51 to 75 of 387 Vulnerability Management Jobs in the UK

and wider business goals Build and implement policies, procedures, and board-level metrics to support the strategy Lead on the development and maturity of the organisation’s Cyber Risk Management Framework Drive a security-aware culture across departments through training, communication, and engagement Operational Security Oversight Support architectural decisions and strengthen the company’s threat modelling approach Lead incident … response efforts and run simulations, red team exercises, and readiness activities Conduct proactive assessments of emerging threats and implement mitigation strategies Oversee vulnerability management across a hybrid cloud estate Manage security tooling and third-party SOC relationships Assess new technologies from a security standpoint, including AI initiatives Provide support to commercial teams with security input for tenders, bids … response and security operations Familiarity with compliance standards such as ISO 27001, SOC 2, HIPAA, GDPR Excellent communication skills; able to influence both technical and non-technical stakeholders Project management capabilities and experience delivering key security initiatives More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and more. Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The Role We … ability to work collaboratively with clients and internal teams. Key Responsibilities Design, implement, and maintain security solutions to protect networks, applications, and data. Conduct security assessments, penetration testing, and vulnerability management. Monitor and respond to security incidents, ensuring swift mitigation and resolution. Develop and enforce security policies, procedures, and best practices. Perform security audits and risk assessments to identify … alignment with industry standards and regulations. Requirements Proven experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for More ❯

assurance standards. Lead the Cybersecurity function, managing people, processes, and tools while ensuring the business is "Secure by Design." Identify and remediate Cyber risks across the organisation, focusing on vulnerability management for all Oritain assets. Your Day-to-Day Responsibilities Leadership & Strategy Lead the Cybersecurity team and assure the CIO, ELT, and board that Oritain's systems and … penetration tests, running audits, and managing automated scans like SCA, SAST, and DAST. Maintain a strong Cloud Security Posture by continuously improving infrastructure, processes, and policies. Risk & Compliance Own vulnerability and threat management, identify risks and work with stakeholders to ensure swift and effective remediation. Ensure ongoing compliance with industry standards such as ISO27001, NIST, Cyber Essentials Plus … with a demonstrated ability to work across teams and integrate security into processes. Extensive Microsoft Azure Knowledge: Proven expertise in securing Azure environments, including: Serverless functions, Blob Storage, API Management, Cosmos DB, and SQL and Cloud networking architecture: VNets, application gateways, private and service endpoints, and firewalls. Secure Software Development: Deep experience implementing effective secure coding practices (e.g., OWASP More ❯

Work for an award-winning provider of Security Services, specialising in Cyber Security Services such as Vulnerability Management, Information Security, Penetration Testing, and Managed Security Services. We boast a fully managed Security Operations Centre (SOC) staffed by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise More ❯

on brainstorming, designing, building, deploying, and managing cloud-native security Collaborate with Product and Engineering to ensure secure design and implementation of systems and applications Lead and assist with vulnerability management, penetration testing, and red teaming activities, including managing our bug bounty program Foster strong cross-functional relationships with IT, Engineering, Compliance, and other stakeholders to ensure alignment More ❯

Offensive security and exploitation techniques. Digital Forensics : Host, network, or memory-based investigation. Threat Hunting : Detection engineering and hypothesis-driven threat investigation. Knowledge of modern security tooling (SIEM, EDR, vulnerability management, SOAR). Strong documentation and communication skills; fluent in written and spoken English. Diversity, Inclusion, and Equal Opportunity We hire, promote, and compensate employees based on their More ❯

date and compliant with industry best practice, policies, and guidelines. Contributing to deployment of Cybersecurity related projects and tasks for clients and internal infrastructure End to end threat and vulnerability management. Rolling out, managing, and configuring a range of network security tools and appliances. Key Skills: Microsoft 365 and Google Workspace Security admin Cloud, Endpoint Security, Virtualisation Networking (Routers More ❯

date and compliant with industry best practice, policies, and guidelines. Contributing to deployment of Cybersecurity related projects and tasks for clients and internal infrastructure End to end threat and vulnerability management. Rolling out, managing, and configuring a range of network security tools and appliances. Key Skills: Microsoft 365 and Google Workspace Security admin Cloud, Endpoint Security, Virtualisation Networking (Routers More ❯

