26 to 50 of 276 Vulnerability Management Jobs in the UK

Vulnerability Management & Penetration Testing Specialist Hands on technical specialist role, the chance to spearhead a technical red team operation. Working Hybrid within one of the most innovative and fastest growing technological companies in the country in the West Midlands. £80,000 p/a + 15% bonus and car scheme. Perfect for candidates that like a challenge and … is a chance to be a pivotal part of that process. What will you be doing? You will be responsible for both being the technical go to person for vulnerability management on the clients applications, as well as being able to talk this through with your peers both technical and non-technical. This is a big multi discipline … needed. You will bring your Cyber Security and InfoSec knowledge to a point and spearhead a new 'red team' function by being the go to for penetration testing and vulnerability management. What do you need? Hands on vulnerability testing and evaluations, as well as the 'hands off' ability to discuss this with peers. PCI DSS Pen testing specialist More ❯

Vulnerability Management & Penetration Testing Specialist Hands on technical specialist role, the chance to spearhead a technical red team operation. Working Hybrid within one of the most innovative and fastest growing technological companies in the country in the West Midlands. £80,000 p/a + 15% bonus and car scheme. Perfect for candidates that like a challenge and … is a chance to be a pivotal part of that process. What will you be doing? You will be responsible for both being the technical go to person for vulnerability management on the clients applications, as well as being able to talk this through with your peers both technical and non-technical. This is a big multi discipline … needed. You will bring your Cyber Security and InfoSec knowledge to a point and spearhead a new ‘red team’ function by being the go to for penetration testing and vulnerability management. What do you need? Hands on vulnerability testing and evaluations, as well as the ‘hands off’ ability to discuss this with peers. PCI DSS Pen testing specialist More ❯

multi-skilled 24/7 Infra Operations team organised by function and focussed on supporting continual improvement. The teams are divided into four core areas providing technical and service management expertise: Hosting Cloud centre of excellence Connectivity Central capabilities RRP (Recruitment and Retention Premia) The post of Technical Consultant has been awarded a Recruitment and Retention Premia (RRP) in … attracts an additional monthly RRP payment equal to 13% per annum. Main duties of the job The Technical Consultant band 7 will work closely with the Technical Operations Manager (Vulnerability and Risk Management) to reduce the overall risk and threat landscape of the NHS England Infrastructure Services estate. This will include but not be limited to: Undertaking patching … and tooling to increase the speed and efficacy of patching Work with the IT Ops team to address data quality shortfalls Work across Directorates to develop reporting capabilities from Vulnerability Management tooling. The Vulnerability and Patch Management team is a sub-team, embedded within the Infrastructure Services pillar, working closely with the IT Operations team. The More ❯

SOC Analyst - CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall A global law firm client we work with are currently looking to take on a new SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) on a permanent basis. The firm are currently undergoing a significant transformation and expansion across the … deal of trust, autonomy and ownership with a very anti-micromanage managerial structure in place. To be considered for this SOC Analyst (CISSP, ISC2 SCCP, Palo Alto, Threat Detection, Vulnerability Management, Firewall) role, it's ideal you meet one of the following criteria: Work Experience Based Criteria 5+ Years of Working Experience in Cybersecurity or Related Field [Preferred More ❯

sharing through team briefings and technical exchanges Scope of Impact The Senior Security Infrastructure Engineer leads technical implementation and governance across: Enterprise infrastructure and network security Identity and access management Endpoint and virtualisation security Monitoring, detection, and vulnerability remediation You will evaluate alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure … and implement endpoint security solutions including EDR, anti-malware, and DLP. Monitoring & Threat Detection Operate and optimise SIEM tools (Splunk, Microsoft Sentinel) for proactive threat detection and incident response. Vulnerability Management Perform vulnerability assessments using Qualys and Tenable, driving remediation and continuous improvement. Compliance & Governance Align security controls with frameworks such as ISO 27001, NIST, CIS, and … knowledge of Microsoft technologies (Windows Server/Desktop, Active Directory, Group Policies). Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials). Excellent problem-solving skills and ability to work under pressure. Strong communication More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Proven experience leading cyber security More ❯

and maintain the organization's information security strategy, policies, standards, and procedures in alignment with business objectives and regulatory requirements. Lead the development and implementation of an Information Security Management System (ISMS), based on ISO 27001 Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate mitigation strategies. Stay up-to-date with the latest cybersecurity threats, trends, technologies … Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. Lead and manage security incident response … ensure security is embedded in the design, implementation, and maintenance of all IT infrastructure, including cloud environments (e.g., Azure, AWS, GCP), networks, servers, and endpoints. Manage access controls, identity management (e.g., Entra ID/Azure AD), and privileged access management (PAM) systems. Manage access control processes to 3rd party applications, and 3rd party relations. Oversee the patching and More ❯

