26 to 50 of 109 Vulnerability Management Jobs in London

GCP) Hands-on with IaC tools (Terraform, Bicep, CloudFormation) and CI/CD pipelines Proficient in Python or Bash scripting Knowledge of cloud security best practices (e.g. IAM, encryption, vulnerability management) Familiar with Docker, Kubernetes, serverless, and event-driven architectures Comfortable working with both SQL and NoSQL databases A passion for engineering excellence and staying on top of … acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas. More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

and making a meaningful impact is rewarded. IT Risk, Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting the global Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department deploys, supports and monitors security solutions such as virus … protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk. NUMBER OF DIRECT REPORTS 1-2 MAIN PURPOSE OF THE ROLE To manage the technical delivery of various cybersecurity projects and contribute to the overall success of the Cybersecurity programme function by: Ensuring that projects are delivered according to scope, on time and … etc. Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Threat Intelligence, Risk Evaluation, Security Assessment/Testing, Incidence Management and Vendor/Cloud products assessment Possessing high level of analytical ability where problems are typically unusual and More ❯

Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance: Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk … Management: Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations: Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention … systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC): Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and More ❯

Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk … Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention … systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and More ❯

Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk … Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention … systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and More ❯

ll Be Doing Conducting Cyber Security Assessments and audits across Microsoft 365 and Azure environments Performing Cyber Essentials and Cyber Essentials PLUS audits in line with IASME standards Delivering vulnerability assessments, remediation, and penetration testing across infrastructure, networks, and applications Contributing to client reporting, assurance audits, and scoping security solutions Acting as an escalation point for security-related technical … work in a Managed Service Provider (MSP) environment A Strong understanding of Microsoft 365 & Azure Cloud Experience with technical audits and offensive security tools (e.g. Kali Linux) Familiarity with vulnerability management tools like Tenable or Qualys OSCP (Offensive Security Certified Professional) status Microsoft SC-200 and AZ-500 certifications Experience with Microsoft Defender suite (XDR, Endpoint, Cloud, Office … Good knowledge of Microsoft Sentinel SIEM Expertise with Azure Firewalls and Email Security Solutions (Mimecast, Egress) Experience with Endpoint Detection & Response (SentinelOne) and Vulnerability management tools (e.g. Tenable, Qualys) You will be part of a recognised, established and fast-growing MSP, regularly ranked among the best UK tech companies to work for. You will work alongside a collaborative More ❯

We are looking for an experienced Akamai WAF Engineer who has expertise in web application security, content distribution and in Threat and Vulnerability Management, DDoS protections, and delivering change projects into the organisation. As a part of the Cyber Security Team and work with other cyber professionals across Digital Cyber Security and the wider organisation, contributing to the … aspects. Key Responsibilities: Deliver security software and configurations using Akamai, GCP and Azure cloud native products. Deliver and maintain security solutions for our Enterprise and Digital Channels. Manage DDoS, Vulnerability management and threat intelligence, certification, ensuring layer 6 & 7 defences are one step ahead of cyber criminals. Involved in all the incidents and threats to Lloyds cyber security … Configurations, leveraging a deep knowledge of WAF functionalities and limitations. Providing DevSecOps pipeline maintenance support for the automation works Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge. Mandatory Skills: Akamai WAF More ❯

objectives. Collaborate with cross functional teams across the business, with a key focus on alignment to enterprise architecture for our Data Science & AI capabilities. Responsible for the implementation and management of secured, highly scalable, performance efficient, modernised infrastructure across our Azure cloud platforms supporting our Data Science and AI toolset. Automate infrastructure provisioning, configuration, and deployment processes, with CI … SDLC and improve our overall MLOps & AIOps capabilities. Monitor system performance and deliver proactive maintenance improvements. Ensure Security and Compliance of our infrastructure and Solutions, including a focus on Vulnerability Management & Maintenance. Knowledge and Experience: Strong experience implementing Azure Infrastructure Services in accordance with best practises. Strong experience in automation levering scripting languages such as JSON, Bicep, Yaml … objectives. Collaborate with cross functional teams across the business, with a key focus on alignment to enterprise architecture for our Data Science & AI capabilities. Responsible for the implementation and management of secured, highly scalable, performance efficient, modernised infrastructure across our Azure cloud platforms supporting our Data Science and AI toolset. Automate infrastructure provisioning, configuration, and deployment processes, with CI More ❯

