1 to 25 of 68 Vulnerability Management Jobs in London

Primary Details Time Type: Full time Worker Type: Employee Vulnerability Management Data Analyst Permanent London/Hybrid At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity As part of our continuous improvement and expansion of the vulnerability management function, we are seeking a highly motivated Vulnerability Management Data Analyst to join our Global Security Operations Centre. This permanent, hybrid role is based out of our London office and reports to the Threat & Vulnerability Manager. The successful candidate will play a key role in strengthening QBE’s cyber resilience by turning complex security data into … meaningful insights. This role will directly support the identification, prioritisation, remediation and reporting of vulnerabilities—helping QBE stay ahead of emerging threats. Your New Role As a Vulnerability Management Data Analyst, you’ll collaborate with teams across security engineering, vulnerability management, service management, cyber governance, risk and divisional consultancy to ensure data accuracy, develop dashboards More ❯

Vulnerability Management Engineer London/WFH to £75k Are you a tech savvy Vulnerability Management Engineer with a broad range of security knowledge? You could be progressing your career at a global, hugely profitable, Investment Management firm. As a Vulnerability Management Engineer you'll perform assessments and communicate findings to stakeholders on the … day a week. About you: You have experience in a similar position with knowledge of common cyber attack types such as DDoS, SQLi, XSS, etc. You have experience with vulnerability assessment software and prioritisation of results using a combination of various frameworks tied to internal objects (CVE, CVSS, EPSS, etc.). You have experience of assessing, documenting and communicating … AWS You have a background with network security or secure code development You're collaborative and pragmatic with great communication skills What's in it for you: As a Vulnerability Management Engineer you can expect to earn a competitive package: Salary to £75k Significant bonus Pension (15% employer contribution) Private Health, Dental and Optical care Life Assurance and More ❯

Vulnerability Management Engineer London/WFH to £75k Are you a tech savvy Vulnerability Management Engineer with a broad range of security knowledge? You could be progressing your career at a global, hugely profitable, Investment Management firm. As a Vulnerability Management Engineer you'll perform assessments and communicate findings to stakeholders on the … day a week. About you: You have experience in a similar position with knowledge of common cyber attack types such as DDoS, SQLi, XSS, etc. You have experience with vulnerability assessment software and prioritisation of results using a combination of various frameworks tied to internal objects (CVE, CVSS, EPSS, etc.). You have experience of assessing, documenting and communicating … AWS You have a background with network security or secure code development You're collaborative and pragmatic with great communication skills What's in it for you: As a Vulnerability Management Engineer you can expect to earn a competitive package: Salary to £75k Significant bonus Pension (15% employer contribution) Private Health, Dental and Optical care Life Assurance and More ❯

technologies. Turnkey is headquartered in London with offices across Asia, Australia, Europe, and North America. Role Overview We are seeking an experienced individual with a strong foundation in SAP Vulnerability Management and Threat Detection systems, including associated controls, proficiency in SAP environments, and awareness of Cybersecurity frameworks. Responsibilities Design, implement, and assess vulnerability management frameworks, primarily … within SAP-enabled environments. Lead client conversations on SAP Vulnerability and Threat Management strategy, compliance challenges, and controls optimisation. Provide insight on Information Security frameworks (OWASP/NIST/NIS2 etc.) and the Secure Operations Map, helping communicate regulatory or good practice obligations and actionable solutions. Manage and mentor junior consultants and analysts to aid a high-performance … Strong experience designing and executing detection and protective controls, ideally within SAP ERP systems. Experience in one of Onapsis, Security Bridge, SAP ETD, Pathlock CAC. Strong experience of implementing vulnerability management controls (implementation and testing). Knowledge of relevant industry frameworks and vendor solutions aligned to provide such control solutions. Demonstrated ability to lead engagements and communicate effectively More ❯

unique experience in an inclusive environment that helps them thrive. The role: .The role will develop, implement, and manage the Operational Resilience Framework within the region through the direct management of capabilities, as well as through coordination and partnership with other functions within the firm. Responsibilities: Strategy and Policy: Develop and lead the Operational Resilience Strategy and Policy, ensuring … alignment with the broader risk management and business continuity objectives. Framework and Documentation: Design, develop, and embed an Operational Resilience framework across EMEA, ensuring it aligns with the strategic objectives and regulatory requirements and design and implementation of underlying methodologies and processes including CIF/IBS identification and scenario testing Regulatory and Industry: Stay abreast of current and emerging … internal/external incidents and industry best practices related to operational resilience to continuously improve bank's ability to manage resilience risk and ensure inline with regulatory expectations. Operational Management: Build an engaged and motivated centralised EMEA regional operational resilience and testing function, with a clear vision, goals and objectives, as well as management of staff-related matters. More ❯

