25 of 25 Vulnerability Management Jobs in the Midlands

VULNERABILITY MANAGEMENT ANALYST Up to £70,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces … behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management/SOCAnalyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes & Schedules related … to Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management/SOC Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of SOC/Vulnerability Management Analyst role More ❯

working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … Assist in managing third party risk processes by evaluating external partners' security postures and ensuring compliance with internal requirements. Work closely with Security Operations and IT teams to oversee vulnerability assessments and coordinate remediation efforts effectively. Conduct thorough reviews of security architecture for new systems and services to ensure robust protection measures are in place from the outset. Evaluate … necessary, and help implement new solutions as required. Contribute to the deployment of advanced security tools and technologies that enhance the organisation's overall cyber resilience. Oversee the incident management process by supporting detection, response, reporting, and resolution of security incidents. Prepare clear security metrics reports for stakeholders at all levels to inform decision-making and demonstrate progress against More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

work as part of a team providing a range of capabilities and may operate across one or more contexts including the following: Hosting environments and landing zone management. Security, management, governance and automation of DfE's centrally managed hosting environments and cloud landing zones. Includes design, build, operate and maintain core cloud computing IT infrastructure services, ensuring that they … and that they continue to meet requirements. Managed infrastructure service. Build, operate & maintain cloud and on-premises infrastructure resources for business applications. Updates and patching, back-up & restore, security vulnerability management, capacity management, service optimisation, incident resolution, request fulfilment, service controls, and asset management. Service improvement. Develop new, and enhance existing IT infrastructure products, services or processes … Service (PaaS), and Infrastructure as a Service (IaaS) so that the Department and its partners can embrace the government's Cloud First policy. Create and sustain modern deployment and management standards, practices, and techniques for our cloud resources. Lead, support, coach, and mentor less experienced Infrastructure Engineers in managing, supporting and maintaining the Department's infrastructure. Advocate user-centric More ❯

a leadership role within Defra's operational IT function, Group Infrastructure and Operations (GIO). The role requires demonstration of deep and wide-ranging IT leadership skills in service management and strategic direction setting of the Service Operations functions. The Head of Service Operations is responsible for the effectiveness of operational IT services and user support to ensure optimum … strategy, to remain effective whilst supporting modern service delivery approaches, including Agile and DevOps. As such the role requires the ability to function seamlessly between strategic thinking and operational management of live services. The role's level of operational responsibility is high and includes leading through major disruption at times of major incidents including cyber security ones. As a … be required to develop strong relationships with Defra group's delivery bodies and Arms Length Bodies (ALBs) in order to deliver core IT services as part of the Service Management Operating Model. Key Responsibilities Primary responsibility is to ensure service availability is maintained at required levels, and in doing so own the responsibilities of: Sets the vision, and strategy More ❯

diagnose, and resolve hardware, software, and system-related issues. Act as a key liaison with third parties and government systems to escalate and resolve operational IT issues. Oversee endpoint management, including policy enforcement, configuration, application deployment, and Windows OOBE imaging. Administer virtual endpoints and assets within a cloud-hosted infrastructure. Perform patching and vulnerability management across operating … Manage licensing, user accounts, and group permissions within Microsoft 365. Proactively monitor system health, conduct Level 1-3 incident analysis, and escalate identified cyber security risks. Participate in incident management activities, including major incident response calls, adhering to ITIL support practices. Maintain and enhance network infrastructure, ensuring optimal performance and security. Identify and implement automation opportunities to improve IT More ❯