Cyprus, Greece, Hong Kong, Japan, and Singapore. Overall Job Purpose : The Junior Information Security Officer (JISO) will assist the Information Security team in implementing and maintaining the information security management system with the objective of managing risks to information assets to an acceptable level. The JISO will develop a good understanding of the information security policies, standards and procedures … organisation's technology landscape to help identify potential threats and vulnerabilities. Key Responsibilities: Assist in maintaining the information security standards, procedures and guidelines. Participate in the information security risk management process to identify, assess, treat and monitor risks. Manage information security incidents and events to protect information assets. Help develop and implement incident response plans and procedures to ensure … Assist with the quarterly cybersecurity ITSC and Board updates and key risk indicator reporting. Maintain the information security awareness training program and conduct phishing tests. Maintain the Privileged Access Management, Security and Event Management and Vulnerability Management systems. Assist in identifying security solutions that will be effective in mitigating risks to information assets. Manage the implementation More ❯

implementation of strategies set by the leadership team. Implement and Manage an effective Staff Training and Awareness program to promote best practices. Adopt a continuous improvement approach to the management of Information Technology, Information Security and Privacy. Ensure that main stakeholders are informed and consulted via an effective Management Review process. Risk Identify information security threats and manage … an effective Vulnerability Management Process. Maintain an effective, proactive Risk Management Framework. Manage and maintain the Satalia Risk Register. Ensure an effective Incident Management procedure and Business Continuity Plan are maintained. Compliance Manage an effective Audit Programme to check compliance against key control requirements. Ensure an appropriate level of support for annual external audits required to … Cyber Essentials Plus requirements. Work in partnership with development staff to embed best practices in the development processes throughout the software development lifecycle. Devise and embed an effective Vendor Management programme to ensure the service provided by critical suppliers meet organisational requirements. Operational Oversee all technology operations and evaluate them according to established goals. Oversee the management and More ❯

rewarded. OVERVIEW OF THE DEPARTMENT/SECTION IT Risk, Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting the global Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department deploys, supports and monitors security solutions such as virus … protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk. NUMBER OF DIRECT REPORTS 1-2 MAIN PURPOSE OF THE ROLE To manage the technical delivery of various cybersecurity projects and contribute to the overall success of the Cybersecurity programme function by: Ensuring that projects are delivered according to scope, on time and … etc. Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Threat Intelligence, Risk Evaluation, Security Assessment/Testing, Incidence Management and Vendor/Cloud products assessment. Possessing high level of analytical ability where problems are typically unusual and More ❯

the senior lead to ensure our state of the art security centre is as effective and as efficient as can possibly be. As well as the proactive and responsive management of your team you will also have input for the strategy and future direction of our operation. Main tasks and responsibilities: Manage Shared SOC for more than 100 FTE … improvisation to achieve operational objectives Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre Management, administration & maintenance of security devices under the purview of SOC which consists … build and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents More ❯

incident response and supporting the business to further goals of the Information Security Program. How You'll Make an Impact Operate and manage various enterprise security solutions. Security events management, including analysis, reporting, remediation, and escalating as necessary. Engage with Managed Service Providers (MSP's) in areas of Security, Infrastructure, and Applications. Collaborate with various Christie's Technology teams … including Applications, Networking, Data Center, Desktop, Helpdesk. Understand current and emerging security threats and recommend mitigating controls. Conduct vulnerability and risk assessments on information assets in the environment and work with IT teams to mitigate risks. Promote security awareness among Christie's end users. Including conduction security awareness trainings. Contribute to the development and documentation of security policies, procedures … computer science or related field, or equivalent work experience. Experience in operating and administering security solutions including Endpoint Protection, DLP, IPS, Firewalls, Email Security Gateways, Web Gateways, Cloud Security, Vulnerability Management, M365 Security. Understanding of Networking protocols, Data Security Posture Management, External Attack Surface Management, Microsoft Active Directory, M365, Entra ID, Defender for Endpoint, Microsoft Azure. More ❯

our enterprise client's security is of paramount concern. Main tasks and responsibilities: Provide expertise on resolution that requires a higher level of resolution. Assist with Problem and Change management support for the resolution of incidents. Proactively identify opportunities of improvement from a technical perspective. Perform threat management, threat modelling, identify threat vectors and develop use cases for … security monitoring Pre-requisites: Experience of 9-12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Further info: Competitive Basic/day rate London To apply: Please either More ❯

Trust in digital transactions and financial technologies is crucial for the smooth functioning of modern society. Neelam Kadbane, our next pathbreaker, Senior Vulnerability Analyst at Mastercard, identifies and addresses security vulnerabilities within Mastercard's environment & products by conducting network penetration tests. Neelam talks to Shyam Krishnamurthy fromThe Interview Portal about the innumerable challenges and the satisfacation of her work … . It was a significant achievement for me, especially since it's rare for companies to hire freshers directly into the InfoSec domain. At Qualys, I worked with the Vulnerability Management team, where we researched new CVEs and zero-day vulnerabilities, and developed signatures for vulnerability scanners. A zero-day vulnerability is a security flaw in … software or hardware that is unknown to the vendor or developer. Since the vendor is unaware of the vulnerability, no patch or fix is available, making it highly dangerous. The term "zero-day" comes from the fact that once the vulnerability is discovered by malicious actors, the vendor has zero days to fix it before it can be More ❯

