176 to 200 of 335 Vulnerability Management Jobs in the UK

Ensure compliance with CR GR SSI 001, CR GR SSI 023, GS EP INS 135, and L2-OPS-17-001 across all assets. Incident Management: Review, investigate, mitigate, and resolve cybersecurity incidents, anomalies, and threats promptly. Cyber Security Road Map: Assist in delivering key activities and act as a … assessment reports. Solution Support: Roll out HQ security solutions, including administration and troubleshooting. Audits: Conduct site audits, recommend improvements, and track actions to completion. Vulnerability Management: Manage the industrial cybersecurity vulnerability process and ensure timely patching. Training: Develop and maintain industrial cybersecurity training materials and competence procedures. … REQUIREMENTS: Education: Relevant degree in Instrumentation and Controls, Computer Science, or Cyber Security. Experience: Prior relevant industry experience. Knowledge: Understanding of offshore operations, project management, and UK industry regulations. Expertise: In-depth understanding of IEC/ISA 62443 and OG-86. Management Skills: Experience managing contractors, vendors, and More ❯

Ensure compliance with CR GR SSI 001, CR GR SSI 023, GS EP INS 135, and L2-OPS-17-001 across all assets. Incident Management: Review, investigate, mitigate, and resolve cybersecurity incidents, anomalies, and threats promptly. Cyber Security Road Map: Assist in delivering key activities and act as a … assessment reports. Solution Support: Roll out HQ security solutions, including administration and troubleshooting. Audits: Conduct site audits, recommend improvements, and track actions to completion. Vulnerability Management: Manage the industrial cybersecurity vulnerability process and ensure timely patching. Training: Develop and maintain industrial cybersecurity training materials and competence procedures. … REQUIREMENTS: Education: Relevant degree in Instrumentation and Controls, Computer Science, or Cyber Security. Experience: Prior relevant industry experience. Knowledge: Understanding of offshore operations, project management, and UK industry regulations. Expertise: In-depth understanding of IEC/ISA 62443 and OG-86. Management Skills: Experience managing contractors, vendors, and More ❯

include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes … development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind. Risk Management and Compliance: Assist teams in ensuring that products and services are secure by design, align with the organisation's risk appetite, and comply with … the following: Threat modelling and risk assessments Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ) Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2) Working knowledge of cryptography including encryption, signing and digital certificates Principles More ❯

SOC SIEM tool. Focus on insider threat and Data Loss Prevention use case to demonstrate the process used by SOC analysts. Cyber Security Incident Management Plan (SIMP) - Develop the Cyber Incident Response Plan in line with NIST and SANS guidance and incorporating the wider teams. Create supporting documentation and … Review existing documentation for the SOC BCDR and develop process/plan that feeds into the wider process. Cyber Incident Investigation/Escalation - Reviewing vulnerability event channels and identifying issues for escalation to different teams. Training and development - Mentor existing SOC team and develop playbooks and training and development … and potential future requirements for this requirement: Strong knowledge of Cyber Security, with a focus on operational security, such as security monitoring and alerting, vulnerability management and incident response. Producing supporting security documentation in coordination with stakeholders. A good all-round knowledge of IT systems and Networking. Experienced More ❯

the organisation's security. Key accountabilities: Assurance and Testing: Develop and improve security policies and guidance related to security assurance testing. Coordinate and manage vulnerability assessments, penetration testing, and other technical evaluations. Collaborate with technology teams to implement robust security controls and provide guidance on remediation. Perform third-party … vendor risk assessments and report findings to relevant stakeholders. Risk Management: Conduct regular risk assessments to identify vulnerabilities and associated risks. Develop and implement risk mitigation strategies. Define and report key risk metrics for security assurance. Maintain a comprehensive risk register. Attack Surface Management: Collaborate on assurance initiatives … to identify, monitor, and reduce exposed vulnerabilities. Monitor the external threat landscape and integrate attack surface management capabilities. Security Governance and Compliance: Develop and maintain information security policies, standards, and procedures. Ensure compliance with legal, regulatory, and contractual obligations. Act as the primary liaison for assurance audits and external More ❯

templates, decisions, re-usable patterns, and security rationales. Technical Expertise Required: Strong understanding of enterprise security services including: Penetration testing Threat modelling Logging & monitoring Vulnerability management Incident response Excellent stakeholder engagement and communication skills. Solid documentation and governance capabilities. Proven ability to manage competing priorities across multiple teams. More ❯

Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware/EDR Software (Carbon Black, Microsoft Defender ATP, FireEye, CrowdStrike) Intrusion Detection/Prevention Systems (IDS/ More ❯

you must have: 10+ years of progressive experience in information security including technical leadership roles. Extensive experience with secure software development lifecycle, security testing, vulnerability management. Experience with cloud technologies (AWS, Azure), security testing and automation (SAST, DAST, SCA), and AI/ML technologies. Deep understanding of DevSecOps principles More ❯

Security Consultant you will work with the wider IT Security Team to support and maintain enterprise wide solutions. The Responsibilities Assist with security incident management and response activities General day-to-day support on managing and responding to security alerts from systems and end users Perform daily, weekly, and … standards including Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection Regulation Microsoft O365 Security solutions; Networking; Security operations; Vulnerability Management Security Auditing Good understanding of security testing principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks Experience of formal More ❯

phishing emails and other security events. Use Endpoint Detection and Response (EDR) tools to examine endpoint and respond to cyber threats and malware. Undertake vulnerability management including identifying and risk assessing vulnerabilities on any IT infrastructure. Reporting and tracking vulnerabilities through to mitigation. Conduct security administrator activities across … the Microsoft 365 stack including but not limited to configuration and change management of security tools. Be responsible for managing changes to security tools adhering to Persimmon IT change management policy. Conduct reviews of existing IT Infrastructure such as firewall ruleset reviews advising on where risks might exist. More ❯

ISO 27001:2022. Ensure that any business changes, acquisitions, or transformations are accounted for within the scope of certification, through proactive risk identification and management with IT assets owners. Development and championing all Information Security Policies, Procedures and relevant standards, and produce supporting documentation and training material to ensure … across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of … Three Lines of Defence Model and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we More ❯

specialising in designing, implementing and managing advanced security solutions. With expertise in SOC engineering tools and one of either Cloud Security, Identity and Access Management (IAM) or Threat Modelling, this role focuses on enhancing the security posture of organisations. The consultant will lead strategic security initiatives, collaborate with clients … Security, with a significant portion in a leadership role. A background in SOC engineering tools combined with expertise in either cloud security, Identity & Access Management or threat modelling. Proficiency in cloud platforms and services (AWS, Azure, GCP) with deep knowledge of native security tools. Hands-on experience designing and … implementing SIEM solutions in enterprise environments. Skilled in scripting and automation (e.g., Python, PowerShell) for security processes. Familiarity with tools for threat modelling, vulnerability management, and incident response. SIEM-specific certifications like Splunk Certified Architect, Sentinel Expert, or equivalent. IAM certifications (e.g., Okta Certified Consultant, SailPoint IdentityNow, or More ❯

specialising in designing, implementing and managing advanced security solutions. With expertise in SOC engineering tools and one of either Cloud Security, Identity and Access Management (IAM) or Threat Modelling, this role focuses on enhancing the security posture of organisations. The consultant will lead strategic security initiatives, collaborate with clients … Security, with a significant portion in a leadership role. A background in SOC engineering tools combined with expertise in either cloud security, Identity & Access Management or threat modelling. Proficiency in cloud platforms and services (AWS, Azure, GCP) with deep knowledge of native security tools. Hands-on experience designing and … implementing SIEM solutions in enterprise environments. Skilled in scripting and automation (e.g., Python, PowerShell) for security processes. Familiarity with tools for threat modelling, vulnerability management, and incident response. SIEM-specific certifications like Splunk Certified Architect, Sentinel Expert, or equivalent. IAM certifications (e.g., Okta Certified Consultant, SailPoint IdentityNow, or More ❯

across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of … Three Lines of Defence Model and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we More ❯

