51 to 75 of 280 Vulnerability Management Jobs in the UK

or contribute to cyber engagements across various sectors, adapting to different organisational cultures and regulatory contexts. Core Cyber Security Skills: Strong expertise in areas such as cyber strategy, risk management, cyber maturity assessments, security architecture, transformation programmes, and regulatory compliance. Familiarity with leading frameworks and standards including NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, and CRI2.0. Hands-on experience … and assessments in varied environments. Relevant certifications such as CISSP, CISM, CISA, M.Inst.ISP, or a postgraduate qualification (e.g. MSc in Cyber Security). Practical knowledge in domains like threat management, vulnerability management, cyber GRC, cyber architecture, and cyber assurance. Detail-oriented with strong analytical and problem-solving capabilities. Excellent written and verbal communication skills, including stakeholder reporting More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national … security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry More ❯

by Three and its partners, ensuring that effective governance and technical assurance can be performed. Maintain and improve the use of artefact templates. Ensure that there is effective capacity management and planning in place for the security services and solutions assigned to you and ensure that the solution is incorporated into the 18-month technical and budget roadmap for … capacity expansion and service improvement. Support the Programme and Project Manager in project planning, risk and issue management and the budgeting process. Our people make us who we are. We're a diverse and inclusive bunch, and it's important you can feel you belong here. We value everybody for who they are and what they bring to the … exploit these vulnerabilities Experience in one or more of the following technical domains: Cloud/Hybrid security, Infrastructure and data centre security, Network security, Application security, Identity and access management, Vulnerability Management Expertise in defining and then governing the delivery of security contractual/business outcomes and know how to influence/negotiate technical outcomes with 3rd More ❯

ll Be Doing Conducting Cyber Security Assessments and audits across Microsoft 365 and Azure environments Performing Cyber Essentials and Cyber Essentials PLUS audits in line with IASME standards Delivering vulnerability assessments, remediation, and penetration testing across infrastructure, networks, and applications Contributing to client reporting, assurance audits, and scoping security solutions Acting as an escalation point for security-related technical … work in a Managed Service Provider (MSP) environment A Strong understanding of Microsoft 365 & Azure Cloud Experience with technical audits and offensive security tools (e.g. Kali Linux) Familiarity with vulnerability management tools like Tenable or Qualys OSCP (Offensive Security Certified Professional) status Microsoft SC-200 and AZ-500 certifications Experience with Microsoft Defender suite (XDR, Endpoint, Cloud, Office … Good knowledge of Microsoft Sentinel SIEM Expertise with Azure Firewalls and Email Security Solutions (Mimecast, Egress) Experience with Endpoint Detection & Response (SentinelOne) and Vulnerability management tools (e.g. Tenable, Qualys) You will be part of a recognised, established and fast-growing MSP, regularly ranked among the best UK tech companies to work for. You will work alongside a collaborative More ❯

Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk … Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring of risks, with a particular emphasis on application security risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention … systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and More ❯

secure cloud environments that allow the best companies to move faster. SUMMARY Wiz is looking for a Security Engineer for Product & Production Infrastructure who has experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. You'll get to collaborate with our software development and DevOps teams to secure Wiz's products, CI … modeling and security review exercises across Wiz's production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts … Azure and GCP) Kubernetes (AWS EKS) and container infrastructure IAM and managing cloud identities at-scale Secure development and application of IAC solutions (Terraform, Helm) Cloud-native observability and management tools Development experience in Go, Python and Rust PREFERRED QUALIFICATIONS Bachelor's degree in computer science or a related field and/or candidates with equivalent job experience in More ❯

/3 days a week) Rate: £465 per day inside IR35 Start Date: ASAP What's the role? This is a technically diverse Security Analyst position covering areas like: Vulnerability management (Tenable.io or equivalent) SIEM monitoring (Elastic preferred) and log analysis Incident detection, triage, and escalation (CrowdStrike or similar EDR) Compliance audits (ISO27001, STIGs) Infrastructure hardening and security … playbooks, and security runbooks Who are we looking for? Ideal candidates will bring: At least 2 years' experience in a Security Analyst or SOC-type role Strong understanding of vulnerability management, EDR/SIEM alert triage, and incident response Experience with compliance frameworks (ISO 27001, NIST, etc.) A working knowledge of VMware, AD, Windows Server, Linux Comfort handling More ❯

Cyber Threat Intelligence & Vulnerability Lead Leeds – 5 days per week on site Up to £65,000 + Bonus + Package Urgent hire!! We’re looking for an experienced CTI and Vulnerability Lead to step into a senior leadership role supporting national security programmes within a critical infrastructure environment. This is a hands-on, high-impact opportunity in a … in Leeds and will require DV clearance (or eligibility to gain it). You’ll be leading a team of cleared cyber professionals, driving delivery across threat intelligence and vulnerability management, and playing a key part in safeguarding systems targeted by sophisticated threat actors. What you’ll be doing: Leading day-to-day CTI and vulnerability operations … Acting as the senior point of contact for escalations, product reviews, and stakeholder engagement What we’re looking for: At least 4–5 years’ experience in Cyber Threat Intelligence , Vulnerability Management or Technical Threat Research Background in technical IR, SOC operations, or cloud-based threat environments Excellent OSINT and analytical skills – confident producing context-rich, actionable reporting Strong More ❯

