15 of 15 Vulnerability Management Jobs in the Midlands

now seeking a Cyber Security Analyst to join the information security function. Reporting to the Information Security Manager , you will support critical activities related to threat monitoring, incident response, vulnerability management and risk mitigation, while also acting as a key advocate for cyber awareness across the wider organisation Key Requirements Essential: 3+ years experience in cyber security Proficiency … in SIEM , antivirus , and vulnerability management tools Understanding of AD , Office 365 , Windows Server , and infrastructure security Strong IT skills with experience across networks, OS, and security protocols Incident response and threat analysis expertise Familiar with Azure/Microsoft Defender and best practice frameworks ITIL Foundation certified (v3 or later) or experience in an ITIL environment Awareness of More ❯

and checks to ensure security tooling is optimised Provide advice and support to business units on security best practice and control implementation Hands-on experience with security tooling (EDR, vulnerability scanning, access control) Familiarity with Security frameworks such as NIST, PCI-DSS, and GDPR Experience working with Microsoft environments (O365, Azure) Clear communicator, able to engage with both IT … role, and wants to take on broader responsibilities Has been the security point-person in an IT team, leading on patching or endpoint protection Has hands-on experience with vulnerability management tools like Tenable, and is ready to play a bigger role in shaping how security tools are implemented and optimised across the business. This is a chance More ❯

tooling is optimised Provide advice and support to business units on security best practice and control implementation What We’re Looking For Hands-on experience with security tooling (EDR, vulnerability scanning, access control) Familiarity with Security frameworks such as NIST, PCI-DSS, and GDPR Experience working with Microsoft environments (O365, Azure) Clear communicator, able to engage with both IT … role, and wants to take on broader responsibilities Has been the security point-person in an IT team, leading on patching or endpoint protection Has hands-on experience with vulnerability management tools like Tenable, and is ready to play a bigger role in shaping how security tools are implemented and optimised across the business. This is a chance More ❯

all certification activities related to ISO 27001:2022. Ensure that any business changes, acquisitions, or transformations are accounted for within the scope of certification, through proactive risk identification and management with IT assets owners. Development and championing all Information Security Policies, Procedures and relevant standards, and produce supporting documentation and training material to ensure organizational compliance. Orchestrate continual improvement … and promote security best practices across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of Three Lines of Defence Model … and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we work in. • We're passionate about giving back to society, leaving the world a better More ❯

and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll … IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team Collaboration - Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement - Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact - Help protect the systems that keep More ❯

our organisation's data and IT infrastructure. This role focusses on the operational aspects of data protection - from technical risk assessments and secure system configuration reviews to incident response, vulnerability remediation tracking, and regulatory compliance audits. You will work closely with engineering, DevOps, and IT teams to embed privacy and information security controls into our technology stack. This is … a full-time position. Occasional after-hours work may be required to support incident response, high-priority vulnerability fixes, or audit activities. Develop and implement data protection governance: Design, implement, and enforce data protection and information security policies and procedures aligned with business objectives and regulatory requirements Support the development of strategies to mitigate and monitor data protection risks … a strategy to mitigate, manage, and monitor data protection risks and incidents Work collaboratively with other departments to ensure the alignment of security efforts with wider business objectives Risk management: Identify, assess, and document data protection risks across systems and processes Support administration of data protection systems and risk reporting. Provide advice and guidance to teams on how to More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

design effective controls. You will be leading the Cyber Security operations function, by providing strategic direction and coordinating day-to-day delivery of threat intelligence, threat detection, incident response, vulnerability management, and ethical hacking capabilities. You will be leading a team of Infrastructure Engineers, ensuring strong data controls are in place, whilst working closely with key stakeholders to … experience of creating cyber security roadmaps Experience of building and implementing strong operational processes Excellent communication skills with the ability to translate business requirements into technical solutions Strong stakeholder management skills What you'll get in return This exciting position is paying between £70,000 and £80,000 negotiable on experience and offers an excellent work life balance including More ❯

design effective controls. You will be leading the Cyber Security operations function, by providing strategic direction and coordinating day-to-day delivery of threat intelligence, threat detection, incident response, vulnerability management, and ethical hacking capabilities. You will be leading a team of Infrastructure Engineers, ensuring strong data controls are in place, whilst working closely with key stakeholders to … experience of creating cyber security roadmaps Experience of building and implementing strong operational processes Excellent communication skills with the ability to translate business requirements into technical solutions Strong stakeholder management skills What you'll get in return This exciting position is paying between £70,000 and £80,000 negotiable on experience and offers an excellent work life balance including More ❯

