126 to 150 of 339 Vulnerability Management Jobs in the UK

Shape and implement a comprehensive IT security roadmap that aligns with ZOE's business goals, covering everything from endpoint security and identity/access management to DLP (Data Loss Prevention) and logging/monitoring . Drive security programs around OS and application patch management , disk encryption , and local … admin privilege management , ensuring corporate devices and contractor/BYOD setups meet compliance and security standards. Assess, mitigate, and manage security risks across our SaaS ecosystem (over 100 apps), corporate IT systems, and infrastructure. Lead projects such as domain registration migrations , centralised logging/SIEM setup, and endpoint protection … rollouts. Develop and enforce security policies and frameworks , covering identity and access management, incident response , vendor security reviews, and data handling. Drive automation and adopt Infrastructure-as-Code (IaC) patterns to ensure security controls and configurations are repeatable, consistent, and easily deployed across our endpoints and cloud resources. Lead More ❯

risk, ensuring compliance with regulatory requirements, and maintaining corporate controls. This role will be primarily responsible for leading efforts related to third-party risk management, client due diligence, awareness training, and regulatory compliance. The ideal candidate will have a strong grasp of cybersecurity threats and hands-on experience. Key … Responsibilities Governance Risk and Compliance Advise project teams, application owners, infrastructure services, and other IT teams on information security controls, such as access management, incident handling, business continuity, system development lifecycle, threat and vulnerability management, and data protection. Identify and manage risks and vulnerabilities, providing strategic mitigation … recommendations. Continuously improve policies and procedures related to controls and operational processes. Develop and deliver precise and timely metrics and reports. Third-Party Risk Management: Conduct risk assessments of new and existing third-party vendors to ensure compliance with company policies and regulatory requirements. This includes reviewing security controls More ❯

risk, ensuring compliance with regulatory requirements, and maintaining corporate controls. This role will be primarily responsible for leading efforts related to third-party risk management, client due diligence, awareness training, and regulatory compliance. The ideal candidate will have a strong grasp of cybersecurity threats and hands-on experience. Key … Responsibilities Governance Risk and Compliance Advise project teams, application owners, infrastructure services, and other IT teams on information security controls, such as access management, incident handling, business continuity, system development lifecycle, threat and vulnerability management, and data protection. Identify and manage risks and vulnerabilities, providing strategic mitigation … recommendations. Continuously improve policies and procedures related to controls and operational processes. Develop and deliver precise and timely metrics and reports. Third-Party Risk Management: Conduct risk assessments of new and existing third-party vendors to ensure compliance with company policies and regulatory requirements. This includes reviewing security controls More ❯

to market' propositions and service offerings. Leading in the development and presentation of compelling client proposals collaborating with teams across our business. Strong stakeholder management and relationship building skills at senior levels that will enable consensus building in the shaping of secure client solutions Shaping, leading and delivering value … engagements. Providing security expertise across security standards and accreditations, measure and control the effectiveness of the security controls framework and maintain the Information Security Management System. Deriving and delivering documented Information Security Management Plans which incorporate Regulatory, Legal and Compliance in relation to applicable security policies. Standards and … identification of identified risks and emerging cyber security vulnerabilities and threats. The subsequent analysis to quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify/evidence appropriate compliance and security KPIs Work closely with 1st More ❯

controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures. Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA's outsourcing requirements …/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise … on vulnerability management , endpoint security (EDR/XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and More ❯

from Michelin to Roche to Blue Yonder and beyond, offering unmatched control over APIs and event streams. Our rapid growth and leadership in API management are fueled by our team's commitment to excellence and our core values: Passion : We bring excitement to everything we do, constantly innovating to … needs of our team and customers. Join us on this journey. Be part of a team that's redefining what's possible in API management, and shaping the future of digital transformation. The possibilities are endless-be a part of the revolution! THE ROLE & WHY IT EXISTS Gravitee.io is … cases Being innovative within the team and with customer to help improve processes and tools ESSENTIAL SKILLS 3+ years of professional experience in infrastructure management You are fluent with creating and managing Kubernetes clusters and Helm based deployments You understand the value of infrastructure and deployment automation You like More ❯