in ensuring the security and integrity of the infrastructure, which includes the data centers, cloud environments, networks, and office/branch assets. This is an exciting opportunity to lead vulnerability assessments, drive remediation efforts, and enforce secure builds and configurations across our estate. Key Responsibilities: Lead the implementation of Infrastructure & Cloud security strategies, policies, controls, services, metrics, and compliance. … Oversee and support vulnerability management efforts across both on-premise and cloud environments. Contribute to the strategy, policy, controls, services, and metrics related to network security, including WAF, DDoS protection, and firewalls. Experience & Skills: Primary Expertise: Vulnerability management within infrastructure environments, with proven experience leading teams. Secondary Expertise: Knowledge and experience in network security, including firewalls More ❯

of the business, helping guide solutions that align with security and project requirements by articulating the real-world cyber security risks associated. You will also be responsible for our Vulnerability Management program ensuring that agreed SLAs are achieved and provide consultation when solutions are not straight forward. As the Senior Cyber Security Consultant, you will be providing mentorship … requests, you will provide subject matter expertise for internal projects and stakeholders, identifying risks and advising on the correct approach to mitigate those risks You will have responsibility for Vulnerability Management managing outputs from internal tooling and external vendors in order to prioritise remediation by relevant internal parties in order to ensure the identified risks are mitigated You … of the Team, fostering an inclusive, supportive and engaged learning environment, being a key contributor to a high performing and professional Security Team. Knowledge, skills and experience Strong stakeholder management skills A strong understanding of enterprise ICT and security principles A strong understanding of cloud security concepts and technologies Understanding of the CI/CD process and security integrations More ❯

Vulnerability Analyst – 3-month contract My Customer is seeking a proactive and skilled Vulnerability Analyst to join their team in a highly regulated, mission-critical 24/7 environment. Their infrastructure includes over 450 servers operating across both Windows and Linux platforms — making secure access and timely response essential. Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools is needed for this role. Key Skills from the Vulnerability Analyst: Demonstrated experience in vulnerability management within large-scale enterprise or corporate environments . Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools. Strong working knowledge of Windows and Linux operating systems , including their associated technology … stacks. Able to operate effectively in a secure, complex, and highly regulated setting with restricted access considerations. Key responsibilities for the Vulnerability Analyst: Daily monitoring and analysis of security events and vulnerabilities. Proactively reviewing Qualys reports to identify missing patches, misconfigurations, and other potential threats. Collaborating closely with infrastructure and operations teams to coordinate and apply remediation actions. Ensuring More ❯

business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage risk effectively Contributing to compliance efforts including ISO27001, supplier security and data privacy, helping … and product teams to embed secure thinking into design and delivery Keeping pace with emerging threats and contributing to strategic conversations about how we evolve our approach Experience with vulnerability management Experience with scaling tools such as CSPM, SIEM, IAM and Endpoint protection You're hands on, curious and motivated by solving real problems You enjoy working closely More ❯

time left to apply End Date: August 23, 2025 (12 days left to apply) job requisition id R92319 WELLINGTON MANAGEMENT Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions, tailored to the unique return and risk objectives of institutional clients in more than 50 countries, draw … debate. As a private partnership, we believe our ownership structure fosters a long-term view that aligns our perspectives with those of our clients. THE POSITION The Attack Surface Management team is seeking a Senior Security Engineer to be a key member of our team. There will be a focus on building, maturing, and operationalizing a configuration baselines program … spanning physical and virtual systems, serverless workloads, container security, and other platforms. This engineer will assist in minimizing attack surfaces through vulnerability management, managing a baselines program, cloud configuration assessments, incorporating threat intelligence, and building policies, standards, and processes. The ideal candidate is passionate about cybersecurity, curious, and willing to challenge the status quo in Attack Surface Management. More ❯

the IT Service Desk Providing support via tickets, email and phone Assisting with pre-sales technical support Leading the response during P1 critical issues Completing BAU tasks including patch management , vulnerability management , and backend system troubleshooting Onboarding new clients when needed Supporting non-technical colleagues with escalated issues Reporting directly to the Service Desk Manager The Person More ❯

sales engineering within a relevant sector. Experience in network technologies, and certification (NSE7, CCNA, CCNP, Network +, or similar). Experience in Cyber Security (Security Operations, Risk Mitigation, Incident Management, Vulnerability Management, or similar disciplines). Experience in Compliance and Governance (ISO (phone number removed), NIST, GDPR, Cyber Essentials, or similar frameworks). Can build and develop More ❯

