101 to 125 of 276 Vulnerability Management Jobs in the UK

Sr. Cloud Security Architect professionals to be part of leading-edge technology projects. Cognizant's Cloud, Infrastructure & Security Services Practice provides end-to-end solutions covering architecture, design, implementation, management, and on-going support across the entire enterprise technology infrastructure. Our services include a spectrum of management, consulting, and systems integration services to help our clients maximize value … Shield Advanced, AWS Secrets Manager, AWS Inspector, AWS Macie, AWS GuardDuty, AWS Detective, AWS CloudTrail, and AWS Security Hub. Ensure cloud environments meet organizational and compliance security standards, Firewall Management Manage, configure, and troubleshoot Checkpoint Firewall to maintain network perimeter security and prevent unauthorized access, Infrastructure as Code (IaC) Develop and maintain IaC using AWS CloudFormation or Terraform for … automated deployment, configuration management, and consistent infrastructure provisioning. Security Configuration and Optimization Configure and optimize security measures, including IAM policies, security groups, network access controls, and encryption protocols. Monitoring and Incident Response Monitor AWS security alerts and incidents using AWS tools. Respond to and mitigate threats in real-time, conducting post-incident analysis and documentation. Risk and Compliance Management More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data … use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in a dynamic SME environment Influence across security operations, governance, and … data management Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company More ❯

systems proactively for suspicious activity. Maintain and update cyber security procedures and documentation. Provide IT support when required, including first, second, and third line assistance. Attend monthly cyber/vulnerability meetings and contribute expertise as needed. Essential Skills & Experience: Minimum 2 years' experience in an IT security-related role ???. Experience with vulnerability management and reporting tools. … verbal communication skills to explain risks to both technical and non-technical stakeholders. CompTIA Security+ or equivalent qualification ??. Desirable: Experience with SIEM systems, EDR, IDS/IPS, and vulnerability scanners. Previous experience in a law firm or professional services environment. Familiarity with Practice Management Systems (PMS) and Document Management Systems (DMS). Personal Attributes: Methodical, thorough More ❯

architect, and maintain network security infrastructure including Firewalls, IDPS, Proxies, Load Balancers, VPNs, and WAFs. Develop and manage firewall policies, network access controls, IAM solutions, MFA, RBAC, and privilege management . Ensure alignment of security measures with compliance standards (GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and remediate risks. Apply industry frameworks such … as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI/Azure/AWS), PKI, cryptography, web/email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT teams (network engineers, sysadmins, developers) to ensure a holistic approach to security. Communicate More ❯

SecOps Lead , you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. Key Responsibilities Serve as the primary contact for the MDR partner, managing the relationship, conducting service … plan (IRP) and playbooks in collaboration with the MDR provider. Translate technical security risks into actionable business recommendations for stakeholders at all levels. Contribute to broader cybersecurity initiatives , including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. More ❯

SecOps Lead , you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. Key Responsibilities Serve as the primary contact for the MDR partner, managing the relationship, conducting service … plan (IRP) and playbooks in collaboration with the MDR provider. Translate technical security risks into actionable business recommendations for stakeholders at all levels. Contribute to broader cybersecurity initiatives , including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. More ❯

managing and enhancing the IT and Information Security risk landscape. Reporting directly to the Head of Risk and Assurance, you will play a key role in embedding effective risk management practices across the company's technology and cybersecurity domains. As a Risk & Assurance Manager, you'll be responsible for and have ownership for: Partnering with senior IT, Security, and … business leaders to embed risk management practices into operational processes and strategic initiatives. Owning and maintaining IT Risk and Control Matrices (RCMs) , ensuring they remain current, comprehensive, and aligned with industry standards and audit expectations. Reviewing effectiveness of first line functions in testing and validation of key IT controls (e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes (e.g., ISO 27001, Cyber Essentials, ISO22301, etc.), acting as the primary point of More ❯

Exceptional written and verbal communication skills, with the ability to articulate complex technical findings and nuanced threat intelligence insights clearly and concisely to diverse audiences. Strong organizational and time management skills, with a proven ability to effectively manage and prioritize multiple concurrent engagements. Current CREST CTL certification or higher is essential. Desirable Skills: Experience with Breach Attack Simulation tools … and methodologies. Experience in Vulnerability Management processes and integrating threat intelligence. Understanding of Risk Management frameworks and how threat intelligence informs risk assessments. Hands-on experience with security reviews of AWS, Azure, and GCP environments, incorporating cloud-specific threats. Experience with ISO 27001 auditing/implementation, understanding the role of threat intelligence in compliance. Other advanced cybersecurity More ❯

