1 to 25 of 146 Vulnerability Management Jobs in the UK excluding London

Primary Details Time Type: Full time Worker Type: Employee Vulnerability Management Data Analyst Permanent London/Hybrid At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity As part of our continuous improvement and expansion of the vulnerability management function, we are seeking a highly motivated Vulnerability Management Data Analyst to join our Global Security Operations Centre. This permanent, hybrid role is based out of our London office and reports to the Threat & Vulnerability Manager. The successful candidate will play a key role in strengthening QBE’s cyber resilience by turning complex security data into … meaningful insights. This role will directly support the identification, prioritisation, remediation and reporting of vulnerabilities—helping QBE stay ahead of emerging threats. Your New Role As a Vulnerability Management Data Analyst, you’ll collaborate with teams across security engineering, vulnerability management, service management, cyber governance, risk and divisional consultancy to ensure data accuracy, develop dashboards More ❯

VULNERABILITY MANAGEMENT ANALYST Up to £70,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces … behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes & Schedules related to … Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include: Conducting Vulnerability More ❯

Vulnerability Management Engineer London/WFH to £75k Are you a tech savvy Vulnerability Management Engineer with a broad range of security knowledge? You could be progressing your career at a global, hugely profitable, Investment Management firm. As a Vulnerability Management Engineer you'll perform assessments and communicate findings to stakeholders on the … day a week. About you: You have experience in a similar position with knowledge of common cyber attack types such as DDoS, SQLi, XSS, etc. You have experience with vulnerability assessment software and prioritisation of results using a combination of various frameworks tied to internal objects (CVE, CVSS, EPSS, etc.). You have experience of assessing, documenting and communicating … AWS You have a background with network security or secure code development You're collaborative and pragmatic with great communication skills What's in it for you: As a Vulnerability Management Engineer you can expect to earn a competitive package: Salary to £75k Significant bonus Pension (15% employer contribution) Private Health, Dental and Optical care Life Assurance and More ❯

Are you passionate about protecting critical infrastructure and driving proactive security? We’re looking for an individual who’s ready to take ownership of our vulnerability management ecosystem and lead the charge in deploying and optimizing Tenable Nessus and Tenable SC platforms. This is more than a technical role, it’s a mission-critical opportunity to shape how … and want to make a real impact, this is your chance to be at the forefront of enterprise security. What you will be doing: Lead deployment, configuration, and lifecycle management of Tenable Nessus and Tenable.SC across varied environments. Design and execute vulnerability scanning strategies aligned with business priorities and risk appetite. Validate results, investigate anomalies, and coordinate remediation … with infra, network, hosting, and app teams. Maintain gold-standard documentation (guides, SOPs, user manuals). Build tailored dashboards and reports to drive visibility and informed decision-making. Embed vulnerability management into IT, security, and compliance workflows and planning. Provide training and mentorship to foster security awareness and technical excellence. Ensure practices meet Cyber Essentials Plus and ISO More ❯

assurance Electric Vehicle Scheme About the Role This is an exciting opportunity for a security professional who wants to make a real impact by leading and maturing an organisations vulnerability management programme. You will: Own and optimise the vulnerability management lifecycle using Tenable.io, Tenable.sc, and Nessus Perform and analyse vulnerability scans across on-premise, cloud … bring the expertise and confidence to influence both technical and strategic decisions. We are looking for someone with: At least 5 years experience in cybersecurity, with a focus on vulnerability management and threat analysis Proven hands-on experience with Tenable.io, Tenable.sc, and Nessus Strong understanding of operating systems, networking, cloud platforms and containers The ability to interpret CVEs More ❯

assurance Electric Vehicle Scheme About the Role This is an exciting opportunity for a security professional who wants to make a real impact by leading and maturing an organisations vulnerability management programme. Be one of the first applicants, read the complete overview of the role below, then send your application for consideration. You will: Own and optimise the … vulnerability management lifecycle using Tenable.io, Tenable.sc, and Nessus Perform and analyse vulnerability scans across on-premise, cloud, container, and hybrid environments Coordinate remediation efforts with technical and business stakeholders Integrate Tenable with wider platforms to enhance automation and reporting Deliver dashboards and reports that clearly communicate risk posture to both technical and executive audiences Stay ahead of … bring the expertise and confidence to influence both technical and strategic decisions. We are looking for someone with: At least 5 years experience in cybersecurity, with a focus on vulnerability management and threat analysis Proven hands-on experience with Tenable.io, Tenable.sc, and Nessus Strong understanding of operating systems, networking, cloud platforms and containers The ability to interpret CVEs More ❯