have now closed. We're seeking an experienced Cyber Defence Manager to safeguard our digital infrastructure View job & apply Location: Frankfurt Salary: 145,000 + Benefits Sector: Banking, Asset Management & Funds We're hiring an experienced IAM Lead to take ownership of identity governance and access controls View job & apply Location: Frankfurt Salary: 145000 + Benefits Job type: Permanent … Sector: Banking, Asset Management & Funds A growing investment firm headquartered in Frankfurt is looking to appoint a senior IT Governance View job & apply Location: Fully Remote Job type: Contract Position Overview: Fast growing FinTech seeking a highly motivated and technically capable DevSecO View job & apply SOC Manager Location: Fully Remote Job type: Contract Position Overview: Rapidly growing FinTech company … seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A fast-growing investment firm based in Frankfurt is looking for a motivated IT Governance & View job & apply Technical IAM Consultant Location: London when needed Job type: Contract More ❯

a broad range of domains. The Senior Cyber Security Specialist will operate across Cyber Operations and GRC, ensuring UK-specific compliance and security resilience. Role: Security Incidents: Oversee incident management and response, including root cause analysis, impact assessment, and post-incident reviews. Threat Management: Develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures. Security … Technologies: Configure, maintain, and optimise security platforms (SIEM/XDR, EDR, vulnerability management, Secure Email Gateway, Application Allowlisting etc.) Security Controls: Implement and maintain security controls, continuously improving detection, prevention, and remediation. Vendor Risk & Audit: Conduct vendor risk assessments, support internal and external audits (e.g. Cyber Essentials, ISO27001), and manage remediation actions. Cyber Security Program: Support the execution … Cyber Essentials, and any industry-specific security requirements. Skills and Experience: 5–7 years' experience in security operations, engineering, or cyber threat management. Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and More ❯

enhance the Security Operations Center (SOC) , with one analyst reporting to you Oversee incident response , manage security incidents from detection to resolution Work closely with the compliance manager on vulnerability management Architect secure solutions, validate baseline configurations, and recommend improvements to stay compliant Collaborate with key stakeholders including Compliance and Infrastructure teams Required Experience: Microsoft security suite experience … Sentinel or similar Experience managing network security and firewalls Exposure to PenTesting methodologies or practices (desirable) Experience with NAC solutions like Cisco ISE , ForeScout , or similar Strong grasp of vulnerability management processes Desired Certifications Microsoft Security certifications (preferred) CISM or CISSP (beneficial, not essential) Apply now or reach out for a confidential chat- ngoren@mcgregor-boyall.com More ❯

a crucial role in leading and managing complex Cyber Security projects, ensuring the successful execution of initiatives that safeguard our clients' organisations against evolving threats. Leveraging your extensive project management expertise and technical knowledge, you will partner with and contribute to the enhancement of the overall Cyber Security posture and resilience of our clients, collaborating with cross-functional teams … and resource allocation approaches. Conduct comprehensive risk assessments and develop mitigation strategies to address potential security threats and project risks. Utilise industry frameworks and standards to ensure robust risk management practices. Oversee and manage projects end-to-end in line with the Association for Project Management guidance. Manage projects such as Security Framework Audits and Implementation, Cyber Strategy … Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and clients, serving More ❯

support the development and delivery of the products (whilst considering cyber resilience) with the ambition to meet the Secure by Design principles. You'll ensure the development, implementation, and management of security protocols, tools, and practices on maturing products meets the appropriate standards and Def Cons. Working closely with the Integrated Product Team (IPT) frameworks with specialists from other … wider Product IA and Security community across Leonardo Electronics UK, influencing corporate policies, processes and guidance. Managing architects such as the generation of Technical Risk Assessments, Security Design and Management Documentation, and Remediation Action Plans. As well as this, you'll oversee the generation and approval of Product Security and Information Assurance Management Plan; Product Design Reviews; generation … of Product Security deliverable information (Product Integrity certificates, product security cases.) What you will be doing as a Lead Security Engineer; Risk Management: Perform risk assessments to identify potential security risks and work product development teams to implement mitigations and preventive measures. Incident Response & Mitigation: Assess and maintain the Incident Response Plan, lead the response to security incidents and More ❯