Exceptional written and verbal communication skills, with the ability to articulate complex technical findings and nuanced threat intelligence insights clearly and concisely to diverse audiences. Strong organizational and time management skills, with a proven ability to effectively manage and prioritize multiple concurrent engagements. Current CREST CTL certification or higher is essential. Desirable Skills: Experience with Breach Attack Simulation tools … and methodologies. Experience in Vulnerability Management processes and integrating threat intelligence. Understanding of Risk Management frameworks and how threat intelligence informs risk assessments. Hands-on experience with security reviews of AWS, Azure, and GCP environments, incorporating cloud-specific threats. Experience with ISO 27001 auditing/implementation, understanding the role of threat intelligence in compliance. Other advanced cybersecurity More ❯

for an Information Security Officer to lead the organisation's security strategy, operations, and compliance efforts. This hands-on role blends strategic security architecture with day-to-day operational management and regulatory compliance oversight. The ideal candidate will establish and maintain security standards across the product portfolio, oversee secure system environments, and act as the primary contact for ISO … for new features and system changes. Evaluate and recommend security technologies and tools. Operational (40%) Manage security environments across Azure and AWS infrastructure. Lead incident response efforts and coordinate vulnerability remediation activities. Manage continuous security monitoring, alerting, and detection systems. Administer vulnerability management and penetration testing programs. Maintain strong identity, access, and privilege management controls. Compliance More ❯

years’ experience in cybersecurity operations, ideally within a SOC or incident response environment. Proven expertise with QRadar (key focus), Splunk, or Microsoft Sentinel. Strong grasp of network traffic analysis, vulnerability management, and ethical hacking techniques. Solid understanding of DFIR principles and evidence handling. Knowledge of ITIL processes – Incident, Problem, and Change Management. Comfortable working autonomously in a More ❯

matter expert for IT security operations, policies, and risk management. Monitor and respond to security alerts and incidents, working closely with internal SOC and Cyber teams. Conduct security reviews, vulnerability assessments, and compliance checks across infrastructure and cloud platforms. Ensure adherence to security frameworks, policies, and procedures (ISO27001, NCSC guidelines, etc.). Review and enhance access controls, identity management … detection use cases. What You Will Ideally Bring Proven experience in an IT Security Officer or similar role within a complex IT environment. Strong understanding of cybersecurity frameworks, risk management, and compliance. Knowledge of patch and vulnerability management processes. Ability to interpret security findings and translate them into actionable recommendations. Excellent communication and stakeholder management skills. More ❯

Kubernetes platforms (AKS/EKS/GKE), service mesh (Istio/Linkerd), ingress, and autoscaling. Implement CI/CD (GitHub Actions/Azure DevOps/GitLab), environment promotion, secrets management, artifact repos. Security & Compliance Define guardrails (CIS benchmarks), cloud security posture management (Defender for Cloud, AWS Security Hub, GCP SCC). Vaulting and KMS (AWS KMS, Azure Key … Vault, GCP KMS), key rotation, data classification & encryption. Threat modelling, zero trust patterns, vulnerability management, incident runbooks. Data & Integration Reference architectures for streaming/batch (Kafka/MSK, Event Hubs, Pub/Sub), data lakes, warehouses (BigQuery, Synapse, Redshift), ETL/ELT. API strategy (APIM/API Gateway/Apigee), messaging (SQS/SNS/Service Bus/…/SLIs, error budgets. Governance & Cost Landing zone governance, tagging/labels, budget alerts, reserved/savings plans. Operating model definition (RACI), platform backlog, roadmap, and risk management. Stakeholder Management Run workshops, architecture reviews, and design clinics. Collaborate with InfoSec, Network, Data, and App teams; mentor engineers. Required Experience 8+ years in cloud architecture/engineering; 3+ years multi More ❯

delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct threat modelling, risk assessments, and incident response . … Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve security issues. Essential Skills & Experience Proven experience … Expertise in cloud security (Azure & AWS) . Demonstrated success leading or building CSOCs or security programmes . Strong documentation and design skills (HLD/LLD). Excellent communication, stakeholder management, and project leadership. Certifications (Highly Desirable) CISM - Certified Information Security Manager Microsoft Certified: Azure Security Engineer CCNP/CCIE (Security/R&S) CCSA/CCSE (Checkpoint) JNCIA (Juniper More ❯

delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct threat modelling, risk assessments, and incident response . … Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve security issues. Essential Skills & Experience Proven experience … Expertise in cloud security (Azure & AWS) . Demonstrated success leading or building CSOCs or security programmes . Strong documentation and design skills (HLD/LLD). Excellent communication, stakeholder management, and project leadership. Certifications (Highly Desirable) CISM – Certified Information Security Manager Microsoft Certified: Azure Security Engineer CCNP/CCIE (Security/R&S) CCSA/CCSE (Checkpoint) JNCIA (Juniper More ❯

Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities. Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards. Oversee vulnerability management, threat intelligence, and incident response plans. Communicate security posture, risks, and incident outcomes clearly to senior stakeholders. Ensure operational readiness and contribute to maintaining industry accreditations. Have … bring a number of the following to this SOC Operations Manager role: Proven experience leading SOC operations in a 24×7 or multi-client environment. Strong background in incident management, threat detection, and escalation processes. Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel. A passion for developing teams — coaching analysts and building collaborative, high-performing More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯

GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response … Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills. More ❯

years' experience in cybersecurity operations, ideally within a SOC or incident response environment. Proven expertise with QRadar (key focus), Splunk, or Microsoft Sentinel. Strong grasp of network traffic analysis, vulnerability management, and ethical hacking techniques. Solid understanding of DFIR principles and evidence handling. Knowledge of ITIL processes - Incident, Problem, and Change Management. Comfortable working autonomously in a More ❯

the end-to-end journey. Principal Preferred Requirements Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at More ❯

such as antivirus, content filtering, firewalls, and intrusion detection systems. *Proficiency in Microsoft Azure and associated cloud security services. *Familiarity with Windows and Linux operating systems. *Experience with log management and security monitoring platforms. *Critical thinking and problem-solving skills in complex technical environments. *Knowledge of ITIL practices and security compliance standards. *Must have access to own transport. *Willingness … Computer Science, Cybersecurity, or a related field. *Postgraduate qualification in an IT-related subject. *Professional certifications such as CISSP, CompTIA Security+, or equivalent. *Experience with governance frameworks and risk management tools. Key Responsibilities *Operate and maintain security systems including firewalls, antivirus, intrusion detection/prevention, and authentication platforms. *Monitor system logs and network traffic to identify suspicious activity and … potential threats. *Respond to security incidents and support forensic investigations. *Develop and maintain security protocols, policies, and procedures. *Conduct vulnerability assessments and recommend mitigation strategies. *Deliver cybersecurity awareness training and guidance to staff. *Maintain the information security risk register and support audit processes. *Collaborate with IT and operational teams to ensure secure system configurations. *Assist in compliance with frameworks More ❯

s hybrid infrastructure, spanning both on-premise and cloud environments. This role is ideal for a hands-on technical professional with a strong background in network and system security, vulnerability remediation, and endpoint protection using Microsoft Intune . Key Responsibilities Support and secure network infrastructure across cloud and on-prem environments . Strengthen Windows Server and network security configurations. … Lead efforts in vulnerability management and remediation , working closely with IT and security teams. Implement and maintain endpoint hardening policies through Microsoft Intune . Monitor and respond to network security events and incidents. Contribute to the continuous improvement of security posture, compliance, and best practices. Collaborate with internal teams to support ongoing infrastructure and security projects. Key Skills … environments. Strong understanding of network infrastructure (switching, routing, firewalls, VPNs). Experience securing Windows Server environments. Proficiency in network security principles , firewalls, and access control. Hands-on experience with vulnerability remediation tools and processes. Strong knowledge of endpoint hardening and management via Microsoft Intune . Familiarity with cloud networking and security (Azure, AWS, or equivalent) is desirable. Excellent More ❯

through mentorship, training, and clear performance frameworks. Execution & Delivery: Translate business and product goals into clear engineering OKRs, milestones, and sprint objectives. Ensure timely delivery of features, technical debt management, and continuous improvement of development velocity. Implement effective engineering processes, agile practices, sprint planning, retrospectives, and release cycles. Collaborate with Product Management to balance feature delivery with technical … health, security, and infrastructure priorities. Manage vendor relationships and oversee outsourcing or partner engagements when needed. Security, Compliance & Reliability: Lead the adoption of secure coding standards , vulnerability management, and security-by-design practices. Ensure compliance with relevant frameworks (ISO 27001, SOC 2, GDPR). Drive observability, monitoring, and incident response strategies to ensure reliability and uptime. Work closely … time data processing (Kafka, Spark, GraphDBs, etc.). Familiarity with AI/ML integration , large-scale data architecture, and analytics platforms is a strong plus. Strong communication and stakeholder management skills, able to work with executive leadership and external partners. Proven ability to deliver high-impact features in a start-up or growth-stage environment. Bachelor's or Master More ❯

Defender for Cloud. Guide project teams on remediation steps and ensure alignment with security best practices. Support WebOps activities including deployment and configuration of SIEM and CNAPP tools. Oversee vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring: Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for … Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor and ServiceNow integrations Proven ability to lead incident response and vulnerability remediation efforts Nice-to-Have Skills: Familiarity with multi-cloud environments (AWS, GCP) Experience in coordinating ITHC assessments and managing audit findings Knowledge of cloud architecture patterns and security … frameworks Strong communication and stakeholder management skills We Care About Our Employees' Happiness By providing: 25 days of Annual leave + an option to purchase more through our Flexible Benefits. Flex benefits system – exciting opportunity to choose your own benefits. Retail discounts. Pension - matching contribution up to 10%. Private Medical Scheme. Life Assurance. Opportunities to learn in Atos More ❯