51 to 75 of 109 Vulnerability Management Jobs in London

on 26 and 27 August Responsibilities: Managing and improving security controls and tools Monitoring security systems and responding to incidents Supporting penetration testing and security assessments Contributing to risk management and security strategy Driving continuous improvement in security policies and practices Skills required: Leadership experience in cybersecurity or Security Operations Practical knowledge of Microsoft security services (Azure, Sentinel, Defender … Experience in cyber risk management and security domains (e.g., Identity, Network, Endpoint Security) Hands-on experience with SIEM, vulnerability management, DLP tools Relevant professional certifications (e.g., CISSP, CISM, CISA) Strong analytical, communication, and stakeholder engagement skills SC Security Clearance or ability to obtain it This job is active and accepting applications. More ❯

and Microsoft Defender for Cloud. Hands-on experience with Microsoft Azure security controls and services; equivalent exposure to GCP or AWS is also acceptable. Proficiency with CSPM, CNAPP, or vulnerability management platforms. Sound understanding of cloud security design principles, including identity, access, data protection, threat detection, and monitoring. Ability to translate technical risk into business context and communicate More ❯

support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving tooling, and supporting vulnerability remediation. You'll work closely with senior security engineers and cross-functional teams to build security into our software development lifecycle. This is a great opportunity for a security … ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modeling and security assessments for new features, architectures, and services. Vulnerability Management & Remediation: Work closely with engineering teams to identify and remediate vulnerabilities from SAST, DAST, SCA, container security, and cloud security scans. Code & Architecture Review: Conduct secure code …/CD security automation (GitHub Actions, Jenkins, GitLab CI, etc.). Familiarity with infrastructure-as-code security (Terraform, CloudFormation) and cloud security posture management. Strong understanding of identity & access management (OAuth, OIDC, SAML, JWT) and API security. Knowledge of industry frameworks like NIST, ISO 27001, and SOC 2. Experience driving developer enablement and security training initiatives. Excellent communication and More ❯

emerging threats and attacker TTPs. Produce detailed, high-impact reports with clear technical findings and business-aligned remediation advice. Work closely with client cybersecurity teams to prioritize and track vulnerability remediation, contributing to blue team effectiveness. Conduct ongoing research and contribute to thought leadership in threat-informed testing methodologies. Required Skills: 5+ years of professional experience in penetration testing … non-technical stakeholders. CREST CRT/CHECK (or higher) certification is essential. Must hold or be eligible for SC Clearance. Desirable Skills: Experience with Breach Attack Simulation tools and vulnerability management processes. Familiarity with ISO 27001, risk management frameworks, and compliance-oriented testing. Hands-on knowledge of cloud security in AWS, Azure, or GCP. Advanced cybersecurity certifications More ❯

new technologies, experienced people, and new ideas to help all our clients maximize every opportunity. Experience and Skills What your background is A bachelor's degree in computer science, management information systems, or a relevant field, or equivalent demonstrable experience. 5+ years' of experience in Information Security or Information Technology 3+ years' experience performing IT Audit or security control … regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI (e.g., ChatGPT) for test strategies, reports, and communications. Skills in automation and analytics More ❯

new technologies, experienced people, and new ideas to help all our clients maximize every opportunity. Experience and Skills What your background is A bachelor's degree in computer science, management information systems, or a relevant field, or equivalent demonstrable experience. 5+ years' of experience in Information Security or Information Technology 3+ years' experience performing IT Audit or security control … regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing). Knowledge of cloud technologies (AWS, Azure). Experience using generative AI (e.g., ChatGPT) for test strategies, reports, and communications. Skills in automation and analytics More ❯

world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They … Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to … such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary More ❯

be advantageous to your application, as would CISSP and/or CISM accreditation. You will develop and maintain the information security architecture and will have proven experience with compliance, vulnerability management, network security, cloud security (AWS & Azure), firewalls and intrusion detection systems. You will monitor networks and systems for security breaches, enhance the performance of SecOps tools, perform More ❯