Responsibilities: Implement and manage security tools and technologies: Deploy and manage security solutions such as Microsoft Sentinel for SIEM and Tanium for Threat and Vulnerability Management (TVM). Conduct security assessments and vulnerability scans: Regularly assess the security posture of applications and infrastructure, identifying and mitigating vulnerabilities. More ❯

across various platforms. The consultant will play a critical role in evaluating and strengthening our clients' cybersecurity postures by conducting in-depth security assessments, vulnerability analysis, and developing comprehensive security strategies. RESPONSIBILITIES Conduct comprehensive penetration tests, vulnerability assessments, and security audits to identify risks and ensure compliance with … develop, document, and implement security policies, standards, and guidelines aligned with industry standards (e.g., ISO 27001, NIST). Assist in the deployment, configuration, and management of security infrastructure and technologies, including firewalls, intrusion detection/prevention systems, and secure network architectures. Provide guidance and support on Azure security practices … including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such as Metasploit More ❯

controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements …/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise … on vulnerability management , endpoint security (EDR/XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and More ❯

controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements …/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation. Risk Management: Maintain the enterprise risk register , prioritizing risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise … on vulnerability management , endpoint security (EDR/XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and More ❯

Operational Technology Vulnerability Analyst - Hyrbid - Permanent We're working with a market leader in the UK's energy transition who is on a mission to deliver a zero-emission future—and they need a Vulnerability Analyst like you to help protect it. As a Vulnerability Analyst, you … in a regulated critical infrastructure environment where your insights will directly impact the company — from cloud infrastructure to industrial control systems. Key Responsibilities: Conduct vulnerability assessments across OT systems, networks, and assets. Evaluate and prioritise risks specific to industrial control systems (ICS), SCADA, and other OT environments. Collaborate with … and cybersecurity teams to mitigate vulnerabilities and drive remediation. Maintain awareness of emerging OT threats, vulnerabilities, and attack vectors. Assist in developing and enhancing vulnerability management processes and tooling tailored for OT environments. Qualifications: Experience performing vulnerability assessments in Operational Technology or industrial environments. Familiarity with OT More ❯

opportunity to engage in various projects across a large and complex organisation. The ideal candidate will have a strong background in IT security, risk management, and regulatory compliance, with the ability to develop and implement effective strategies aligned with Global Policies and Standards. This role is crucial in protecting … regular assessments and audits to ensure compliance. Support IT demand processes for new solutions, assurance evidence, and documentation. Manage and improve the IT risk management framework for the UK & Ireland. Oversee the Information Security Management System and support security policies, vulnerability management, and incident responses. Manage … review contractual security schedules, and support the commercial team during the bid process. Professional and Personal Competencies/Qualifications: Extensive experience leading IT risk management and compliance within a complex global organisation. Strong knowledge of IT regulations, standards, and best practices. Strong knowledge of IT General Controls and Information More ❯

will do: Design and implement robust, forward-thinking security strategies, policies, and procedures to safeguard our systems, networks, and data. Lead regular security assessments, vulnerability scans, and penetration tests to identify risks and deploy effective remediation measures. Monitor systems, networks, and logs for any signs of security incidents or … preferably in a data-heavy environment. Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, antivirus, encryption, and vulnerability assessment tools. You own relevant certifications (Security+, IAT II/III level or similar). You excel in risk assessments, vulnerability management More ❯

About Us FlexTrade Systems is a provider of customized multi-asset execution and order management trading solutions for buy- and sell-side financial institutions. Through deep client partnerships with some of the world's largest, most complex and demanding capital markets firms, we develop the flexible tools, technology and … information assets. Design, deploy, and manage security solutions, including PAM/IAM, intrusion detection/prevention systems, endpoint protection, data loss prevention, encryption, and vulnerability management tools. Design and manage security in the cloud, including AWS Control Tower, Azure, and Microsoft O365. Conduct or coordinate regular security assessments … penetration tests, and vulnerability scans to identify and address potential vulnerabilities and weaknesses. Create policies and procedures regarding security logs and alerts. Assist in investigating security breaches, incidents, and unauthorized access attempts, and develop and implement incident response plans. Collaborate with cross-functional teams to ensure security requirements are More ❯