hardware refreshes, system migrations, and software deployments. Cyber Security Act as a first responder to security incidents—triaging alerts, containing threats, and escalating to our SOC where appropriate. Support vulnerability management through patching, configuration management, and reporting. Assist with endpoint detection and response (EDR) tools and threat monitoring platforms (e.g., Microsoft Defender for Endpoint). Work alongside … Azure AD, and Windows Server environments. Solid networking knowledge (TCP/IP, DNS, DHCP, VPNs, VLANs, firewalls). Experience with IT security principles, practices, and tooling (e.g., EDR, MFA, vulnerability scanners). Ability to script or automate tasks using PowerShell or similar tools. Strong troubleshooting and analytical skills with a methodical approach. Ability to work with a hands-on … Experience working with Microsoft Defender for Endpoint, Sentinel, or other SIEM tools. Exposure to compliance standards such as ISO 27001, Cyber Essentials+, or NIST. Understanding of identity and access management, conditional access, and zero-trust concepts. Certifications such as CompTIA Security+, Microsoft SC-200, or MS-102 are a plus. Company Benefits & Perks Competitive Salary 23 days Holiday plus More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years’ experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with … with AI/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with … SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. Demonstrated experience delivering large-scale, cross-functional security projects. Excellent leadership, communication, and stakeholder management skills. Preferred Qualifications Experience in cybersecurity for SaaS or AI-native platforms. Familiarity with adversarial machine learning, model governance, or AI-specific threat models. Prior experience scaling security functions More ❯

infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with … with AI/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with … SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. Demonstrated experience delivering large-scale, cross-functional security projects. Excellent leadership, communication, and stakeholder management skills. Preferred Qualifications Experience in cybersecurity for SaaS or AI-native platforms. Familiarity with adversarial machine learning, model governance, or AI-specific threat models. Prior experience scaling security functions More ❯

infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with … with AI/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with … SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. Demonstrated experience delivering large-scale, cross-functional security projects. Excellent leadership, communication, and stakeholder management skills. Preferred Qualifications Experience in cybersecurity for SaaS or AI-native platforms. Familiarity with adversarial machine learning, model governance, or AI-specific threat models. Prior experience scaling security functions More ❯

resource management. Review Azure Monitor analytics and Azure portal logs to identify and remediate subscription and resource issues. Manage containerized workloads using Docker and Azure Container Registries for image management and deployment. Implement automated monitoring, logging, and alerting systems using Azure Monitor, Log Analytics, and Application Insights. Collaborate with development and engineering teams to ensure seamless integration of applications … administering DevSecOps tools, including GitHub Advanced Security (CodeQL, Dependabot, SBOM), GitHub Workflows, and Visual Studio Code/Enterprise. Experience with security tools such as Trellix, Invicti, and Anchore for vulnerability management and compliance. Strong Windows Server administration skills, including troubleshooting SCCM issues and client-side domain joins. Familiarity with Linux (Ubuntu) administration for server and appliance management. Proficiency … of SQL integration in Azure environments. Familiarity with Infrastructure-as-Code tools (e.g., Terraform, Bicep) and configuration management. Experience with helpdesk support, including ticket ownership, problem resolution, and incident management using Remedy or similar ticketing systems. Knowledge of cloud security principles, including identity management, network security, and compliance frameworks (e.g., NIST 800-53, DoD STIGs). Understanding of More ❯

user access, and security operations. Key Responsibilities Manage day-to-day security operations and services, both in-house and outsourced Lead a small team covering Microsoft 365, identity management, and security Oversee security tools, monitoring systems, and incident response Guide improvements to identity and access processes with a focus on automation Work with IT teams to ensure security is … or relevant professional IT/security qualification Recognised certification from a security or identity vendor Knowledge Solid understanding of tools like SIEM, EDR, and threat detection methods Knowledge of vulnerability management and threat intelligence Familiarity with network security (firewalls, segmentation, IDS/IPS, etc.) Understanding of operating systems (Windows, Mac, Linux) and their security practices Experience Hands-on More ❯

Security related incidents and events investigation and response as required. Work with cross-functional teams to respond to incidents - be they an escalated security event or remediating a critical vulnerability - when the need arises Contribute effectively to the establishment and maintenance of the IT Security knowledge base, documenting clear instructions and known fixes. Work on IT security projects as … SC-200, AZ-500, SC-900. Cloud native security solutions such as GuardDuty and the Microsoft Defender suite of products Content Delivery Networks and Web Application Firewalls. Experience with vulnerability management A broad technical knowledge of server, endpoint, and networking hardware and related security configurations. Experience with EDR/EPP software, deployment, and configuration A strong technical knowledge More ❯

be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows … and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate More ❯

external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency … practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind. Risk Management and Compliance: Assist teams in ensuring that products and services are secure by design, align with the organisation's risk appetite, and comply with all relevant group standards, policies … knowledge with any combination of the following: Threat modelling and risk assessments Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ) Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2) Working knowledge of cryptography including encryption, signing and digital certificates Principles of securing mobile applications and More ❯

external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency … practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind. Risk Management and Compliance: Assist teams in ensuring that products and services are secure by design, align with the organisation's risk appetite, and comply with all relevant group standards, policies … knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption, signing and digital certificates, Principles of securing mobile applications and More ❯