backend and data platform development using: .NET Core (C#) for microservices and APIs Python for ETL, data validation, and orchestration pipelines Familiarity With Redis, Elasticsearch, and caching strategies Schema management and API versioning ETL/ELT frameworks and data quality tooling Security & Platform Compliance Advanced understanding of security architecture including: Identity and Access Management (IAM) Encryption, key vault … management, and secure communications Threat protection, auditing, and alerting strategies Experience applying enterprise-grade security, resilience, and compliance practices to production environments Required Certifications Certification Status AZ-305: Azure Solutions Architect Expert Mandatory AZ-500: Azure Security Engineer Associate Strongly Preferred AZ-400: Azure DevOps Engineer Expert Desirable Desirable Skills & Experience Experience with API standards and interoperability frameworks Familiarity … with: Secure Software Development Lifecycles (SSDLC) Vulnerability management and penetration testing coordination SaaS or multi-tenant platform delivery models Data protection regulations (e.g. GDPR, ISO 27001) Disaster Recovery (DR), high availability (HA), and business continuity planning Observability tooling: Prometheus, Grafana, Azure Monitor, Log Analytics Role Context This senior role sits at the intersection of cloud engineering, architecture governance More ❯

It would be a bonus if you had: Experience managing third-party security service providers Familiarity with security tools and controls such as Endpoint Protection, DLP, Cloud Security, Threat & Vulnerability Management, and Privileged Access Management A background in developing and implementing operational security strategies and roadmaps This is a fantastic opportunity to join a progressive organisation with More ❯

including Endpoint Detection and Response. Good experience of Microsoft Sentinel (SIEM) Knowledge of Azure firewalls Networking and firewall solutions expertise with the like of (Cisco Meraki, Fortinet, Ubiquiti. WatchGuard) Vulnerability management tool expertise (Tenable, Qualys) Email security solutions Knowledge (Mimecast, Egress) A Working understanding of Microsoft 365 Cloud Technologies and their threat landscape Familiarity with SOC operations, threat … Essentials and Cyber Essentials Plus (CE & CE+) audits, ensuring clients meet security compliance standards Provide escalation support for complex cyber incidents raised by the internal SOC team Perform technical vulnerability remediation, threat analysis, and reporting Conduct Microsoft 365 and Cloud Security assessments to identify gaps and secure client environments Carry out offensive security and web application assessments (including penetration … onboarding and deliver professional security consultations Onboard clients into key security platforms and ensure a smooth transition to managed services Support wider project delivery, working closely with the Project Management Office My client are investors in people an will invest in your career progression in a growing security team This is a great opportunity to work directly with a More ❯

Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to make an impact? Apply today to be More ❯

external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency … practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind. Risk Management and Compliance: Assist teams in ensuring that products and services are secure by design, align with the organisation's risk appetite, and comply with all relevant group standards, policies … knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption, signing and digital certificates, Principles of securing mobile applications and More ❯

requirements, such as: Working with AWS Cloud Infrastructure team to secure our cloud infrastructure Working with the development team in embedding security in the SDLC Provide assistance in risk management activities Support security-related incidents Support our log monitoring operations Take part in threat modelling sessions Support the teams in risk analysis of technical vulnerabilities Support our Security Champions … CompTIA Network+ ISO 27001 Foundation or Practitioner AWS Certified Security Familiarity with TCP/IP, DNS, firewalls, VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with application security and OWASP Top Ten Scripting languages Experience with capture-the-flags Familiarity with More ❯