Act as a key liaison between internal stakeholders, managed service providers, and external vendors to ensure operational continuity and alignment with business objectives. Infrastructure Management Oversee the day-to-day performance and availability of core infrastructure systems, including networks, servers, storage, and cloud services. Monitor infrastructure platforms proactively to … units. Service Operations & Technical Support Provide third-line support across infrastructure layers, supporting internal users and IT service desk teams. Maintain and enforce access management protocols for infrastructure components and enterprise applications. Lead incident resolution efforts involving infrastructure systems, ensuring timely escalation to third-party experts when required. Vendor … enhance Microsoft 365 security posture across the organization. Manage the configuration and policy enforcement of Microsoft Intune, including compliance and device security baselines. Oversee vulnerability management and endpoint patching activities in partnership with external security consultancies. Administer firewall configurations and ensure consistent deployment across all locations and platforms. More ❯

and creating investment/programme plans to uplift their capabilities to appropriate levels. The role also encompasses traditional cyber security functions, such as incident management, and a focus on developing common group cyber services for consistency and efficiency. Key Competencies: Interpersonal Skills: Demonstrates a strong ability to build and … Assess TOC cyber security maturity, identify gaps, and develop/oversee implementation of tailored uplift programmes. Develop core cyber capabilities: Including robust cyber incident management (with executive reporting) and comprehensive threat intelligence/vulnerability management programs as key priorities. Group Cyber Services & Technology: Develop, promote and implement … and TOC compliance with relevant UK regulations (GDPR, NIS) and establish effective governance. Act as a key interface to audit and risk functions. Stakeholder Management & Communication: Engage and communicate effectively with key stakeholders, including executive leadership and TOCs. Knowledge, Skills, Experience & Technical Qualifications Cyber Security Strategy & Risk Management More ❯

ensuring key support functions are delivered in a smart, flexible and holistic manner to ensure the business continues to operate safely and securely. Support vulnerability management activities such as vulnerability assessments and security control assessments. Support the maintenance of the programme Information Security Management System (ISO27001 … . Support the Information Security Manager to deliver Information Security best practices across the programme. Create and maintain high quality security documentation, such as vulnerability and control assessment reports. This role is full time, 37 hours per week and provides hybrid working arrangements with 2 days in the office More ❯

ensuring key support functions are delivered in a smart, flexible and holistic manner to ensure the business continues to operate safely and securely. Support vulnerability management activities such as vulnerability assessments and security control assessments. Support the maintenance of the programme Information Security Management System (ISO27001 … . Support the Information Security Manager to deliver Information Security best practices across the programme. Create and maintain high quality security documentation, such as vulnerability and control assessment reports. This role is full time, 37 hours per week and provides hybrid working arrangements with 2 days in the office More ❯

ensuring key support functions are delivered in a smart, flexible and holistic manner to ensure the business continues to operate safely and securely. Support vulnerability management activities such as vulnerability assessments and security control assessments. Support the maintenance of the programme Information Security Management System (ISO27001 … . Support the Information Security Manager to deliver Information Security best practices across the programme. Create and maintain high quality security documentation, such as vulnerability and control assessment reports. This role is full time, 37 hours per week and provides hybrid working arrangements with 2 days in the office More ❯

testing into Agile development workflows and DevSecOps pipelines. As a Security Testing Engineer , you will conduct static and dynamic security assessments, penetration testing, and vulnerability analysis , ensuring that applications meet the highest security standards. Key Responsibilities 1. Security Test Planning & Execution Develop, implement, and execute comprehensive security test plans … Access Control), MFA (Multi-Factor Authentication), and API security mechanisms . Ensure compliance with GDPR, ISO 27001, and NCSC Cyber Essentials security standards. 3. Vulnerability Management & Defect Tracking Identify, document, and track security defects, working closely with development teams to resolve vulnerabilities . Provide detailed security test reports … and conduct penetration testing on applications and infrastructure. Knowledge of database security testing , including writing security-focused SQL queries. Familiarity with identity and access management (IAM), RBAC, MFA, JWT authentication, and OAuth 2.0 security mechanisms . Strong risk assessment, problem-solving, and communication skills . Awareness of UK government More ❯