can make a genuine impact on customers' data security and business continuity, then keep reading. The role What you'll do here Azure Infrastructure Management Design, deploy, and manage scalable Azure-based infrastructure services, including IaaS, PaaS, networking and security components. Virtualisation VMware & Hyper-V Management of environments. … Compliance Implement and maintain infrastructure security policies and controls aligned with industry standards (e.g., ISO 27001, NIST, CIS). Collaborate with InfoSec teams on vulnerability management and risk mitigation. Infrastructure Automation & Optimisation Automate infrastructure deployment and configuration using tools such as PowerShell, ARM templates, or Terraform. Drive continuous More ❯

procedures for the University as well as managing, guiding and directing the Cyber Security Team. The role will establish and maintain effective governance, risk management and compliance frameworks for cyber security and oversee the delivery of cyber security services, including security operations, incident response, threat intelligence, vulnerability management, awareness and training. The role will regularly engage with internal and external stakeholders, including senior management, business units, customers, suppliers, regulators and law enforcement agencies. Whilst there is a need to be in Portsmouth a few days a week, hybrid working is available for this role. Interviews are More ❯

cyber threats, improved resilience and business continuity As a Cyber Security Engineer, you will have experience/knowledge of: Threat Monitoring and Incident response Vulnerability Management and Risk Assessments Third party & Supplier Chain Risk assessments Security Assurance & Compliance Security tools & System management including Sentinel & MS Defender Security More ❯

cyber threats, improved resilience and business continuity As a Cyber Security Engineer, you will have experience/knowledge of: Threat Monitoring and Incident response Vulnerability Management and Risk Assessments Third party & Supplier Chain Risk assessments Security Assurance & Compliance Security tools & System management including Sentinel & MS Defender Security More ❯

Design and manage security in the cloud, including AWS Control Tower, Azure, and MS O365. Conduct or coordinate regular security assessments, penetration tests, and vulnerability scans to identify and address potential vulnerabilities and weaknesses. Assist in investigating security breaches, incidents, and unauthorized access attempts, and develop and implement incident … and guide junior security engineers, sharing knowledge and best practices. Skills & Experience: 5+ years' experience in Security Engineering. Strong skills in PAM/IAM, vulnerability management, and cloud security. Knowledge of system hardening and network security protocols. Leadership and mentoring experience. Nice to have: CISSP, CEH, or CISM More ❯

of the things you'll be doing: Design and implement security measures to protect applications and infrastructure from vulnerabilities, attacks, and other risks. Perform vulnerability assessments, threat analysis, and incident response. Plan, scope and conduct Penetration Testing campaigns. Develop and integrate security requirements into the CI/CD pipelines. … or equivalent certification. Proficiency in programming or scripting languages, especially Python, and a solid understanding of the web stack and its components. Experience with vulnerability management tools, security scanners (e.g. Snyk, Qualys, Trivy, Dependabot, etc.), and secure systems configuration (e.g., firewalls, VPNs, IDS/IPS, WAF). DevSecOps More ❯

Age Services security posture and initiatives, ensuring the protection of information assets from internal and external threats. Develop, manage, and enhance the fraud risk management framework to minimize the department's exposure to fraud risks. Oversee the implementation, management, and proper utilization of security tools such as intrusion … detection systems, vulnerability management, anti-virus software, and data encryption. Assess and manage the identification and mitigation plans of existing and emerging security threats, vulnerabilities, and risks. Maintain awareness in information security technologies and fraud risk management methodologies, applying best practices and driving knowledge through Working Age More ❯

equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at executive level Full driving license & personal transport More ❯

one or more SEIM solutions, including Azure Sentinel Experience of oone or more EDR solutions such as Microsoft Defender or SentinelOne Experience with ISO2071 Vulnerability Management and Scanning tools; Tenable, Rapid7 or Qualys Good understanding of attacker tactics, techniques and procedures Experience using Mitre ATT&CK framework Strong More ❯

one or more SEIM solutions, including Azure Sentinel Experience of oone or more EDR solutions such as Microsoft Defender or SentinelOne Expeience with ISO2071 Vulnerability Management and Scanning tools; Tenable, Rapid7 or Qualys Good understanding of attacker tactics, techniques and procedures Experience using Mitre ATT&CK framework Strong More ❯

and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration More ❯