a strategic and hands-on role where you'll be the key bridge between clients and operational teams, ensuring smooth delivery of security services, incident response coordination, and ongoing vulnerability management. If you’ve got a deep background in cybersecurity operations, excel under pressure, and know how to guide both clients and internal teams, this could be your next … remediation activities Managing client-facing service reviews (weekly/monthly), presenting clear reports and insights Supporting internal delivery teams to ensure SLAs are met and quality standards maintained Overseeing vulnerability scanning and prioritisation , and guiding clients on remediation Supporting and managing IDS/IPS configuration and updates Driving continuous improvement across service delivery processes What We’re Looking For … 10+ years in Security Operations or SOC-related service delivery Strong technical understanding of incident response, vulnerability management, IDS/IPS Proven experience handling client relationships, stakeholder management , and crisis situations Excellent communication skills — both technical and non-technical Experience leading cross-functional teams in fast-paced environments Relevant certifications (e.g. CISSP, GCIH, CICM) UK SC clearance More ❯

internal systems Maintain and enhance the progressive Cyber Security roadmap/Strategy Maintenance of a Cyber Security Incident Response Plan Maintain the robust approach to security and event information management Review/modify and update ICT policies and processes Co-ordination of security audits and management of outcomes Attend routine board meetings to overview current and future information … and vulnerabilities. Ensuring the system remains fit for purpose for future threats and estate changes Co-ordination of penetration testing The continued review and recommendation of security assessment tools Management of security with regards to new systems acquisition Analyse and report on potential threats or patterns Respond to security related enquiries Ideal Technical Knowledge: CISSP qualification Networking (prefer Cisco … Active Directory Virtualisation Platforms (prefer VMWARE) AV/EDR/XDR SIEM (preference AlienVault) Email Security (Prefer Mimecast) Vulnerability Management (prefer Nessus) Please apply to hear more More ❯

across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role Are you … across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands More ❯

across OT networks, ideally within the energy sector. The role will report into the Chief Information Security Officer (CISO) and will play a key role within an OT risk management framework which covers multiple generation and storage sites. The role can be based from Immingham or London offices. Regular travel to sites will be required. The Role Are you … across multiple UK energy generation and storage sites? We're looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands More ❯

major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and remediation … Manager in review of any service delivery processes and workflows, identifying areas for optimization and implementing best practices. Co-ordinate the running and reporting of a risk-based vulnerabilities management including: Scanning systems, networks, and applications to detect potential security weaknesses. Prioritize vulnerabilities based on their risk level, potential impact, and the criticality of the affected assets, ensuring that … challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise: Very strong experience in providing technical support and advice for a Security Operations Centre Demonstrate More ❯

are operating effectively. Provide technical advice to product owners on future visions, strategies and roadmaps aligned with IAG Lead a team of cyber engineers, providing both technical and line management support Forecast and manage cyber resourcing across multiple products, ensuring cost alignment and consistency in approach Ensuring timely and effective resolution of Engineering incidents on BA Cyber products Maintain … detailed documentation of BA security policies, procedures, and incidents What you'll bring to British Airways: High proficiency in Security Tools and Technologies, such as; SIEM, Vulnerability Management, EDR and Identity Experience in leading and mentoring a team of security professionals and an ability to foster a collaborative and learning-oriented environment Proven track record of implementing and More ❯

long-term career growth. What you'll do: As an IT Compliance Analyst, you will be at the heart of the organisation's efforts to maintain robust governance, risk management, and compliance standards. Your day-to-day activities will involve managing client audit inboxes, responding promptly to information requests, completing detailed questionnaires, and ensuring all documentation is up-to … participating in training programmes, you will help embed a culture of security awareness throughout the business. This role offers you the chance to expand your knowledge in governance, risk management, data protection, and information security within a dynamic international environment. Take ownership of completing and coordinating client security questionnaires and due diligence requests by gathering accurate information from relevant … demanding clients. Your familiarity with leading frameworks such as ISO 27001 and Cyber Essentials Plus will enable you to navigate complex requirements efficiently. Your keen interest in governance, risk management, data protection laws, and information security means that you are always looking for ways to enhance existing processes. A methodical approach ensures that documentation is meticulously maintained while your More ❯

evolve and secure our Operational Technology (OT) estate. We’re looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands … on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of controls. Deliver awareness training and cyber security guidance across OT engineering teams. Champion collaboration across cyber, IT, and engineering teams—bridging gaps between tech, process, and people. What we’re looking for The ability to More ❯

