1 to 25 of 108 Vulnerability Management Jobs in London

The Role: The Vulnerability Management Analyst is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Vulnerability Management Manager who reports to the Global Head … of IT Security. As a member of the ION Security team, you will build and lead a team of Security professionals specialising in Vulnerability Management along with managing the partners and technology vendor deliverables and of course building and owning the strategy to deliver a world class Vulnerability Management program. The candidate must understand their role … in the broader vulnerability management program and your team will regularly perform discovery scanning, risk/exposure assessments, mitigation support activities, continuous validation assessments, and lessons learned workshops and improvement projects to continuously improve our process across Group Security and all other Verticals. We are looking for a diligent, dedicated, creative and motivated individual. Excellent communication skills are More ❯

person. In Technology, we're asking that you attend the office a minimum of 1 day per week. About the Role We are seeking a highly motivated and experienced Vulnerability Management Engineer to join our Cyber Security team. As a Vulnerability Management Engineer, your primary responsibility will be to manage existing vulnerability management-specific … tooling, and have an active role in improving existing processes. You will achieve this by creating automated solutions through collaboration with various technical teams. Responsibilities Develop and maintain vulnerability management tooling and solutions Implement automation to remove manual processes and increase efficiency Work with internal remediators to prioritise vulnerability management activities Process vulnerability data to … provide reports, insights and metrics, that aid in the risk-based approach to vulnerability management. Develop integrations for internal and external tools to capture data relevant to the vulnerability remediation process (e.g. by interacting with APIs) Ensure compliance with relevant security standards, frameworks, and regulations Stay up to date with the latest trends and developments in vulnerability More ❯

Senior Vulnerability Management consultant sought by leading investment bank based in London. Inside IR35 - Hybrid working Daily responsibilities: Provide vulnerability management expertise involving infrastructure, cloud and enterprise applications. Primary contact for the companies vulnerability management involving processes, reporting, enhancements, compliance and interacting with business stakeholders. Operationalize weekly vulnerability status reports for senior leadership … including UK CISO on company vulnerability management KPIs/KRIs Preparation of vulnerability management process and procedure documentation Provide consulting services to the vulnerability management team to assist in their security design to identify potential risks Review the security issues and recommend the appropriate controls to mitigate these risks Provide security awareness to clients … Provide support to other consultants through mentoring and peer reviews of work products as required Provide ad hoc consulting services to the general user community Essential: Experience working with vulnerability management tools and data such as Tenable, Qualys, Rapid 7, Microsoft Defender, Aqua, Palo Alto Xpanse. Jira to manage project work, timelines and operational tickets. 5+years of relevant More ❯

The Vulnerability Management Manager is a global role within ION's central services division, supporting the Group Security strategy through the identification, mitigation, and remediation of information security vulnerabilities, misconfigurations, and risks. This role reports to the Global Head of IT Security, who reports to the Group CISO. As a member of the ION Security team, you will … build and lead a team of Security professionals specializing in Vulnerability Management, managing partners and vendor deliverables, and developing a strategy for a world-class Vulnerability Management program. Your team will perform discovery scanning, risk assessments, mitigation activities, continuous validation, and lessons learned workshops to improve processes across Group Security and Verticals. We seek a diligent … capable of building relationships with teams of varying technical abilities. The ideal candidate will have extensive cybersecurity experience, at least 10+ years in security roles, with a focus on Vulnerability Management. Key Responsibilities: This role may require out-of-hours work for 24x7 global operations. Ensure team objectives and development plans align with company OKRs. Act as escalation point More ❯

the country. It is the largest news publisher on TikTok with over 28 million total followers and nearly 45 billion views in the past year. We are seeking a Vulnerability Engineer to help build and drive our vulnerability management function. This is a key role for someone with the technical skills, automation mindset, and proactive attitude to … someone who thrives on ownership, brings ideas to life through automation, and collaborates effectively with teams across the business. Main Responsibilities Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools. Establish and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST … and CIS. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track More ❯

Required: Tenable Nessus Engineers IR35 Status: Inside Duration: 12 month initial contract Location: 1-2 days onsite in either Central London or Knutsford Role 1 As an experienced Vulnerability Assessment Engineer responsible for maintaining the Vulnerability Assessment toolsets and products. Primary Responsibilities The ability to review requirements, undertake product design followed by Implementation/deployment/support of … Vulnerability Assessment tools suite (e.g Tenable, Rapid7, Qualys etc) and peripherals with Engineering. Maintains local and network credentials and provisions access to vulnerability scanning systems. Responsible for integration of Vulnerability assessment tooling with other security and IT systems management tools (i.e. Splunk, ServiceNow) Responsible for developing and maintaining standard processes and operating procedures, creating technical architecture … diagrams and system build documentation. Responsible for operating the scanning tools and maintaining coverage along with supporting the vulnerability management and remediation teams in understating how to remediate vulnerabilities (i.e. laptops, VMs, wireless devices) Works with vulnerability management team to build asset repositories and asset scan policies Work closely with customer delivery managers to prioritize daily More ❯