will act as a critical liaison between client stakeholders and internal operational teams, ensuring the delivery of world-class cyber security services. You'll drive incident response coordination, lead vulnerability management efforts, and ensure service excellence through strategic oversight and hands-on technical engagement. What You'll Be Doing Serve as the key point of contact and escalation … improvement initiatives. Support compliance with SLAs and ensure services meet contractual, operational, and quality standards. Lead service reviews and present performance reports to clients (weekly/monthly). Oversee vulnerability management efforts including scanning, prioritisation, risk communication, and remediation coordination. Ensure IDS/IPS systems are maintained and aligned with the latest threat intelligence. Work closely with the … Manager to identify process improvements and implement best practices. What You'll Bring 10+ years of experience in technical support for SOC or Cyber Security operations. 5+ years of vulnerability management experience, with demonstrable risk-based prioritisation skills. Proven leadership in high-pressure, crisis-response situations. Strong client relationship management and stakeholder engagement skills. In-depth understanding More ❯

Newcastle *Be the M365 Subject Matter Expert * IT Deployment Engineer/IT Infrastructure Engineer, providing 3rd line IT/M365 Application support with excellent M365, InTune, Azure, Modern Device Management & IT Security experience is required by a leading company in central Newcastle You will be the subject matter expert for Microsoft and M365, working on a range of 3rd … Active Directory, firewall, VPN, iOS, and networking protocols (TCP/IP, DNS, DHCP, SMTP). - Strong client-service approach with excellent communication and teamwork skills. - Strong IT Security, Endpoint management and Vulnerability management experience - PowerShell Scripting experience within Microsoft Applications - Ability to prioritise, manage workload, and multitask effectively. Role Responsibilities: - 3rd line support and implement Intune, M365 … maintenance). - Assist in managing Microsoft Exchange, Mimecast security, Teams, and Autopilot. - Develop onboarding processes and provide feedback for service improvements. - Define the company's IT Security policies, including vulnerability management - Admin of Endpoint management tools - Stay updated on Microsoft 365 tools and roadmap. - Conduct monitoring and analysis, including storage and usage reports. - Own problem management More ❯

Newcastle *Be the M365 Subject Matter Expert* IT Deployment Engineer/IT Infrastructure Engineer, providing 3rd line IT/M365 Application support with excellent M365, InTune, Azure, Modern Device Management & IT Security experience is required by a leading company in central Newcastle You will be the subject matter expert for Microsoft and M365, working on a range of 3rd … Active Directory, firewall, VPN, iOS, and networking protocols (TCP/IP, DNS, DHCP, SMTP). - Strong client-service approach with excellent communication and teamwork skills. - Strong IT Security, Endpoint management and Vulnerability management experience - PowerShell Scripting experience within Microsoft Applications - Ability to prioritise, manage workload, and multitask effectively. Role Responsibilities: - 3rd line support and implement Intune, M365 … maintenance). - Assist in managing Microsoft Exchange, Mimecast security, Teams, and Autopilot. - Develop onboarding processes and provide feedback for service improvements. - Define the company's IT Security policies, including vulnerability management - Admin of Endpoint management tools - Stay updated on Microsoft 365 tools and roadmap. - Conduct monitoring and analysis, including storage and usage reports. - Own problem management More ❯

Job Description - External Attack Surface Management Analyst () External Attack Surface Management Analyst - Job title: External Attack Surface Management Analyst Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa 45k dependant on skills and experience What you'll be … doing: Supporting the Senior Attack Surface Management Analyst in maintaining the Global Attack Surface Management service to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance Identifying and prioritising vulnerabilities across BAE Systems managed external assets as part of ongoing external attack surface management, coordinating remediation with … resolver teams Reviewing and validating vulnerabilities detected by SaaS-based scanning tools, confirming exploitability and severity to inform accurate remediation Supporting vulnerability management across cloud and SaaS environments, identifying risks and coordinating remediation to safeguard externally hosted services Proactively detects external-facing security gaps and misconfigurations, ensuring timely escalation to relevant resolver teams for remediation Your skills and More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness More ❯

experts and consultants related programmes. Principal Preferred Requirements: Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at … a comfortable level Excellent command of cybersecurity organisation practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity Experience and understanding of both the roles and interlock between enterprise & solution architecture Experience in both operational and transformation … cybersecurity roles or a clear working understanding of both perspectives Experience working in large-scale IT transformation programmes Identity & Access Management: Secrets Management: Experience of designing solutions using SM tools such as HashiCorp Vault Experience of developing secrets management patterns and championing designs through architecture governance forums Experience of designing or implementing Workload Identity Frameworks within large More ❯

