1 to 25 of 173 Vulnerability Assessment Jobs in the UK

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and compliance . Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The … into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python, Terraform, Ansible, or CloudFormation . Develop security automation scripts for vulnerability scanning and patch management . Collaboration & Knowledge Sharing Provide guidance and best practices to internal teams on cloud security. Work closely with developers, DevOps, and compliance teams to align More ❯

Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. … Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD More ❯

security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery … Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security … Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform Root Cause Analysis Experience with vulnerability assessments Ability to discover, design and document security implementations. Strong networking skills. Good understanding of securing Cloud technologies through native and multi-cloud technologies. Performed Ethic Hacking, Intrusion Prevention More ❯

with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security … Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform Root Cause Analysis Experience with vulnerability assessments Ability to discover, design and document security implementations. Strong networking skills. Good understanding of securing Cloud technologies through native and multi-cloud technologies. Performed Ethic Hacking, Intrusion Prevention More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and more. Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The Role … ability to work collaboratively with clients and internal teams. Key Responsibilities Design, implement, and maintain security solutions to protect networks, applications, and data. Conduct security assessments, penetration testing, and vulnerability management. Monitor and respond to security incidents, ensuring swift mitigation and resolution. Develop and enforce security policies, procedures, and best practices. Perform security audits and risk assessments to identify … alignment with industry standards and regulations. Requirements Proven experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for security More ❯

is for you. What you will do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents … the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong … capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP/IP, and core network security principles. Proficiency in scripting and programming (i.e. More ❯

assessing, and mitigating security risks across various platforms. The consultant will play a critical role in evaluating and strengthening our clients’ cybersecurity postures by conducting in-depth security assessments, vulnerability analysis, and developing comprehensive security strategies. RESPONSIBILITIES Conduct comprehensive penetration tests, vulnerability assessments, and security audits to identify risks and ensure compliance with industry best practices. Provide expert … reports on penetration testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such as Metasploit, Burp Suite, Nessus, and Wireshark. Strong … understanding of network protocols, firewall configurations, and secure network design. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) to automate tasks and streamline processes. Hands-on experience of vulnerability assessments, Incident response, penetration testing, threat hunting and compromise assessment. Experience collaborating with Sales teams as a pre-sale's cyber security consultant. Experience working in Energy or Construction industry More ❯

and remediate application and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication/authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE … tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC … and log analysis. Proficient in log analysis, SIEM usage/configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially AWS-and cloud-native security practices. Experience conducting penetration tests, vulnerability assessments, and network scans. Excellent communication and collaboration skills More ❯

secure network architectures. Monitor network traffic for suspicious activity and respond to security incidents. Conduct regular network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of … are properly configured and updated. Evaluate and recommend new security tools and technologies to enhance security operations. Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and vulnerability assessments. Prepare reports for management and stakeholders. Collaboration: Work closely with other IT and Digital teams to ensure comprehensive security coverage. Provide security guidance to projects and programs as … solutions. Network Security: Strong understanding of network protocols, VPNs, and network security architecture. Incident Response: Ability to detect, analyse, and respond to security incidents, including forensics and malware analysis. Vulnerability Management: Experience in identifying, assessing, and mitigating vulnerabilities in systems and applications. Automation: Skills in scripting and automation for security tasks (e.g. Python, PowerShell). Information Security Frameworks: Working More ❯

we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers. We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify, assess … applications. Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations. Coordinate the testing of patches prior to deployment to validate functionality and compatibility. Utilize vulnerability scanning tools to identify weaknesses in the IT environment. Analyze and prioritize vulnerabilities based on risk impact and business-criticality. Oversee and enforce best practice for security hygiene; access … reviews, vulnerability assessment, key rotation, etc Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner. Ensure compliance with regulatory requirements, internal policies, and industry standards related to patching and vulnerability management Generate reports on vulnerability status, patching progress, and key metrics for senior leadership and audit purposes. Act as a point More ❯

we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers. We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify, assess … applications. Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations. Coordinate the testing of patches prior to deployment to validate functionality and compatibility. Utilize vulnerability scanning tools to identify weaknesses in the IT environment. Analyze and prioritize vulnerabilities based on risk impact and business-criticality. Oversee and enforce best practice for security hygiene; access … reviews, vulnerability assessment, key rotation, etc Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner. Ensure compliance with regulatory requirements, internal policies, and industry standards related to patching and vulnerability management Generate reports on vulnerability status, patching progress, and key metrics for senior leadership and audit purposes. Act as a point More ❯

As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be a part of the first line of defence in Experian's … departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending on the results of assessment, this team is then responsible for investigating, containing, eradicating, and recovering from events falling in its scope or escalating higher-risk events to dedicated incident response and management teams … security tools including Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch. System administration on Unix, Linux, or Windows Network forensics, logging, and event management Defensive network infrastructure (operations or engineering) Vulnerability assessment and penetration testing concepts Malware analysis concepts, techniques, and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS More ❯

security related requests Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations … how IT Security tooling such as Firewalls, AV, Proxies and IDS/IPS operate Familiar with the Microsoft stack including desktops, servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing More ❯

Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. … Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD More ❯

security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and mitigate security risks … MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree More ❯

security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and mitigate security risks … MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving skills. Qualifications & Requirements: Degree More ❯

Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender. Excellent analytical More ❯

and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with non-technical end-users on More ❯

and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with non-technical end-users on More ❯

vulnerabilities or breaches. Collaborate with teams to resolve performance issues and ensure business continuity. Monitor and maintain security infrastructure, including firewalls, VPNs, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and penetration testing. Apply patches and updates to mitigate security threats. Lead response efforts in cyber-attacks or security breaches, including containment and remediation. Perform root cause analysis More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Our Client is a globally recognised, successful bank who provide world-class services to various institutions and individuals. Offering a comprehensive range of retail and corporate financial services/products, this thriving business boasts over 10 million active customers in over 700 business locations. Due to business requirements … be part of the team supporting the IT & Cyber Security Manager to plan and deliver our business strategy in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely …/Dashboard reports for the relevant stakeholders and alleviate the workload of the IT Service desk function when required. The primary responsibilities of the role is to perform daily assessment of vulnerabilities identified by internal and external scans. Evaluate, risk assess and rate the results of the scan, prioritise all vulnerabilities discovered and remediate/patch within the established More ❯