We aim to ensure that our clients see us as a trusted partner. Our Team: The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure … the confidentiality, integrity, and availability of Bloomberg systems and the data we process. We aim to ensure that our clients see us as a trusted partner. We report to the Chief Information Security Office (CISO) who owns the technical aspects of this mission by ensuring Bloomberg products, systems, networks and commercial applications are built and maintained with security in mind. More ❯

Security Specialist, looking for their next step up to an architecture position with cloud experience to join the client-facing Cyber team. The ideal candidate will possess strong technical and functional experience in a consulting environment. What your days will look like Delivering high-quality expertise in security architecture services to our wide range of clients, providing them with tailor … made solutions for their challenges Roles and responsibilities Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud based security offerings. Propose, design, plan and execute strategic and tactical operational security objectives. Perform deep analysis and develop metrics that measure current risk Identify appropriate technology/data … sources and drive the collection of data necessary to effectively evaluate threats. Communicate threat intelligence and vulnerability management options Analysing threats and current security controls to identify gaps in current defensive posture Meet with clients and leading workshops This role is for you if: You have strong experience in architecture and security management as well as an More ❯

About Bridewell One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of the world’s most trusted organisations. We are the trusted partner for operators of essential services and provide end-to-end cyber security capabilities that help … our clients overcome their security challenges, allowing them to operate safely and securely. Bridewell holds the Gold level, Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly one team. Who are we looking for? We are looking for an experienced Project Manager who can lead and support on several projects at … any one time, with proven experience engaging and managing relationships with various stakeholders, including clients, vendors, and internal teams. Ideally, you’ll have worked with a Cyber Security services provider or within a Cyber Security function, with knowledge of Cyber Security principles, standards, and technologies desirably resulting in at least a foundation level qualification (e.g. ISC2 CC, BCS CISMP). More ❯

Vulnerability Analyst Tenable SME Outside IR35 6 Months Hybrid - Central London My client is looking for a Vulnerability Analyst with a deep understanding of Threat management. A leading organisation is urgently seeking a Vulnerability Analyst to help mature and deliver their vulnerability management programme and Tenable is central to the role. As the SME, you … will own the end-to-end vulnerability management lifecycle from tooling and assessments to governance, reporting and stakeholder engagement. You ll work cross-functionally with technical teams, business units, and leadership to ensure that vulnerability risks are effectively understood and addressed in line with business priorities and regulatory requirements. Key Responsibilities of the Vulnerability Analyst: Leading … the end-to-end vulnerability management process using Tenable . Develop, deploy and maintain a comprehensive vulnerability management program. Conducting regular vulnerability scans and penetration testing activities to proactively identify and assess security weaknesses across systems and infrastructure. Using Tenable to run regular assessments and deliver actionable insights. Partnering with IT and security stakeholders to More ❯

Vulnerability Analyst – Tenable SME – Outside IR35 – 6 Months – Hybrid - Central London My client is looking for a Vulnerability Analyst with a deep understanding of Threat management. A leading organisation is urgently seeking a Vulnerability Analyst to help mature and deliver their vulnerability management programme and Tenable is central to the role. As the SME, you … will own the end-to-end vulnerability management lifecycle — from tooling and assessments to governance, reporting and stakeholder engagement. You’ll work cross-functionally with technical teams, business units, and leadership to ensure that vulnerability risks are effectively understood and addressed in line with business priorities and regulatory requirements. Key Responsibilities of the Vulnerability Analyst: Leading … the end-to-end vulnerability management process using Tenable . Develop, deploy and maintain a comprehensive vulnerability management program. Conducting regular vulnerability scans and penetration testing activities to proactively identify and assess security weaknesses across systems and infrastructure. Using Tenable to run regular assessments and deliver actionable insights. Partnering with IT and security stakeholders to More ❯

Vulnerability Analyst – Tenable SME – Outside IR35 – 6 Months – Hybrid - Central London My client is looking for a Vulnerability Analyst with a deep understanding of Threat management. A leading organisation is urgently seeking a Vulnerability Analyst to help mature and deliver their vulnerability management programme and Tenable is central to the role. As the SME, you … will own the end-to-end vulnerability management lifecycle — from tooling and assessments to governance, reporting and stakeholder engagement. You’ll work cross-functionally with technical teams, business units, and leadership to ensure that vulnerability risks are effectively understood and addressed in line with business priorities and regulatory requirements. Key Responsibilities of the Vulnerability Analyst: Leading … the end-to-end vulnerability management process using Tenable . Develop, deploy and maintain a comprehensive vulnerability management program. Conducting regular vulnerability scans and penetration testing activities to proactively identify and assess security weaknesses across systems and infrastructure. Using Tenable to run regular assessments and deliver actionable insights. Partnering with IT and security stakeholders to More ❯

Role overview: Working for a security vendor, you’ll be responsible for supporting the Head of SecOps in overseeing the company’s Security Operations activity, improving and challenging existing processes and procedures in a very agile and fast moving information security environment. Main tasks and responsibilities: Operate within a global team that takes responsibility for the security monitoring of key … technologies and tools across the estate Lead and manage a team of Security Analysts & the Vulnerability management team Comfortable operating in a technical capacity performing hands-on incident response and supporting/managing SOC analysts Act as a SME in matters related threat and vulnerability management incl incident response Understand security incidents and the likely impact … these will have on the business Define and report on KPIs with recommendations for improvement Identify security risks, threats and vulnerabilities of the company’s network, systems, applications and new technology initiatives Implement and maintain operating run books, operating processes and procedures Help to develop and configure use cases, and alerting rules within SIEM technologies Mange the vulnerability management More ❯

A dynamic and prestigious professional services company based in the heart of the City of London are seeking a talented Cyber Security Analyst to join their team. This multifaceted position offers an exceptional opportunity for an experienced professional to work with their offices around the world to support cyber security initiatives. The successful candidate will possess strong analytical skills, an … understanding of security administration, risk management and identity access management solutions. The main focus of the role will include: Performance of system security administration on designated technology platforms in accordance with the defined policies, standards and procedures, as well as with industry best practices and vendor guidelines Completion of threat and vulnerability assessments, in some cases followed … by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Collating security incident and event data to produce monthly exception and management reports Reporting unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes Developing and maintains documentation for security systems and procedures Responding More ❯

A dynamic and prestigious professional services company based in the heart of the City of London are seeking a talented Cyber Security Analyst to join their team. This multifaceted position offers an exceptional opportunity for an experienced professional to work with their offices around the world to support cyber security initiatives. The successful candidate will possess strong analytical skills, an … understanding of security administration, risk management and identity access management solutions. The main focus of the role will include: Performance of system security administration on designated technology platforms in accordance with the defined policies, standards and procedures, as well as with industry best practices and vendor guidelines Completion of threat and vulnerability assessments, in some cases followed … by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Collating security incident and event data to produce monthly exception and management reports Reporting unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes Developing and maintains documentation for security systems and procedures Responding More ❯