unique experience in an inclusive environment that helps them thrive. The role: .The role will develop, implement, and manage the Operational Resilience Framework within the region through the direct management of capabilities, as well as through coordination and partnership with other functions within the firm. Responsibilities: Strategy and Policy: Develop and lead the Operational Resilience Strategy and Policy, ensuring … alignment with the broader risk management and business continuity objectives. Framework and Documentation: Design, develop, and embed an Operational Resilience framework across EMEA, ensuring it aligns with the strategic objectives and regulatory requirements and design and implementation of underlying methodologies and processes including CIF/IBS identification and scenario testing Regulatory and Industry: Stay abreast of current and emerging … internal/external incidents and industry best practices related to operational resilience to continuously improve bank's ability to manage resilience risk and ensure inline with regulatory expectations. Operational Management: Build an engaged and motivated centralised EMEA regional operational resilience and testing function, with a clear vision, goals and objectives, as well as management of staff-related matters. More ❯

and governing foundational security controls within a global enterprise environment. You will act as a strategic advisor and technical authority, supporting the development and implementation of endpoint security practices, vulnerability management, asset control, and governance-aligned with the organisation's broader 2026 security strategy . This is an ideal opportunity for someone who may not see themselves as … ensuring controls are robust, scalable, and fit for the future. Translate technical and business needs into actionable security architecture guidance. Support governance and process standardisation across shadow IT , asset management , and vulnerability management . Drive cross-functional collaboration across architecture, engineering, and operational teams. Ideal Candidate Profile: Strong technical understanding of endpoint security , including hardening, tooling, and More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

at TP ICAP. The Senior Cyber Security Engineer has the remit of proactively driving development of the cyber security capability in line with the evolving threat landscape. This includes; vulnerability management, access control, security platform engineering, detection and response activities. Coordinate with offensive security personnel to improve security posture based on Red/Purple team campaign findings. The … of the group. Fundamental to this is the ability to exercise an offensive security mindset. Role Responsibilities Maintain knowledge of current ATP TTPs Maintain knowledge of security tool landscape Vulnerability identification and remediation Penetration test report remediation Privileged access management Red/Purple offensive security activities Incident response and forensics Proactively identify opportunities for control improvements Develop strong … architecture best practices and emerging technologies Support the development and implementation of secure-by-design principles across projects Security platform engineering and projects Experience/Competences Essential Experience implementing vulnerability management, SIEM, PAM, IDS/IPS, EDR, DLP, CNAPP and AV platforms Intermediate level knowledge of incident response processes for OS and network level events Comfortable with Windows More ❯

stakeholders and providing clear, actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands-on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications More ❯

stakeholders and providing clear, actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands-on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications More ❯

secure cloud environments that allow the best companies to move faster. SUMMARY Wiz is looking for a Security Engineer for Product & Production Infrastructure who has experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. You'll get to collaborate with our software development and DevOps teams to secure Wiz's products, CI … modeling and security review exercises across Wiz's production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts … Azure and GCP) Kubernetes (AWS EKS) and container infrastructure IAM and managing cloud identities at-scale Secure development and application of IAC solutions (Terraform, Helm) Cloud-native observability and management tools Development experience in Go, Python and Rust PREFERRED QUALIFICATIONS Bachelor's degree in computer science or a related field and/or candidates with equivalent job experience in More ❯

day infrastructure and security operations across our hybrid environment. In addition, you'll also take ownership for the delivery of key governance activities including risk assessments, audits, compliance checks, vulnerability management and cyber incident response. Working closely with the Head of IT, you'll support the development of long-term plans while taking full ownership of technical delivery. … Azure (IaaS, PaaS, networking, storage, compute, security and monitoring) Networking technologies (firewalls, VPNs, LAN/WAN, DNS/DHCP, TCP/IP, virtualisation) Enterprise security tools (SIEM, endpoint protection, vulnerability management, XDR, MDM, IDPS) Backup, replication and disaster recovery solutions Microsoft services such as Windows Server, Intune, Autopilot, Entra ID, Defender, Exchange and SharePoint You'll have proven More ❯

the senior lead to ensure our state of the art security centre is as effective and as efficient as can possibly be. As well as the proactive and responsive management of your team you will also have input for the strategy and future direction of our operation. Main tasks and responsibilities: Manage Shared SOC for more than 100 FTE … improvisation to achieve operational objectives Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre Management, administration & maintenance of security devices under the purview of SOC which consists … build and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents More ❯