Security Engineer, Vulnerability Management and Remediation Operations Job ID: Amazon Data Services UK Limited Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team! Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. … The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem. Key Job Responsibilities Analyse public and private vulnerability disclosures and exploit code. Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications. Investigate and triage vulnerabilities, identifying severity and the … scope of potential impact to Amazon. Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner. Engineer high quality, scalable, and accurate vulnerability detection mechanisms. Design and implement automation, tools and workflows to enhance our operations capabilities. Be part of a global team and participate in periodic on-call responsibilities to ensure More ❯

work model-preferably, team members should be within commuting distance of an office to facilitate in-person collaboration. About the Role We are looking for a passionate and experienced Vulnerability Lead to develop and oversee our vulnerability management program. This role offers a unique chance to establish a vital security function, define best practices, and improve our … security posture. The role involves managing and enhancing the vulnerability management lifecycle, including defining scanning strategies, triaging risks, overseeing remediation, and reporting to improve security. What you'll do: Conduct regular vulnerability scans and validate findings. Prioritize vulnerabilities based on risk and enrich findings with threat intelligence and business impact analysis. Facilitate resolution by triaging vulnerabilities for … and ensure timely patching of critical vulnerabilities. Maintain visibility across all technology environments, including cloud, data centers, containers, and web apps. Generate reports and metrics to support risk-based vulnerability management. Identify gaps in scan coverage and asset inventory. Stay updated on zero-day vulnerabilities and emerging threats. Maintain dashboards and reports on vulnerability trends, KPIs, and SLAs. More ❯

Security Support Engineer, Vulnerability Management and Remediation Operations Job ID: Amazon UK Services Ltd. Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team! Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation … London, UK. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem. Key job responsibilities - Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon. - Assess and negotiate with customers to drive down security risk … in their environments. - Collaborate with builder teams to implement security fixes and improvements. - Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications. - Review and analyse common vulnerability disclosures and assist in evaluating potential impacts. - Help triage vulnerabilities and contribute to impact and detection logic assessments. - Contribute to the development of automation of repetitive tasks. - Actively participate More ❯

IT Operation s Platforms and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks … and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection More ❯

IT Infrastructure Operation s and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation's IT operations, ensuring the stability, continuity, security, and efficiency of its technology … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and … access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such More ❯

environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks … a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. The role requires the ability to "lead by example" and perform line management for direct reports and manage service partners reporting into the function. Additional responsibilities are to respond to support requests by Key Responsibilities: IT Operations & Cloud Platform Management Lead … business continuity (BC) and disaster recovery (DR) plans, ensuring cloud- based solutions support resilience and rapid recovery. Manage Global Infrastructure (Cloud, On-prem and Virtual product) Solution Life Cycle Management and removal (via decommissioning and succession planning) of technical debt. Drive a document first culture to new and legacy platforms/solutions. Oversee management of the End User More ❯

ensure the effective day-to-day delivery of IT services across both shared and in-house environments, with a strong focus on ITIL disciplines - Incident, Problem, Change, and Asset Management - and Cyber Security risk management . The postholder will act as the customer-facing lead for operational IT, ensuring services are reliable, secure, and responsive to user needs. … Key Responsibilities Manage the performance and quality of outsourced, shared service and in-house IT services Own and operate the ITIL processes: Incident , Problem , Change , and Asset Management Act as the operational interface with the other organisation (the shared service provider) Maintain the CMDB and configuration item lifecycle tracking Lead on cyber security risk assessments , patch assurance , vulnerability management , and coordination with SOC/XDR providers Ensure compliance with cyber and data protection standards (e.g. Cyber Essentials) Monitor service level agreements (SLAs), escalate issues, and lead service reviews Coordinate change activity to ensure minimal business disruption Deliver customer-focused service improvement initiatives Support audits and business continuity planning Essential Skills and Experience Demonstrable experience managing operational More ❯