Cyprus, Greece, Hong Kong, Japan, and Singapore. Overall Job Purpose : The Junior Information Security Officer (JISO) will assist the Information Security team in implementing and maintaining the information security management system with the objective of managing risks to information assets to an acceptable level. The JISO will develop a good understanding of the information security policies, standards and procedures … organisation's technology landscape to help identify potential threats and vulnerabilities. Key Responsibilities: Assist in maintaining the information security standards, procedures and guidelines. Participate in the information security risk management process to identify, assess, treat and monitor risks. Manage information security incidents and events to protect information assets. Help develop and implement incident response plans and procedures to ensure … Assist with the quarterly cybersecurity ITSC and Board updates and key risk indicator reporting. Maintain the information security awareness training program and conduct phishing tests. Maintain the Privileged Access Management, Security and Event Management and Vulnerability Management systems. Assist in identifying security solutions that will be effective in mitigating risks to information assets. Manage the implementation More ❯

and ensuring our products and cloud infrastructure are secure, resilient, and compliant. In this role, you will have the unique opportunity to lead our SOC2 audit activities, perform risk management reviews, and drive our vulnerability management program in alignment with industry best practices. Your keen eye for detail and exceptional problem-solving skills will be invaluable in … and external standards. Translate audit findingsand test results into clear, actionable tasks for the engineering and DevOps teams. Perform vendor security assessments, managing risk across our supply chain. Manage vulnerability and patch management, ensuring critical software libraries are kept up to date. Enforce security policies, particularly regarding open-source software and licensing compliance. Plan and lead annual Business More ❯

ensure regular audits and compliance reviews are conducted. Champion a culture of security awareness across the organization by delivering training and setting policies that promote secure behaviours. Oversee the management of access controls, encryption standards, identity management, and vulnerability management programs. Collaborate with senior leadership and legal teams to ensure compliance with data protection laws (e.g. … GDPR, CCPA) across all jurisdictions. Operational Excellence & Cost Management: Oversee the delivery of IT services across all international sites, ensuring high availability, security, and performance. Establish and manage IT budgets, vendor relationships, and service agreements to ensure JJ gets excellent value from its partners and operates efficiently Team Leadership & Stakeholder Management: Lead and mentor a diverse IT team … London, England, United Kingdom 75,000.00-100,000.00 1 week ago London, England, United Kingdom 6 days ago London, England, United Kingdom 18 hours ago Director of Identity & Access Management London, England, United Kingdom 15 minutes ago London, England, United Kingdom 18 minutes ago London, England, United Kingdom 2 weeks ago London, England, United Kingdom 3 weeks ago London More ❯

ensure regular audits and compliance reviews are conducted. Champion a culture of security awareness across the organization by delivering training and setting policies that promote secure behaviours. Oversee the management of access controls, encryption standards, identity management, and vulnerability management programs. Collaborate with senior leadership and legal teams to ensure compliance with data protection laws (e.g. … GDPR, CCPA) across all jurisdictions. Operational Excellence & Cost Management: Oversee the delivery of IT services across all international sites, ensuring high availability, security, and performance. Establish and manage IT budgets, vendor relationships, and service agreements to ensure JJ gets excellent value from it's partners and operates efficiently Team Leadership & Stakeholder Management: Lead and mentor a diverse IT More ❯

the senior lead to ensure our state of the art security centre is as effective and as efficient as can possibly be. As well as the proactive and responsive management of your team you will also have input for the strategy and future direction of our operation. Main tasks and responsibilities: Manage Shared SOC for more than 100 FTE … improvisation to achieve operational objectives Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre Management, administration & maintenance of security devices under the purview of SOC which consists … build and maintain positive working relationships with them Pre-requisites: Experience of more than 12 years in advanced security technologies Strong security professional skilled in Security Information and Event Management (SIEM), Vulnerability Management and Security Intelligence, IDAM, Digital Rights Management (DRM), Anti-APT, Data Leak Prevention (DLP), Phishing simulation tools etc Experience in managing P1 incidents More ❯

My client, an International Financial Services client based in London, are looking for an Information Security Risk Lead to join their growing team. The Information Security Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by my client … to identify, measure, monitor and mitigate information security risks. The successful candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of information security processes and controls. This position is highly engaged with the firm-wide Information Security teams who provide security solutions as well as all corporate departments that … procedures, guidelines, and structure. Functional expertise, with operational knowledge of and exposure to various current and emerging information security areas such as: v Cyber resilience v Identity & privileged access management v Secure coding practices v Third-party risk management v Cloud security configuration and control frameworks v Threat/vulnerability management v Network security B.S. in More ❯

and work closely with stakeholders to ensure compliance and security best practice across the business. You will also assist with maintaining and improving the company’s accredited Information Security Management System (ISMS), with a particular focus on ISO 27001 and Cyber Essentials Plus requirements. In addition, you will help mentor team members, providing guidance and support to develop their … is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat intel research and recommends security improvements. Qualifications Extensive … PHP, MySQL, PostgreSQL, Nginx, Mercurial and Git. Good understanding of cyber security practices in relation to cloud hosting, preferably with experience of AWS. Good understanding of open-source risk management using enterprise management tools. An understanding of Service Management disciplines, ideally using the ITIL framework. Ability to keep up to date with technology trends and to understand More ❯

on CV's he has seen so far:The CVs I've seen don't seem to have experience in conducting testing of controls specifically, they have more technical management of security tools or policy strategy focused. About the IT Security Goverance and Risk AVP role: The individual will be part of the security function that is responsible for … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