Your role and responsibilities As a Cybersecurity Architect, you will specialize in DevSecOps, integrating security into the software development lifecycle, automating security practices, and ensuring robust threat modeling and vulnerability management. Your primary focus will be on cloud-native and on-premises environments, with a strong emphasis on application security, infrastructure as code (IaC) security, and cloud security posture … management. Additionally, you will contribute to data security efforts, securing data at rest, managing key management systems, and ensuring strong governance across data access. Responsibilities: Integrate security into the software development lifecycle, automating security practices into CI/CD pipelines. Implement automated security testing (SCA, SAST, DAST) to identify and remediate vulnerabilities at every stage of development. Secure IaC … configurations, ensuring secure provisioning, configuration management, and continuous monitoring of infrastructure. Utilize CNAPP and CSPM tools to secure cloud-native environments, focusing on application security and cloud posture management. Design and deploy PKI solutions for secure key management, including key generation, key ceremonies, and certificate management. Required education None Preferred education Bachelor's Degree Required technical and professional More ❯

order to support strategic decision-making for Cyber and Technology leadership Take the lead in evaluating and recommending standardized risk sloping & scoring methods across Tech and Cyber domains, including Vulnerability Management, Data Security, and Network Security across the enterprise Serve as a point of contact for ISO Assurance Team service offerings and assist with onboarding junior team members. … Standardize the review of mitigating factors and controls in support of risk management activities so that technology and business teams can prioritize risk reduction activities in order to allow teams to focus on the areas of the greatest impact Work cross-functionally with Advisory, Assessment, and Risk Operations functions within the Information Security Office to measure cybersecurity and technology More ❯

of the most exciting technologies in the industry. You will: Designing, implementing and evolving secure, scalable architecture using Microsoft Security solutions (Defender, Sentinel, Entra, Purview, and more). EmbeddingQualysvulnerability management into real-world environments. Leading the charge onautomationandGenerative AIacross our security stack. Setting governance standards and shaping the future of secure service delivery. Collaborating with cross-functional teamsfrom SOC … work expereince in security architecture or engineering, ideally within an MSSP or consultancy. Deep hands-on experience with Microsoft Security technologies. Proven track record in automation, Gen AI, or vulnerability management (especially Qualys). Strong grasp of security frameworks (MITRE ATT&CK, NIST, ISO 27001). Strategic mindset with the ability to communicate clearly across technical and non More ❯

Centurum is seeking a Computer Security System Specialist who will provide expertise following the Risk Management Framework (RMF) and applying it across program and system cybersecurity activities. Apply federal and agency policies to cybersecurity processes, documentation, and continuous monitoring. Assist with preparing packages for system Authority to Operate (ATO). Perform Assessment and Authorization (A&A) and Independent Verification … and Validation (IV&V) tasks. Manage and update cybersecurity documentation and artifacts and post them in required data repositories. Perform system scans and vulnerability management. Manage system Plan of Action and Milestones (POA&Ms). Ensure access controls and elevated user privileges are monitored and tracked. Assist with cyber inspections, audits, and readiness reviews. This will be a hybrid … DoD security clearance. Required Experience: Six (6) years of information assurance/cybersecurity experience with military automated information systems and information technology. (Substitution: None) Working knowledge of the Risk Management Framework (RMF) for Information Technology. (Substitution: None) Certification: Information Assurance Manager level II EOE M/F/Disability/Veteran Benefits Full-time employees are eligible for the More ❯

Who we are looking for An Information Security Analyst, who will work within our vulnerability management team, which focuses on the technical side, ensuring IT systems are operated in a secure manner. The Information Security department monitor our live operation, creating and reacting to alerts and other anomalies identified through automated tools or manual analysis. You will review … the results in terms of risk and impact assessment, additionally you will own the scheduling of, and planning for specialist third-party vulnerability and penetration testing, in addition to the collation of reports. Liaising with parts of the Business, will aid your understanding of the risk profile then advice on options to resolve any issues identified. You will work … its requirements on regulatory matters. This role is eligible for inclusion in the Company s hybrid working from home policy. Ability to demonstrate hands-on technical experience of conducing vulnerability scanning, evaluation of results and articulation of the risk vulnerabilities may pose. Experience of security related technical investigations. Working knowledge of industry standard information security practices. Knowledge of developments More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