to join our dynamic Security Operations Team. As a Security Operations Engineer, you will play a critical role in safeguarding our organization's assets and data by overseeing the management of Trainline's SIEM. This is done by ensuring the SIEM is fully operational and that we have the logs and alerts needed to support incident detection and response … that our wider set of Security tools are optimized to their full potential in-line with industry best practice. Create and maintain detailed documentation and provide key insights to management through customized dashboards and reports. If you are passionate about cybersecurity, eager to stay ahead of emerging threats, and looking to grow within a fast-paced and evolving environment … we'd love to hear from you! As a Security Analyst at Trainline, you will Own the management and configuration of our SIEM platform (Splunk), ensuring its fully operational, updated, configured to best practice and providing value for money. Drive the creation of new alerts, working with the wider Security Operations team to ensure appropriate enrichment and value, and More ❯

define strategic roadmaps to embed security across business operations Solve critical cyber challenges across diverse industries and client environments What You'll Bring Strong experience in cyber strategy, risk management, governance, architecture, and regulatory compliance Familiarity with frameworks and standards such as NIST CSF, ISO27001, NCSC CAF, GDPR, and NIS2 Industry-recognised certifications (e.g. CISSP, CISM, CISA, M.Inst.ISP, or … equivalent) Practical experience in GRC, threat and vulnerability management, or operational resilience Proven delivery across complex programmes using Agile and/or Waterfall methodologies Team leadership experience across on-site and distributed teams Skilled in client relationship management and stakeholder engagement at all levels The package: £65,000 - £80,000 Company Bonus Flex Fund Pension Medical care More ❯

knowledge of the UK Telecoms Security Act would be advantageous to your application. You will develop and maintain the cyber security architecture and will have proven experience with compliance, vulnerability management, network security, cloud security (AWS & Azure), firewalls and intrusion detection systems. You will monitor networks and systems for security breaches, enhance the performance of SecOps tools, perform More ❯

East and Africa, Asia and Oceania, and East Asia. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. As one of the top financial groups globally with a vison to be the world's most trusted, we want to attract, nurture and retain the most … the Banks third Line of Defence, and in accordance with the Global Institute of Internal Auditors (IIA) International Standards (IIA Standards), provides independent assurance to the Board and Executive Management on the quality and effectiveness of governance, risk management and internal controls to monitor manage and mitigate key risks to achieving the Banks objectives. NUMBER OF DIRECT REPORTS … members. Support the implementation of good practice throughout the team by maintaining a strong understanding of the audit methodology. Display strong appreciation of risk and control in banking. Coordinate Management Action Plans directly with stakeholders. This may involve the testing of remediated controls and closure of issue. Assist the Head of Audit in preparing third party submissions for the More ❯

improving security infrastructure, while also maintaining BAU handling cybersecurity related tickets. The client doesn't use the traditional Microsoft suite and uses Google workspace for cloud-based productivity and management of work. Key Responsibilities of the Security Engineer: Dealing with escalation of security related tickets and hands-on maintenance to solve the issues. Creating SIEM dashboards and detection rules … using Splunk. Using CrowdStrike to monitor and investigate security alerts. Management of identity, MDM, or directory services via Jump cloud. Conducting regular vulnerability scans and risk assessments using Qualys. Work within the SecOps team and collaboration with other IT teams to insure secure system configurations. Stay Informed on emerging threats, vulnerabilities and best practice within cyber security. Requirements … Engineer: Must have proven experience as a Security Engineer. Strong experience with Splunk for log analysis and alerting. Proven expertise and hands-on experience with CrowdStrike. Deep understanding of vulnerability management tools, Qualys preferred. Expertise with handling escalated security related tickets. Experience working with a business that doesn't use the Microsoft suite is desirable. Relevant certifications include More ❯

regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response activities. Develop and implement IR methodologies (MITRE ATT&CK, Kill Chain, Threat Modelling, Diamond Model). … . Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. Required Skills & Experience Proven experience managing DFIR or cyber incident response teams. Deep technical knowledge of IR and forensic analysis (eg Wireshark, packet capture … working in financial services or a regulated environment preferred. Hands-on experience with SIEM tools, network forensics, and endpoint detection. Knowledge of CIS benchmarks, cloud security, IAM, DLP, and vulnerability management. Familiarity with Windows, Linux/Unix, networking, and virtualisation (VMware). Certifications (preferred): GCIA, GCIH, GCFA or equivalent. What's on Offer Up to £90,000 base salary More ❯

