19 of 19 Vulnerability Management Jobs in Scotland

patterns and reference architectures that will drive adoption of modern technology meeting HMRCs business driven need towards rationalised strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and/or services. Person specification Ideal candidate: A business and technology leader … development and delivery of technical security controls and services. Focused expertise to develop and lead within one or many security technology domains aligning capability to security tooling. Key stakeholder management experience across senior business and technical environments including vendors, partners and other government departments. Able to demonstrate a proven history of delivering high value outcomes in challenging and complex … the Secure by Design Lifecycle. Innovation and Adoption: Research, validate, and adopt new technologies and methodologies, contributing to the organization's broader security technology strategy. Governance, Mentorship, and Stakeholder Management: Represent the organization at governance boards, provide peer reviews and mentoring, and build strong relationships with stakeholders across the civil service, departments, suppliers, vendors, and programs. Essential Criteria: You More ❯

hardware refreshes, system migrations, and software deployments. Cyber Security Act as a first responder to security incidents—triaging alerts, containing threats, and escalating to our SOC where appropriate. Support vulnerability management through patching, configuration management, and reporting. Assist with endpoint detection and response (EDR) tools and threat monitoring platforms (e.g., Microsoft Defender for Endpoint). Work alongside … Azure AD, and Windows Server environments. Solid networking knowledge (TCP/IP, DNS, DHCP, VPNs, VLANs, firewalls). Experience with IT security principles, practices, and tooling (e.g., EDR, MFA, vulnerability scanners). Ability to script or automate tasks using PowerShell or similar tools. Strong troubleshooting and analytical skills with a methodical approach. Ability to work with a hands-on … Experience working with Microsoft Defender for Endpoint, Sentinel, or other SIEM tools. Exposure to compliance standards such as ISO 27001, Cyber Essentials+, or NIST. Understanding of identity and access management, conditional access, and zero-trust concepts. Certifications such as CompTIA Security+, Microsoft SC-200, or MS-102 are a plus. Company Benefits & Perks Competitive Salary 23 days Holiday plus More ❯

Support the IS Manager in Disaster Recovery (DR), and Business Continuity (BC) planning activity, ensuring that alternate facilities are provisioned and ready in the event of a disaster. Threat Management – assist with threat assessment and work with business units in articulating impact and mitigations to reduce attack surface. Plan, schedule, conduct and report on systems security audits, ensuring any … corrective/preventive actions identified are tracked to a satisfactory conclusion. Document and report enterprise risk and compliance issues according to required timelines. Assist with the management, planning & preparation of third-party external penetration testing. Assist in preparation and review of corrective action plans associated with penetration test/vulnerability management findings. Perform internal penetration testing to … Track staff completion of training modules and manage license levels. Effectively respond to security incidents. Essential knowledge, skills and experience Demonstrable experience across multiple cyber security domains including risk management, compliance, vulnerability management, and incident management. Must have a good understanding of Information Security methodologies, standards and technologies, including ISO27001. Previous experience working in an Information Security More ❯

role, you will gather, analyze, and enrich data to produce governance scorecards and reports spanning key cybersecurity areas such as Data Loss Prevention (DLP), Key/Cert/Encryption Management (KCEM), Software Development Lifecycle (SDLC), Cloud Security (CS), Cyber Incident Management (CIM), and Threat and Vulnerability Management (TVM). Your insights will inform senior leadership, regulatory More ❯

role, you will gather, analyze, and enrich data to produce governance scorecards and reports spanning key cybersecurity areas such as Data Loss Prevention (DLP), Key/Cert/Encryption Management (KCEM), Software Development Lifecycle (SDLC), Cloud Security (CS), Cyber Incident Management (CIM), and Threat and Vulnerability Management (TVM). Your insights will inform senior leadership, regulatory More ❯

role, you will gather, analyze, and enrich data to produce governance scorecards and reports spanning key cybersecurity areas such as Data Loss Prevention (DLP), Key/Cert/Encryption Management (KCEM), Software Development Lifecycle (SDLC), Cloud Security (CS), Cyber Incident Management (CIM), and Threat and Vulnerability Management (TVM). Your insights will inform senior leadership, regulatory More ❯

Familiarity with security frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯

Familiarity with security frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯

accordingly. Establishing and developing solution architecture for IT security and end-user service domains, ensuring security is integrated into all aspects of the organisation's IT. Driving and facilitating vulnerability management and secure the design of IT services. Monitoring, identifying, resolution activities, and reporting IT security KPI's and incidents. Liaising with the Engineering Team on all aspects More ❯

major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and … Manager in review of any service delivery processes and workflows, identifying areas for optimization and implementing best practices. Co-ordinate the running and reporting of a risk-based vulnerabilities management including: Scanning systems, networks, and applications to detect potential security weaknesses. Prioritize vulnerabilities based on their risk level, potential impact, and the criticality of the affected assets, ensuring that … challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security More ❯

audiences to support the improvement of systems security and maintain security compliance with internal security standards and external laws, regulations and industry schemes. Comprehensive knowledge of security testing and vulnerability management. Experience of leading and promoting a strong security culture and sharing cyber security knowledge and awareness. Proven success in delivering complex accountabilities with minimal supervision. In depth knowledge More ❯

Red Snapper Recruitment are seeking a detail-oriented and experienced Cyber Incident Management (CIM) and Threat and Vulnerability Management (TVM) Governance Analyst to support a robust cybersecurity governance program. This role plays a key part in enhancing and maintaining the integrity of cybersecurity operations through effective data analysis, reporting, and cross-functional collaboration. The successful candidate will … teams and external partners to support governance-related functions. Assist with distributing governance reports across organizational leadership and forums. What You Bring: Deep understanding of cyber incident response, patch management, and vulnerability assessment in large-scale environments. Strong problem-solving, analytical, and organizational skills. Ability to build strong working relationships in a global, distributed team environment. Experience using More ❯