evolve and secure our Operational Technology (OT) estate. We’re looking for a Cyber Security OT Specialist with strong first-line technical skills and a solid grounding in risk management frameworks, ideally with experience in the energy sector. This is a key role within our cyber risk function, supporting our sites' critical infrastructure and helping shape secure and resilient … environments aligned with IEC62443 standards. Key Responsibilities Lead the implementation of new technical security controls across OT environments. Contribute to the assessment of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands … on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of controls. Deliver awareness training and cyber security guidance across OT engineering teams. Champion collaboration across cyber, IT, and engineering teams—bridging gaps between tech, process, and people. What we’re looking for The ability to More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯

builder to streamline and strengthen how security gets done. Respond to incidents with confidence, contribute to security audits, and answer client queries like a pro. Harden our systems: lead vulnerability management, champion new security policies, and help us stay two steps ahead of threats. Always be learning-dive into the latest security tools and trends, and shape our More ❯

to escalate and resolve operational issues Manage and maintain company endpoints, configurations, and application deployments Oversee cloud-hosted virtual endpoints and assets Perform OS, firmware, and application patching and vulnerability management Support onboarding/offboarding processes, including access setup and asset allocation. Administer licenses, accounts, and user groups in Microsoft 365. Monitor and maintain health of live systems More ❯

reliable operation of the organisations Azure-based infrastructure, with a key application hosted in AWS. This role blends hands-on technical delivery with strategic oversight, covering endpoint security, identity management, patching, vulnerability remediation, and threat response. Key activities include: Managing and supporting a small infrastructure and security team. Overseeing Azure and AWS environments, contributing to architecture decisions. Driving … endpoint and identity security via Microsoft Intune, Defender, and Entra ID. Leading patch management, endpoint hardening, and vulnerability resolution. Acting as escalation point for incidents from a third-party SOC and coordinating internal response. Supporting Cyber Essentials Plus and ISO 27001 compliance activities. Administering operational security tools including Microsoft Sentinel and Defender XDR. Maintaining technical documentation and clear … operational procedures. About You Strong hands-on experience with cloud infrastructure management (Azure essential). Proven track record in endpoint protection, IAM, patching, and vulnerability management. Skilled in Microsoft Intune, Defender suite, and Sentinel SIEM. Experience supporting security compliance programmes. Excellent coordination skills, especially during incident response. Able to balance operational delivery with strategic infrastructure and security improvements. More ❯

skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial systems Ensuring compliance with GLBA, PCI, FFIEC, and other regulatory frameworks Supporting risk reviews, vendor assessments, and internal audits Participating in security exercises … What You'll Need to be Considered 3-5+ years of relevant experience Prior experience in financial services, banking, or fintech cybersecurity Expertise with SIEM, EDR, NGFW, and vulnerability management tools Familiarity with scripting (Python, PowerShell) for automation and threat detection Experience conducting third-party risk reviews and regulatory reporting ITAC Solutions firstName lastName Email Address Phone More ❯

maintain the Cyber Security roadmap for the company and their clients. Investigate priority threats and potential Cyber incidents. Coordination of security audits. Review and recommendation of security assessment tools Management of security with regards to new systems acquisition. Deliver in person Cyber Security training programmes. Requirements: Networking experience Cyber Security Active Directory and Virtualisation experience. SIEM experience Email Security … Vulnerability Management The Package: If successful our client is offering a salary between £40,000 - £42,000 per annum, favourable holiday allowance. How to Apply : If you are interested in hearing more about this vacancy or interested in applying for the role please email me at or contact Principal IT Directly on LinkedIn. INDGH More ❯

team members Ensure accurate documentation and incident records Participate in team meetings and contribute to service improvements Use monitoring tools to track and resolve incidents Support compliance, patching, and vulnerability management Liaise with 3rd Line teams to drive service enhancements Deliver small project work to customer timelines What you'll need We're looking for a team player More ❯