delight. To secure these treasured moments, Storio group is seeking for a Security Operations Manager. For this role we're looking for a security leader that has excellent stakeholder management with responsibilities across Storio group's operating companies in the UK, Netherlands, Norway, France, Spain & Germany.You 'll also bring a wealth of technical expertise and be comfortable taking a … wide security goals. - Contribute to the broader security roadmap across Storio Group. Execution & Delivery - Own and deliver the Security Operations backlog and KPIs. - Maintain and enhance our incident case management and response processes. - Coordinate incident response planning and simulation exercises with senior leaders and the board. - Manage external and internal audit and due diligence activities. Threat Detection & Response - Implement … and maintain robust threat detection and response capabilities across cloud, on-premise, and factory systems. -Drive continuous improvement of our vulnerability management program. - Conduct threat intelligence analysis and report on emerging trends and risks. Collaboration & Mentorship - Build trusted relationships with technology partners, vendors, and internal teams. - Collaborate closely with product and engineering teams to identify and mitigate risks More ❯

and static/dynamic security testing (SAST/DAST). Security Tooling and Automation : Implement and maintain security tools used in the development and deployment processes (e.g., scanning tools, vulnerability management systems, SAST, DAST, ASPM). Automate security processes to streamline secure development and operational workflows. Incident Detection and Response : Work with engineering and platform teams to detect … Expertise: Deep understanding of identifying, assessing, and mitigating security risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge and Implementation experience: Direct experience with threat … Demonstrated ability to seamlessly integrate secure development practices into SDLC/SSDLC workflows. Skilled in implementing technical security controls and driving security automation within CI/CD pipelines. Risk Management and Compliance knowledge: Experience with identifying and managing security risks, including conducting risk assessments. Working knowledge of regulatory compliance standards and frameworks. More information: Enjoy fantastic perks like private More ❯

career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. The department covers Cyber Security, Information Security, IT Audit, IT Risks, IT Controls, Access Management and the portfolio for change for all these areas. MAIN PURPOSE OF THE ROLE To ensure latest cyber threat information is monitored and raise awareness across MUFG EMEA by … coordinating with the Application vendors. Development and Maintenance of the Team's Sharepoint/Kizuna Page. Development and Maintenance of the Team's governance documentation and framework. Support urgent vulnerability handling and data leakage incident. Support Operational Security duties where requested. Availability for out-of-hours support Culture and Management Take an active role in the integration of … with IT teams on Cyber security Understanding of Cyber Security and Threat monitoring: Threat information gathering Type of cyber attacks Defence in Depth model. Detective monitoring such as Splunk Vulnerability Management - patching techniques Suggested Experience in SOAR system (Phantom) Experience in Anomali Threat Intelligence Platform Analysis based on MITRE ATT&CK Framework Education/Qualifications: Essential Degree educated More ❯

on in architecture, engineering, and compliance, while leading the charge on modern, cloud-first security strategy. Responsibilties: Designing and implementing robust security policies, controls, and infrastructure protection strategies. Leading vulnerability management efforts, penetration testing, and remediation plans. Monitoring and investigating security events, managing incident response processes end-to-end. Ensuring compliance with security standards such as ISO … or high-trust industries). Hands-on expertise in cloud security (preferably AWS), including securing hybrid and multi-region architectures. Practical knowledge of security tooling: IDS/IPS, SIEM, vulnerability scanners, encryption, SAST/DAST tools, OWASP ZAP, etc. Strong understanding of network security protocols and best practices. Scripting and automation experience (e.g. Python). Proven experience with incident More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M&A security assessments and maintain compliance. Requirements More ❯