for our which will largely involve Microsoft Security Technologies and working knowledge of implementing Cisco Meraki, Fortinet, WatchGuard Firewalls and Network Switches. You will be reporting to the Project Management Office Team on a Daily Basis and work with other members of the Cyber Security Team which also includes a Cyber Security Assessor, Cyber Security SOC Analyst and Cyber … including: Microsoft Defender XDR Microsoft Sentinel SIEM Microsoft Defender for Endpoint/Business Azure Firewall Microsoft Defender for Cloud/Cloud Apps Microsoft Defender for Office 365 Deployment and management of Endpoint Detection and Response solutions including Sentinel One Deployment and management of networking solutions including firewalls, switches and access points including Cisco Meraki, Fortinet and Watchguard Deployment … of vulnerability management solutions including Tenable and Qualys Deployment and management of email security solutions Main Tasks and Responsibilities Deployment of core Microsoft technology solutions including XDR, SIEM and Endpoint Detection and Response Deployment of Network Firewalls and Switches ensuring good security posture is implemented in the configuration Undertaking technical vulnerability remediation work using Tenable Providing More ❯

the underlying infrastructure. Why we need this role This role is critical to protecting both internal telecom infrastructure and customer-facing security services. It ensures the secure deployment and management of technologies across backbone, edge, and cloud environments, while supporting the delivery and integration of managed security solutions for customers. The role plays a key part in incident response … vulnerability management, and maintaining robust security standards. By collaborating across engineering, operations, and product teams, it helps embed security into every layer of the network and service lifecycle, ensuring resilience, compliance, and customer trust. What you will do Security Product Engineering (Customer-Facing Focus) Support deployment and integration of customer security products such as managed firewalls, SD-WAN … to secure IP/MPLS transport, SDN platforms, automation tools, and cloud workloads. Monitor and analyse security events and alerts, responding to incidents and escalating as appropriate. Assist with vulnerability assessments, patch management validation, and configuration hardening. Document and maintain infrastructure security standards, configurations, and runbooks. Participate in security incident response, root cause analysis, and remediation efforts. Provide More ❯

Cyber Security Operations Manager to lead our Cyber Security Operations Centre; responsible for managing the day-to-day operations of the SOC team, overseeing incident detection and response, ensuring vulnerability scanning and remediation efforts across the organization. Role Overview: Job Title: SOC Manager/Cyber Security Operations Manager Location: Leeds/England/Remote Contract Type: Contract Duration … in Cybersecurity, Information Technology, or a related field (Master’s preferred). Minimum 5 years of experience in cybersecurity operations, with at least 2 years in a leadership or management role. Strong knowledge of SOC operations, incident response, and vulnerability management best practices. Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel), vulnerability scanners (e.g. More ❯

cycles for cybersecurity solutions including prospecting, solution positioning, negotiation, and closure. Develop and execute strategic account plans for key enterprise clients, aligning cybersecurity solutions to their business and risk management goals. Build relationships with C-level executives (CISOs, CIOs, CTOs) and key stakeholders to uncover pain points and promote solution value. Apply solution selling and consultative selling methodologies to … sales, with at least 5+ years focused specifically on cybersecurity. Proven success in consistently achieving or surpassing million-plus euro quotas. Deep knowledge of cybersecurity domains including: Identity & Access Management Attack Surface Management Threat Intelligence & Digital Risk Protection Vulnerability Management Pen Testing & Red Teaming Strong understanding of security buyer personas and complex procurement processes. Excellent verbal More ❯

is represented in commercial proposals, assurance processes, and delivery planning. Maintain strong relationships with relevant external stakeholders (e.g. NCSC, NPSA), monitoring threat intelligence and security guidance. Operational Security & Risk Management Lead the design, implementation, and monitoring of controls across endpoint security, identity and access management, and cloud infrastructure (e.g., AWS). Own and improve the incident response framework … continuity planning. Run regular tabletop exercises and scenario testing to ensure operational preparedness for cyber-attacks and disruptions. Support secure architecture and infrastructure reviews across projects and services. Risk Management & Security Engineering Conduct and lead structured technical and procedural risk assessments, including threat modelling and security reviews for new projects or systems. Collaborate with IT and engineering teams to … identify, address, and continuously improve security control effectiveness. Oversee the management of external security assessments and ensure remediation plans are executed effectively. Maintain relevant security certifications such as Cyber Essentials/Plus and support the business in aligning with broader security frameworks (e.g., NIST CSF, CIS Controls). Awareness & Security Culture Lead internal training, briefings and onboarding sessions to More ❯

edge, robust security framework that supports ongoing innovation efforts. The position provides essential oversight for the company's information security, cybersecurity, and data protection functions, encompassing policy governance, process management, procedural standards, training programs, and awareness initiatives. A subject matter expert who will shape our internal IT direction, ensuring both customer and employee protection while managing daily security operations. … within global organizations, ideally in enterprise consulting environments Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF and CIS Extensive understanding of cybersecurity regulations, cloud security, identity management, data protection, security governance, risk management, and remediation planning Technical expertise: SaaS, Cloud platforms, SDLC, Vulnerability Management, Networking, IDAM Security vetting eligibility, ITSM/SIEM platform More ❯

is for you. What you will do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents … the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability … in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP/IP, and core network security principles. Proficiency in scripting and programming (i.e., Python More ❯