Security Lead In summary the Client is looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk - ideally from within the banking or insurance sector. The IT Operational … environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks … technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection More ❯

threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure. Oversee and enhance vulnerability management processes, focusing on strategic remediation, root cause analysis, and preventative measures. Contribute to drive implementation of security automation across cloud infrastructure configuration, vulnerability management, and … expertise in designing, implementing, securing, and managing a wide range of AWS security services . Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and supporting the adoption of … as Code (IaC) , particularly Terraform, and implementing relevant security checks. Solid experience with container security and securing container orchestration platforms (Kubernetes/EKS). Proven ability contributing significantly to vulnerability management programs, including advanced triaging, root cause analysis, risk assessment, and strategic remediation planning. Strong communication and influencing skills, with the ability to articulate complex security concepts clearly More ❯

a strong focus on automation, detection and secure by design principles. Additionally, as part of the role you will be leading and participating in threat detection, incident response and vulnerability management remediation. You will be serving as both a technical leader and operational responder, working closely with Product, infrastructure and Security Operations teams. We are looking for a … system visibility by expanding logging coverage and implementing additional monitoring capabilities. Maintain, update, and regularly test incident response runbooks, containment strategies, and escalation protocols. Lead the end-to-end vulnerability management process for ION Markets systems, from identification to remediation. Provide support for security architecture reviews of developed systems to ensure alignment with best practices. Stay up to … or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc. About us We're a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations More ❯

to the modern backbone of the Royal Navy. We pioneer with fierce curiosity, dedication, and innovation, we seek to solve the worlds most challenging problems. Responsibilities Leadership and line management - Motivate and drive the Hardware function to meet key business and operational unit objectives. Develop an open and inclusive team culture that supports doing the right thing and achieving … excellence. Ensure behaviours in teams meet standards expected of NG employees. Influences others and supports colleagues through changes expected within a large multi-functional organisation. Capability Management - Management of capability needs in the Hardware function Career management of the Hardware function Resource management - Resource supply and demand, Capacity planning and recruitment, and outsource management. Functional delivery … as a Suitably qualified individual in either mechanical or electro-mechanical field of expertise. May be functional lead within projects/issues for most critical/complex needs. Process Management - Highlight process needs and work with the Technical Directorate to develop bespoke, efficient and fully integrated processes. Asset management - Identify tools and Management of tools Communication - Develop More ❯

of required Metrics at committees and forums, as well as representing the team where required. Critical Work Support the ongoing and periodic regulatory and compliance responses and engagements Audit management and coordination Issue remediation oversight and closure validation Responding to customer RFIs using standardised formats and frameworks Quality assurance on library of responses required for customer RFIs etc. Impact … operating centres UK, Europe, US & Asia Cyber security qualification e.g. CISMP/Apprenticeship (desirable) Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud … security. IT and cybersecurity policies and standards Operational risk frameworks Regulatory compliance Operational Resilience Good understanding of data protection controls Financial Services sector experience Technology & Cyber Security Leadership And Management Experience Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives. Personal Skills And Capabilities Critical thinking Objective analysis of More ❯

of required Metrics at committees and forums, as well as representing the team where required. Critical Work Support the ongoing and periodic regulatory and compliance responses and engagements Audit management and coordination Issue remediation oversight and closure validation Responding to customer RFIs using standardised formats and frameworks Quality assurance on library of responses required for customer RFIs etc. Impact … operating centres - UK, Europe, US & Asia Cyber security qualification e.g. CISMP/Apprenticeship (desirable) Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud … security. IT and cybersecurity policies and standards Operational risk frameworks Regulatory compliance Operational Resilience Good understanding of data protection controls Financial Services sector experience Technology & Cyber Security Leadership and management experience Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives. Personal skills and capabilities Critical thinking Objective analysis of More ❯

ensure the effective day-to-day delivery of IT services across both shared and in-house environments, with a strong focus on ITIL disciplines - Incident, Problem, Change, and Asset Management - and Cyber Security risk management . The postholder will act as the customer-facing lead for operational IT, ensuring services are reliable, secure, and responsive to user needs. … Key Responsibilities Manage the performance and quality of outsourced, shared service and in-house IT services Own and operate the ITIL processes: Incident , Problem , Change , and Asset Management Act as the operational interface with the other organisation (the shared service provider) Maintain the CMDB and configuration item lifecycle tracking Lead on cyber security risk assessments , patch assurance , vulnerability management , and coordination with SOC/XDR providers Ensure compliance with cyber and data protection standards (e.g. Cyber Essentials) Monitor service level agreements (SLAs), escalate issues, and lead service reviews Coordinate change activity to ensure minimal business disruption Deliver customer-focused service improvement initiatives Support audits and business continuity planning Essential Skills and Experience Demonstrable experience managing operational More ❯