Security Operations and Governance Oversee SOC operations ensuring timely threat detection, response, and resolution Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery Oversee secure … configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances Maintain and evolve security policies, standards, and control frameworks Lead audit preparation, evidence collection, and control testing for certifications and partner reviews Collaboration and Culture Build strong … partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices Provide input on vendor assessments and third-party risk management Promote a culture of security awareness through training, phishing simulations, and education programs Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement Key Skills Key Skills Proven experience leading More ❯

and access across the enterprise. Endpoint Control Configure endpoint security solutions including EDR, anti-malware (Defender), and DLP. Application Deployment Deploy applications for on-premises and cloud (Intune) solutions. Vulnerability Management Perform vulnerability assessments using Tenable, driving remediation and continuous improvement. Cloud Infrastructure Design, execution and optimisation of technical platforms & services including Azure services, Intune and MDM … technologies (Windows Server/Desktop, Active Directory, Group Policies, WSUS, Certification Authority). Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials). Excellent problem-solving skills and ability to work under pressure. Strong communication More ❯

experts and consultants related programmes. Principal Preferred Requirements Cybersecurity Expertise: • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level • Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity • Experience and understanding of both the roles and interlock between enterprise & solution architecture • Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives • Experience working in large-scale IT transformation programmes Identity & Access Management • Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault • Experience of developing secrets management patterns and championing designs through architecture governance forums • Experience of designing or implementing Workload Identity Frameworks within large More ❯

East and Africa, Asia and Oceania, and East Asia The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.As one of the top financial groups globally with a vison to be the world's most trusted, we want to attract, nurture and retain the most talented … and MUFG Americas Holdings.Please visit our website for more information - Security department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting Head Office Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department supports and monitors security solutions such as virus protection … vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.Main Purpose of the Role :We are seeking a highly skilled Privileged Access Management (PAM) Lead with deep expertise in CyberArk to drive the strategy, implementation, and continuous improvement of our enterprise PAM program. The ideal candidate will possess strong technical leadership, hands-on More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

key role in supporting the delivery of the Government Cyber Security Strategy by coordinating and providing centralised cyber services to public sector organisations. These services help strengthen resilience, improve vulnerability management, and enhance the security of core internet services such as DNS, email and web. Role Overview As a Senior Business Analyst , you will support the design, improvement … improvements that enhance service performance and security. Key Responsibilities Engage with public sector organisations to understand cyber security services and challenges Model current processes, systems and data, particularly around vulnerability management Share analysis and findings with service owners and project teams Identify opportunities for improvement across processes and services Work closely with User Researchers and Service Designers to … across organisational boundaries Skills & Experience Required Aligned to the Senior Business Analyst role level in the Government Digital & Data Profession Framework: Strong practitioner-level experience in business modelling, requirements management, stakeholder management, process improvement and problem analysis Proven ability to analyse business problems across multiple organisations or business units Experience developing complex models to support solution development Ability More ❯

role for someone who enjoys implementing business-appropriate structure & process improvement, whilst balancing strategic problem-solving. Key Responsibilities Security Lead and manage customer questionnaires and client audits Oversight of vulnerability management and ensure remediation across environments is in line with company policy Oversight of applicable SIEM and monitoring process to ensure that security response is in line with … enable transparent, informed decision-making Coordinate external audit processes, including ISO 27001, ISO9001 Oversight of the asset register for all customer environments to support audits and effective control Risk Management Manage project compliance risks (including privacy, compliance and security risks), proactively identifying issues before they escalate Assess and mitigate third-party and supply chain security risks, ensuring partners meet … robust standards in line with company policy Oversight of change management processes, ensuring major software or infrastructure changes are performed in line with company policy Partner with business units to embed risk management into day-to-day decision-making Maintaining the Risk Register, tracking remediation tasks and preparing risk reports Customer Engagement Serve as the internal point of More ❯

You will ensure robust, efficient and globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line … with regional regulation and to support the management of cyber incidents. It is essential the individual who will fill this role has prior management experience, has supported building security teams previously and has knowledge around their responsibility at this level to report incidents and security concerns within regulatory timelines and standards. About the role Within this role, you … will have been supporting the Group CISO by managing the security team and programmes of work in your responsibility area. You will be responsible for the management of any global Cyber Incidents by supporting the CISO team. Additionally, you will be: Working collaboratively with the SOC to ensure 24/7 visibility and threat detection across global environments, driving More ❯

s Network Segmentation capability. Operational Excellence and Governance Regulatory and Security Compliance: Ensure network segmentation initiatives comply with regulatory, operational, and security standards, adhering to HSBC's Operational Risk Management Framework. Governance and Risk Management: Oversee governance mechanisms to evaluate, review, and implement network segmentation solutions. Proactively identify, monitor, and manage risks, ensuring alignment with architectural principles. Continuous … segmentation in hybrid environments. Security Zones and Policies: Understanding of security zones, VLANs, subnets, and firewall policies to design and enforce segmentation across large scale networks. Threat Modelling and Vulnerability Management: Expertise in threat modelling and vulnerability management practices to safeguard critical assets and infrastructure. Cloud Security and Development: Understanding of cloud environments (e.g., AWS, GCP More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

engineering teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement: Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management: Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation … Hands-on experience with secure CI/CD practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and More ❯