Red Snapper Recruitment are seeking a detail-oriented and experienced Cyber Incident Management (CIM) and Threat and Vulnerability Management (TVM) Governance Analyst to support a robust cybersecurity governance program. This role plays a key part in enhancing and maintaining the integrity of cybersecurity operations through effective data analysis, reporting, and cross-functional collaboration. The successful candidate will … teams and external partners to support governance-related functions. Assist with distributing governance reports across organizational leadership and forums. What You Bring: Deep understanding of cyber incident response, patch management, and vulnerability assessment in large-scale environments. Strong problem-solving, analytical, and organizational skills. Ability to build strong working relationships in a global, distributed team environment. Experience using More ❯

Red Snapper Recruitment are seeking a detail-oriented and experienced Cyber Incident Management (CIM) and Threat and Vulnerability Management (TVM) Governance Analyst to support a robust cybersecurity governance program. This role plays a key part in enhancing and maintaining the integrity of cybersecurity operations through effective data analysis, reporting, and cross-functional collaboration. This role is based … teams and external partners to support governance-related functions. Assist with distributing governance reports across organizational leadership and forums. What You Bring: Deep understanding of cyber incident response, patch management, and vulnerability assessment in large-scale environments. Strong problem-solving, analytical, and organizational skills. Ability to build strong working relationships in a global, distributed team environment. Experience using More ❯

ensuring the highest standards of performance, scalability and security are maintained. A research infrastructure technical expert with deep understanding of high-performance compute (HPC) and research data storage and management, the postholder will be responsible for specifying, deploying and maintaining related services. These services are research-driven and the postholder will establish close collaborative relationships with PIs to understand … Information Services/IT Services to ensure the security and resilience of RCaaS research computing infrastructure services underpinned by the development of a suitable quality assurance approach including sufficient management processes and audit controls. 5. Establish and maintain metrics and produce concise reporting that demonstrates performance and utilisation of RCaaS research computing infrastructure services, working with relevant University finance … PIs, research managers and College and University IT professionals to identify complex research computing infrastructure requirements and ensure needs are reflected in plans and implemented services. 11. Provide line management for RCaaS research computing infrastructure staff including responsibility for performance and development, managing workload and recruiting staff where necessary. 12. Perform such other duties, appropriate to the grade, as More ❯

in ensuring the security and integrity of the infrastructure, which includes the data centers, cloud environments, networks, and office/branch assets. This is an exciting opportunity to lead vulnerability assessments, drive remediation efforts, and enforce secure builds and configurations across our estate. Key Responsibilities: Lead the implementation of Infrastructure & Cloud security strategies, policies, controls, services, metrics, and compliance. … Oversee and support vulnerability management efforts across both on-premise and cloud environments. Contribute to the strategy, policy, controls, services, and metrics related to network security, including WAF, DDoS protection, and firewalls. Experience & Skills: Primary Expertise: Vulnerability management within infrastructure environments, with proven experience leading teams. Secondary Expertise: Knowledge and experience in network security, including firewalls More ❯

MAIN ACTIVITIES: Implement Critical Requirements: Ensure compliance with CR GR SSI 001, CR GR SSI 023, GS EP INS 135, and L2-OPS-17-001 across all assets. Incident Management: Review, investigate, mitigate, and resolve cybersecurity incidents, anomalies, and threats promptly. Cyber Security Road Map: Assist in delivering key activities and act as a delegate for the Lead Cyber … out UK government cybersecurity self-assessment reports. Solution Support: Roll out HQ security solutions, including administration and troubleshooting. Audits: Conduct site audits, recommend improvements, and track actions to completion. Vulnerability Management: Manage the client industrial cybersecurity vulnerability process and ensure timely patching. Training: Develop and maintain industrial cybersecurity training materials and competence procedures. Emergency Response: Create and … REQUIREMENTS: Essential Qualifications/Knowledge Required: Education: Relevant degree in Instrumentation and Controls, Computer Science, or Cyber Security. Experience: Prior relevant industry experience. Knowledge: Understanding of offshore operations, project management, and UK industry regulations. Expertise: In-depth understanding of IEC/ISA 62443 and OG-86. Management Skills: Experience managing contractors, vendors, and service providers. Communication: Effective communicator More ❯

hardware refreshes, system migrations, and software deployments. Cyber Security Act as a first responder to security incidents-triaging alerts, containing threats, and escalating to our SOC where appropriate. Support vulnerability management through patching, configuration management, and reporting. Assist with endpoint detection and response (EDR) tools and threat monitoring platforms (e.g., Microsoft Defender for Endpoint). Work alongside More ❯

is responsible for ensuring all agreed deliverables are met for the represented network service capability. Represent all DXC Network Services seamlessly and provide a conduit between our DXC account management team, network operations, project, engineering, architecture, other DXC support groups, client counterparts, and other third-party network service providers or suppliers where required. Practice 'extreme ownership' of everything DXC … managed devices have a current support contract. Manage risks and ensure formal Risk Acceptance Forms are signed for any known risks accepted by the account or customer. Ensure proactive management of network performance and operability. Work with ASO to ensure compliance with contractually agreed security vulnerability management and security report findings. Facilitate the propagation of key information … the monthly NS report. Manage Operation Level Agreement (OLA) and Underpinning 3rd party Contracts (UC). Describe in CMDB Report all failed RFC's to Network Governance Team (NDL Management and ARL). Ensure lead engineer involved in a failed RFC attends a Lessons Learnt session. Ensure a recurring governance meeting is conducted with both onshore and offshore network More ❯