candidate will have a strong technical background, leadership experience, and a proactive approach to managing cyber risks in a dynamic technology environment. What You'll Do: Leadership and Team Management: Lead, mentor, and manage a team of Security Engineers, fostering a culture of collaboration, innovation, and continuous improvement. Define team goals, assign responsibilities, and ensure the successful execution of … security initiatives. Conduct regular performance reviews and provide professional development opportunities for team members. Ability to work across the organisation and communicate at all levels Security Posture Management: Develop and maintain a comprehensive security posture management program to proactively identify and address vulnerabilities. Continuously assess the organization's security posture through vulnerability assessments, penetration testing, and threat … modelling. Collaborate with cross-functional teams to implement security best practices and ensure compliance with industry standards and regulations. Cyber Exposure Risk Management: Identify, analyse, and prioritize cyber exposure risks across the organization's infrastructure, applications, and systems. Develop and implement strategies to mitigate risks, including patch management, configuration management, and secure coding practices. Monitor and respond More ❯

Security Operations Securely manage M365 & Azure resources, implementing comprehensive security policies and initiatives. Implement security measures and controls for EUC environments, including endpoint security, access controls, and device management. Vulnerability Management Conduct and oversee regular vulnerability assessments on systems, networks, and applications. Identify, analyse, and prioritise vulnerabilities based on risk and potential impact and utilise threat intelligence … analysis to determine the risk posed by identified vulnerabilities. Collaborate with the IT MSP to develop and implement remediation plans, drive remediation efforts and identify improvements in the vulnerability management program. Monitor and track the status of identified vulnerabilities and ensure timely resolution. Security Monitoring and Incident Response Leverage Microsoft Defender EDR/XDR and other security tools More ❯

enjoys both technical implementation and supporting security frameworks such as Cyber Essentials. You will play a key role in deploying Microsoft security solutions and supporting client audits, assessments, and vulnerability remediation efforts. Responsibilities include: Delivering Microsoft security technologies including Defender XDR, Sentinel, and Endpoint Detection & Response Supporting Cyber Essentials and Cyber Essentials Plus audits and assessments Acting as an … escalation point for cyber incidents, security alerts, and engineering tasks Conducting vulnerability remediation and assessments (infrastructure and application level) Assisting with presales engagements and technical scoping Onboarding clients onto security management platforms Providing reporting, analytics, and technical support to clients and internal teams What will you need? Minimum 2 years' experience in a cyber security role, ideally within … Meraki, Fortinet, WatchGuard) Excellent communication and client service skills Self-motivated and detail-oriented with strong problem-solving abilities What would be desirable? Experience deploying Tenable or Qualys for vulnerability management Knowledge of email security tools (e.g., Mimecast, Egress) Understanding of Azure Firewall and Defender for Cloud/Cloud Apps Experience conducting offensive security/web application assessments More ❯

with organizational IT security policies and procedures. The ideal candidate has strong analytical skills, deep knowledge of security frameworks, and a hands-on approach to identifying vulnerabilities, validating patch management, and ensuring the effectiveness of security controls across diverse domains such as Email Security, Identity and Access Management, Network and Application Security, Cloud environments, and Endpoint Protection. What … assess vulnerabilities and misconfigurations within IT security systems, services (e.g., email, DNS, Active Directory), and infrastructure. Ensure systems, equipment, and processes comply with internal IT security policies and standards. Vulnerability and Patch Management Oversight: Identify security vulnerabilities and misconfigurations proactively, track remediation progress, and validate the effectiveness of patch management processes. Extended Security Coverage: Provide proactive monitoring … to develop, maintain, and execute cyber response playbooks and incident handling procedures. Experience responding to Level 1 and Level 2 cybersecurity incidents and coordinating escalation processes. Solid background in vulnerability management, patch management validation, and compliance assurance. Strong familiarity with key security domains such as Email Security, Identity and Access Management, Network and Application Security, Cloud More ❯

GCP) Hands-on with IaC tools (Terraform, Bicep, CloudFormation) and CI/CD pipelines Proficient in Python or Bash scripting Knowledge of cloud security best practices (e.g. IAM, encryption, vulnerability management) Familiar with Docker, Kubernetes, serverless, and event-driven architectures Comfortable working with both SQL and NoSQL databases A passion for engineering excellence and staying on top of … acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas. More ❯