Oracle Cloud Infrastructure The Oracle Threat and Vulnerability Management (TVM) team proactively identifies, assesses, prioritizes, and relentlessly drives the remediation of security weaknesses and vulnerabilities at scale across the total enterprise. The TVM team performs security assessments, vulnerability research, guides and advises mitigation strategies, and coordinates the response to zero-day and other urgent vulnerabilities. We ensure … as that of their team, and has previous experience working in the cloud or hardware industry. This role is for a hands-on leader to drive day-to-day vulnerability assessments, deviation reviews, and remediation activities across cloud and non-cloud environments. Responsibilities Leading a diverse set of personalities and talent Understanding the importance of a healthy and supportive … from the most technical operator to senior leadership Maintain awareness of known vulnerabilities and work towards applying appropriate mitigations Guide and mentor security analysts and engineers as they perform vulnerability assessments Provide direction and advice on emerging threats, weaknesses, and security practices that may impact the security posture of Oracle Manage and lead the performance of vulnerability assessments More ❯

defences across both on-prem and cloud environments (cloud being a key area of focus) Implementing, configuring, and regularly updating a wide range of security toolsets including EDR, SIEM, vulnerability management, IAM, and cloud security solutions Collaborating closely with IT, Development, and third-party teams to embed security into all aspects of our operations Conducting regular risk assessments … vulnerability scans, and open-source intelligence (OSINT) investigations Monitoring emerging threats, including zero-day vulnerabilities and newly published CVEs, and evaluating their relevance and impact Investigating and responding to security incidents, identifying root causes, and driving continuous improvements Shaping and delivering engaging security awareness training across the business Advising on the security implications of new technologies and contributing to … explain complex technical issues to both technical and non-technical audiences Hands-on experience configuring and managing tools in the cloud security space Experience working with Identity and Access Management (IAM) solutions, including previous configuration work Proficiency in the day-to-day management and monitoring of Endpoint Detection and Response (EDR) tooling Experience with vulnerability management More ❯

aspect of your role will cover the 3rd line support of enterprise services delivered to Virgin Money internal and external customers hosted on Windows Server Physical and Virtual Infrastructure. Vulnerability Management, Security update scheduling, and deployment of updates to the Windows server estate is a key part of the role, so experience in this area is expected. Alongside … On-call rota duties 24/7 cover We need you to have... Experience in IT security, system administration, or a similar role with a focus on security patch management and system upgrades Demonstrated experience in scripting and automation (e.g., PowerShell, Python) to streamline patching and upgrade processes. Experience supporting Windows Server Operating System (Install, Configure, Manage) Experience supporting … Active Directory (Install, Configure, Manage) Experience of support and management of Windows Networking Technologies (DNS, TCP/IP, DHCP) Demonstrated experience using MS Failover Clustering (Install, Configure, Manage) Management and experience administering Infoblox Management and experience administering VMWare including upgrades and patching Demonstrated experience administering SCCM (Install, Configure, Manage) & SCOM Experience supporting McAfee ePO Experience supporting Trend More ❯

the Head of Cyber and IT will manage cloud infrastructure to ensure availability, scalability, and performance. The role also involves ensuring compliance with security standards, leading incident response and vulnerability management, and overseeing internal IT support and enterprise system administration. Additionally, the position requires building and leading a scalable team, aligning with DevOps on infrastructure maturity and security … cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and antivirus platforms. Secure and implement policies and procedures for disaster recovery and business continuity. Work with the CTO and … the rest of the executive team to embed security into all operations (DevSecOps). IT Management Lead internal IT support, device management, enterprise system administration and SaaS tooling. Manage identity and access controls (IAM), endpoint security, and network infrastructure (including physical and virtual servers and storage systems). Find, implement, and operationalize hardware environment improvements through a continual More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯

lead on: Driving the use of Azure Cloud based security tools such as Defender and Sentinel Configure and manage alerts through Defender First and second line security operations, including vulnerability management Investigating and responding to security incidents Ensuring policies and procedures remain aligned to industry best practice Promoting security awareness and education throughout the organisation particularly in relation … Azure Cyber Security Analyst: Azure environment - Essential Defender and Sentinel commercial experience - Essential Proven experience in a security-focused role, ideally across several of the following areas: security operations, vulnerability management, security assurance, risk management, or project consultancy A clear enthusiasm for cybersecurity, with a proactive attitude and eagerness to learn Solid understanding of risk assessment frameworks More ❯