run smoothly. What you'll be doing: Implementing and maintaining security controls across network, cloud, endpoints, and core infrastructure Owning key technologies like firewalls, SIEM, EDR, VPN, NAC, and vulnerability scanners Driving vulnerability management and hardening across the estate Supporting and responding to security incidents across infrastructure services Embedding security into infrastructure changes (firewall rules, access reviews … network security within a complex enterprise environment Solid knowledge of: Firewalls, VPN, IDS/IPS, network security controls Endpoint security (EDR, anti-malware, DLP) SIEM tools (e.g. Splunk, Sentinel) Vulnerability management (e.g. Qualys, Tenable) Cloud (Azure and/or AWS) Hands-on experience supporting or responding to security incidents Familiarity with frameworks such as ISO 27001, NIST, CIS More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. … who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non … technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey More ❯

leading Quarterly Security Reviews and presenting clear business-focused risk assessments. Own security governance processes, ensuring compliance with frameworks such as Cyber Essentials, ISO27001, and NIST . Oversee patching, vulnerability management, and internal infrastructure security. Collaborate across service delivery, project, and account management teams to embed security consistently. Mentor and develop Security Analysts, ensuring certifications and knowledge … for C-level stakeholders. The ideal candidate will have: 5+ years in IT security or MSP environments . Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience in vulnerability management, patch governance, and cloud security (M365/Azure). Excellent communication skills with the ability to influence both technical teams and business leaders. (Desirable) Certifications such as More ❯

expertise. What You'll Do Serve as the Cyber Security Subject Matter Expert, advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme, with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across … evolving threats, and help shape our strategy using frameworks such as OWASP, SASE, and Zero Trust. What We're Looking For Essential: Proven experience in cyber security engineering, including vulnerability management, SIEM, WAFs, and secure infrastructure design. Strong knowledge of TCP/IP, firewalls, routing, access controls, and threat-based security approaches. Excellent communication skills with the ability More ❯

to protect against evolving threats. What you'll do As part of a team of analysts, you'll be responsible for the overall day-to-day technical and operational management of cyber and information security within the University. This includes operating within a hybrid Security Operations Centre (SOC) model, leading the investigation and resolution of cyber security incidents, and … continuous monitoring across the University. Conduct proactive threat hunting activities to detect advanced threats and anomalous behaviour within the University's network, and provide solutions to support incident response, vulnerability management, and strategic security decisions. Collaborate with third-party providers to scope, coordinate, and review network security assessments, and ensure that findings and recommendations are effectively prioritised, communicated … documented and implemented to improve the University's security posture. Support the network vulnerability management process by identifying, assessing, and prioritising security vulnerabilities, and working with relevant teams and third parties to ensure timely remediation through patching, configuration changes, or other appropriate fixes. Design, implement, and support technical security controls to defend University network systems against security threats More ❯

Cisco technologies, to protect against evolving threats. What youll do - As part of a team of analysts, youll be responsible for the overall day-to-day technical and operational management of cyber and information security within the University. This includes operating within a hybrid Security Operations Centre (SOC) model, leading the investigation and resolution of cybersecurity incidents, and co … continuous monitoring across the University. - Conduct proactive threat hunting activities to detect advanced threats and anomalous behaviour within the University's network, and provide solutions to support incident response, vulnerability management, and strategic security decisions. - Collaborate with third-party providers to scope, co-ordinate, and review network security assessments, and ensure that findings and recommendations are effectively prioritised … communicated, documented and implemented to improve the Universitys security posture. - Support the network vulnerability management process by identifying, assessing, and prioritising security vulnerabilities, and working with relevant teams and third parties to ensure timely remediation through patching, configuration changes, or other appropriate fixes. - Design, implement, and support technical security controls to defend University network systems against security threats More ❯

Cisco technologies, to protect against evolving threats. What youll do - As part of a team of analysts, youll be responsible for the overall day-to-day technical and operational management of cyber and information security within the University. This includes operating within a hybrid Security Operations Centre (SOC) model, leading the investigation and resolution of cybersecurity incidents, and co … continuous monitoring across the University. - Conduct proactive threat hunting activities to detect advanced threats and anomalous behaviour within the University's network, and provide solutions to support incident response, vulnerability management, and strategic security decisions. - Collaborate with third-party providers to scope, co-ordinate, and review network security assessments, and ensure that findings and recommendations are effectively prioritised … communicated, documented and implemented to improve the Universitys security posture. - Support the network vulnerability management process by identifying, assessing, and prioritising security vulnerabilities, and working with relevant teams and third parties to ensure timely remediation through patching, configuration changes, or other appropriate fixes. - Design, implement, and support technical security controls to defend University network systems against security threats More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

stakeholders and providing clear, actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands-on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications More ❯