the creation and refinement of security monitoring rules, techniques and processes. Proactively hunt for evidence of threats or compromise using all available tools. Incident Management Investigate and resolve escalated security incidents both independently and by leading a team of SOC colleagues. Ensure the defined playbooks are followed correctly, and … accurate logs are made of all actions during incident response. Support and mentor colleagues with best-practice incident management techniques and behaviours. Perform root cause analysis, recommend process improvements, and write final post-incident reports. Project Delivery Take part in the team's project delivery initiative, rotating between the … following roles on a 1-3 monthly schedule: Vulnerability Management - maintain regular scans, interpret results, identify asset owners, track remediation activities and report on the agreed SLAs. Security Controls Administration - maintain availability and functionality of all security controls; implement new and advanced features where available; write technical documentation More ❯

for security breaches, and responding to incidents. They also work to educate employees on best practices for information security. Main Responsibilities Security Implementation and Management Deploy and optimise security solutions to safeguard IT services and infrastructure. Lead security assessments including vulnerability testing and risk analysis to identify and … and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. Oversee operational security processes with tools like SIEM, EDR, and Vulnerability Management, continuously enhancing capabilities. Network and System Security Manage advanced security tools such as firewalls and IDS/IPS to protect network integrity. … organisation. Cloud and Application Security Enhance the security of cloud services (SaaS, PaaS, IaaS) and enterprise applications through advanced security measures and identity access management (IAM). Education & Competencies University Degree or equivalent preferred A minimum of 3 years' experience in a similar role. Strong and demonstrable experience of More ❯

for security breaches, and responding to incidents. They also work to educate employees on best practices for information security. Main Responsibilities Security Implementation and Management Deploy and optimise security solutions to safeguard IT services and infrastructure. Lead security assessments including vulnerability testing and risk analysis to identify and … and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. Oversee operational security processes with tools like SIEM, EDR, and Vulnerability Management, continuously enhancing capabilities. Network and System Security Manage advanced security tools such as firewalls and IDS/IPS to protect network integrity. … organisation. Cloud and Application Security Enhance the security of cloud services (SaaS, PaaS, IaaS) and enterprise applications through advanced security measures and identity access management (IAM). Education & Competencies University Degree or equivalent preferred A minimum of 3 years' experience in a similar role. Strong and demonstrable experience of More ❯

Windows Operating Systems (Server 2012 to 2022 & Windows 7 to 11) Linux Operating Systems On-Premise Active Directory Networking - Cisco/Fortigate Penetration Testing & Vulnerability Management Applications Cloud based Web Proxy Anti-virus/Anti-malware tooling Disk/Data Encryption About You The right candidate for this … be working towards a Cyber Security Certification. Understanding of Compliance Frameworks and Cyber Security Certifications (ie. NIST or Cyber Security Essentials). Knowledge of vulnerability databases (ie. NIST/CVSS). Experience operating within the ITIL Framework. Experience using Vulnerability & Compliance scanning tooling. Experience using Code Security scanning More ❯

Windows Operating Systems (Server 2012 to 2022 & Windows 7 to 11) Linux Operating Systems On-Premise Active Directory Networking - Cisco/Fortigate Penetration Testing & Vulnerability Management Applications Cloud based Web Proxy Anti-virus/Anti-malware tooling Disk/Data Encryption About You The right candidate for this … be working towards a Cyber Security Certification. Understanding of Compliance Frameworks and Cyber Security Certifications (ie. NIST or Cyber Security Essentials). Knowledge of vulnerability databases (ie. NIST/CVSS). Experience operating within the ITIL Framework. Experience using Vulnerability & Compliance scanning tooling. Experience using Code Security scanning More ❯