26 to 50 of 255 Vulnerability Management Jobs in the UK

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

experts and consultants related programmes. Principal Preferred Requirements: Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity Experience and understanding of both the roles and interlock between enterprise & solution architecture Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives Experience working in large-scale IT transformation programmes Identity & Access Management: Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault Experience of developing secrets management patterns and championing designs through architecture governance forums Experience of designing or implementing Workload Identity Frameworks within large More ❯

and governing foundational security controls within a global enterprise environment. You will act as a strategic advisor and technical authority, supporting the development and implementation of endpoint security practices, vulnerability management, asset control, and governance-aligned with the organisation's broader 2026 security strategy . This is an ideal opportunity for someone who may not see themselves as … ensuring controls are robust, scalable, and fit for the future. Translate technical and business needs into actionable security architecture guidance. Support governance and process standardisation across shadow IT , asset management , and vulnerability management . Drive cross-functional collaboration across architecture, engineering, and operational teams. Ideal Candidate Profile: Strong technical understanding of endpoint security , including hardening, tooling, and More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

run smoothly. What you'll be doing: Implementing and maintaining security controls across network, cloud, endpoints, and core infrastructure Owning key technologies like firewalls, SIEM, EDR, VPN, NAC, and vulnerability scanners Driving vulnerability management and hardening across the estate Supporting and responding to security incidents across infrastructure services Embedding security into infrastructure changes (firewall rules, access reviews … network security within a complex enterprise environment Solid knowledge of: Firewalls, VPN, IDS/IPS, network security controls Endpoint security (EDR, anti-malware, DLP) SIEM tools (e.g. Splunk, Sentinel) Vulnerability management (e.g. Qualys, Tenable) Cloud (Azure and/or AWS) Hands-on experience supporting or responding to security incidents Familiarity with frameworks such as ISO 27001, NIST, CIS More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

security is embedded across the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident … security engineering roles. Strong knowledge of security frameworks (ISO 27001, SOC2, NIST) and ability to apply them pragmatically in a start-up/scale-up. Hands-on experience with vulnerability management, SIEM/logging tools, and incident response. Demonstrated ability to lead risk assessments and implement effective mitigations. Excellent stakeholder communication skills, including board-level reporting. Comfortable operating More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

leading Quarterly Security Reviews and presenting clear business-focused risk assessments. Own security governance processes, ensuring compliance with frameworks such as Cyber Essentials, ISO27001, and NIST . Oversee patching, vulnerability management, and internal infrastructure security. Collaborate across service delivery, project, and account management teams to embed security consistently. Mentor and develop Security Analysts, ensuring certifications and knowledge … for C-level stakeholders. The ideal candidate will have: 5+ years in IT security or MSP environments . Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience in vulnerability management, patch governance, and cloud security (M365/Azure). Excellent communication skills with the ability to influence both technical teams and business leaders. (Desirable) Certifications such as More ❯

Role: Azure Cloud Security Engineer Specialism(s): Azure Cloud Security, Defender, Azure Security Administration, Security Alert Monitoring, ISO27001, CAF, Cyber Essentials, Cloud Network Security, Network Segmentation, Cisco, AZ-500, Vulnerability Management Type: Contract, Daily Rate Location: Remote (UK Only) Pay Rate: £500 - £625 per day IR35 Determination: Inside IR35 Start: ASAP/Urgent Duration: 3-6 Months (extension … on experience with Azure administration and governance * Deep knowledge of Microsoft Defender for Cloud and Cloud Security remediation * Experience of designing and implementing network segmentation and segregation * Knowledge of vulnerability management and threat intelligence tooling * Practical experience and understanding of cyber security frameworks (NCSC CAF, Cyber Essentials, ISO27001) * Excellent cloud and on-premise troubleshooting environments * Relevant Azure security More ❯

expertise. What You'll Do Serve as the Cyber Security Subject Matter Expert, advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme, with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across … evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability More ❯

to protect against evolving threats. What you'll do As part of a team of analysts, you'll be responsible for the overall day-to-day technical and operational management of cyber and information security within the University. This includes operating within a hybrid Security Operations Centre (SOC) model, leading the investigation and resolution of cyber security incidents, and … continuous monitoring across the University. Conduct proactive threat hunting activities to detect advanced threats and anomalous behaviour within the University's network, and provide solutions to support incident response, vulnerability management, and strategic security decisions. Collaborate with third-party providers to scope, coordinate, and review network security assessments, and ensure that findings and recommendations are effectively prioritised, communicated … documented and implemented to improve the University's security posture. Support the network vulnerability management process by identifying, assessing, and prioritising security vulnerabilities, and working with relevant teams and third parties to ensure timely remediation through patching, configuration changes, or other appropriate fixes. Design, implement, and support technical security controls to defend University network systems against security threats More ❯

Cisco technologies, to protect against evolving threats. What youll do - As part of a team of analysts, youll be responsible for the overall day-to-day technical and operational management of cyber and information security within the University. This includes operating within a hybrid Security Operations Centre (SOC) model, leading the investigation and resolution of cybersecurity incidents, and co … continuous monitoring across the University. - Conduct proactive threat hunting activities to detect advanced threats and anomalous behaviour within the University's network, and provide solutions to support incident response, vulnerability management, and strategic security decisions. - Collaborate with third-party providers to scope, co-ordinate, and review network security assessments, and ensure that findings and recommendations are effectively prioritised … communicated, documented and implemented to improve the Universitys security posture. - Support the network vulnerability management process by identifying, assessing, and prioritising security vulnerabilities, and working with relevant teams and third parties to ensure timely remediation through patching, configuration changes, or other appropriate fixes. - Design, implement, and support technical security controls to defend University network systems against security threats More ❯

Cisco technologies, to protect against evolving threats. What youll do - As part of a team of analysts, youll be responsible for the overall day-to-day technical and operational management of cyber and information security within the University. This includes operating within a hybrid Security Operations Centre (SOC) model, leading the investigation and resolution of cybersecurity incidents, and co … continuous monitoring across the University. - Conduct proactive threat hunting activities to detect advanced threats and anomalous behaviour within the University's network, and provide solutions to support incident response, vulnerability management, and strategic security decisions. - Collaborate with third-party providers to scope, co-ordinate, and review network security assessments, and ensure that findings and recommendations are effectively prioritised … communicated, documented and implemented to improve the Universitys security posture. - Support the network vulnerability management process by identifying, assessing, and prioritising security vulnerabilities, and working with relevant teams and third parties to ensure timely remediation through patching, configuration changes, or other appropriate fixes. - Design, implement, and support technical security controls to defend University network systems against security threats More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

day infrastructure and security operations across our hybrid environment. In addition, you'll also take ownership for the delivery of key governance activities including risk assessments, audits, compliance checks, vulnerability management and cyber incident response. Working closely with the Head of IT, you'll support the development of long-term plans while taking full ownership of technical delivery. … Azure (IaaS, PaaS, networking, storage, compute, security and monitoring) Networking technologies (firewalls, VPNs, LAN/WAN, DNS/DHCP, TCP/IP, virtualisation) Enterprise security tools (SIEM, endpoint protection, vulnerability management, XDR, MDM, IDPS) Backup, replication and disaster recovery solutions Microsoft services such as Windows Server, Intune, Autopilot, Entra ID, Defender, Exchange and SharePoint You'll have proven More ❯