phase. Review any incidents created in the projects service now queue and involve the appropriate teams to help fix them. Stakeholder Engagement: Ability to forge strong relationship with change management, project management team members. Work with end users to fix any bugs post deployment of solutions. Essential Experience Proven experience working as security engineer on large scale programmes … experience deploying Data classification using Microsoft Purview for a large enterprise. Experience collaborating with the Security Operations Centre (SOC) to optimise security monitoring, response planning and execution. Understanding of vulnerability management and threat landscape detection and remediation. Proven experience in being part of Disaster Recovery and Business continuity testing for critical applications. Ability to perform basic Active directory … administration tasks for project work such as user, group and Group policy updates. Essential Technical Skills & Qualifications Experience of the M365 security stack : Microsoft Purview, Microsoft Entra ID, Device management using Intune, Identity Governance. Cloud Security (Tenable, CyberArk, MDR,VPN) Knowledge of best practices and procedures related to Cyber Essentials, UK DPA/GDPR Desirable Experience Proficiency in configuring More ❯

in aligning on best practice, and delivering improvements in our security posture. Key Responsibilities Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling … across the business Protecting the data entrusted to us by our clients at all times Requirements Managing technical risks and proposing solutions and recommendations Security Operations procedures, i.e. Incident management and response Configuring, optimising and reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but experience of … Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to suit you and your lifestyle! Out of a More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

and respond to security alerts and threats. Application Security Collaborate with the Application Security Engineer to ensure the security of software applications through secure coding practices, regular assessments, and vulnerability management. Conduct periodic security assessments of existing applications and systems. Security Awareness and Training Promote a culture of security awareness among all employees through training programs and communication initiatives. … or application security expertise is favoured. Experience designing, building and implementing security controls. Programming skills are required. Experience in application security-inclusive of secure coding practices-and threat and vulnerability management are desirable. Strong communication and interpersonal skills. Ability to influence and drive security initiatives at both the tactical and strategic levels. Familiarity with relevant laws, regulations, and More ❯

identity, endpoint, and data protection across all environments Design a global security architecture and support the security engineering roadmap (with a special focus on data security) Oversee security monitoring, vulnerability management, and incident response Coordinate tabletop exercises and incident response testing Own the relationship with security vendors Governance, Risk & Compliance (GRC) Lead or support internal compliance programs, with … s compliance with frameworks and regulations (oversee SOC 2 Type II maintenance and readiness efforts) Conduct risk assessments and maintain the enterprise risk register Ensure third-party vendor risk management processes are in place Awareness & Training Develop and deliver security awareness programs Promote a culture of security and compliance across the organisation Audit & Reporting Prepare for and support internal … compliance standards (e.g. GDPR, CCPA, SOC 2) Strong knowledge of security standards, controls, and best practices (NIST, CIS, OWASP) Familiarity with cloud security (AWS, Azure, GCP) Experience with audit management, GRC tools, and security monitoring solutions Excellent problem-solving, communication, and stakeholder management skills Skills & Traits You enjoy data privacy, compliance, and security operations and are happy to More ❯

be advantageous to your application, as would CISSP and/or CISM accreditation. You will develop and maintain the information security architecture and will have proven experience with compliance, vulnerability management, network security, cloud security (AWS & Azure), firewalls and intrusion detection systems. You will monitor networks and systems for security breaches, enhance the performance of SecOps tools, perform More ❯

you will: Install, configure, manage, and troubleshoot security solutions and infrastructure internally and in customer locations to support CyberCX Security Operations Centre services such as SIEM and security case management, endpoint detection and response, and vulnerability management tools Maintain and upgrade managed systems Investigate security incidents, validate alarms, and escalate issues to the appropriate teams for resolution … Identify and raise opportunities to improve managed system reliability and performance Provide Level 1 and 2 support for internal and customer housed security systems Assist with client management, client briefings, process and governance improvement, audit compliance, and provide general project support Prepare internal and client communications around system security issues About you: Tertiary qualification in Information technology or similar More ❯

ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across systems and infrastructure. 📜 Compliance: Ensure alignment with GDPR More ❯

ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across systems and infrastructure. 📜 Compliance: Ensure alignment with GDPR More ❯

ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across systems and infrastructure. 📜 Compliance: Ensure alignment with GDPR More ❯

ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across systems and infrastructure. 📜 Compliance: Ensure alignment with GDPR More ❯