1 to 25 of 49 Vulnerability Scanning Jobs in the UK excluding London

VULNERABILITY MANAGEMENT ANALYST Up to £70,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces behind … Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering Two Key Areas including Owning Processes & Schedules related to Vulnerability Scanning of All Endpoints of the business. As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include: Conducting Vulnerability Scanning with leading More ❯

Vulnerability Analyst – 3-month contract My Customer is seeking a proactive and skilled Vulnerability Analyst to join their team in a highly regulated, mission-critical 24/7 environment. Their infrastructure includes over 450 servers operating across both Windows and Linux platforms — making secure access and timely response essential. Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools is needed for this role. Key Skills from the Vulnerability Analyst: Demonstrated experience in vulnerability management within large-scale enterprise or corporate environments . Hands-on experience with Qualys and its vulnerability scanning, assessment, and reporting tools. Strong working knowledge of Windows and Linux operating systems , including their associated … technology stacks. Able to operate effectively in a secure, complex, and highly regulated setting with restricted access considerations. Key responsibilities for the Vulnerability Analyst: Daily monitoring and analysis of security events and vulnerabilities. Proactively reviewing Qualys reports to identify missing patches, misconfigurations, and other potential threats. Collaborating closely with infrastructure and operations teams to coordinate and apply remediation actions. More ❯

Are you passionate about protecting critical infrastructure and driving proactive security? We’re looking for an individual who’s ready to take ownership of our vulnerability management ecosystem and lead the charge in deploying and optimizing Tenable Nessus and Tenable SC platforms. This is more than a technical role, it’s a mission-critical opportunity to shape how we … be at the forefront of enterprise security. What you will be doing: Lead deployment, configuration, and lifecycle management of Tenable Nessus and Tenable.SC across varied environments. Design and execute vulnerability scanning strategies aligned with business priorities and risk appetite. Validate results, investigate anomalies, and coordinate remediation with infra, network, hosting, and app teams. Maintain gold-standard documentation (guides … SOPs, user manuals). Build tailored dashboards and reports to drive visibility and informed decision-making. Embed vulnerability management into IT, security, and compliance workflows and planning. Provide training and mentorship to foster security awareness and technical excellence. Ensure practices meet Cyber Essentials Plus and ISO 27001 requirements, supporting audits and certification. Identify gaps, implement enhancements, and drive automation More ❯

industry best practice * Perform security reviews, identify gaps in security architecture and apply appropriate remediation * Ensure appropriate technical measures are in place to comply with regulations/legislations * Conduct vulnerability scanning, analysis and remediation * Patch management * Identify root cause of security issues and design appropriate solutions Required Experience: * Prior experience working within the security industry, with a strong … M365 infrastructure. * Experience of working with SIEM tools * Exposure to email security tools (Sophos, O365 etc) * Excellent patch management skills (Intune SCCM, MECM Endpoint Manager and WSUS) * Experience with vulnerability scanning and management (Insight VM) * Experience with Endpoint Security * Exposure to Cloud technologies (AWS, Azure etc.) * Excellent networking skills (TCP/IP, SMB, DNS, DHCP etc) Central London More ❯

Vulnerability Analyst – 6 Months – Remote - Qualys A client is seeking a Vulnerability analyst/Patching Engineer to help tackle a critical security backlog across 2,700 devices. This is a hands-on contract role focused on patching end users and security remediation to ensure systems are up to date and secure. Key Skills of the Vulnerability Analyst … Strong experience in vulnerability management and patching within enterprise environments. Hands-on experience with Qualys for vulnerability scanning and reporting. Solid Windows 10/11 expertise with a focus on security hardening and patching. Proficient with SCCM is beneficial but not necessary. Excellent documentation skills. Strong verbal and written communication skills. Responsibilities of the Vulnerability Analyst … end patching for end user devices. Support and transfer knowledge of Qualys alerts and patching workflows. Ensure all systems run on the latest and most secure versions. The successful Vulnerability t Analyst will be working remotely however may require occasional ad hoc travel to Worthing. Apply now to speak with VIQU IT in confidence. Or reach out to Matt More ❯

Vulnerability Engineer/Manager to join a highly professional established security ops SOC team. You will lead Vulnerability ensuring identification, assessment and remediation of security vulnerabilities across infrastructure, applications and systems. Working with SOC analysts leading the end to end vulnerability management lifecycle, manage and optimise vulnerability scanning tools such as Tenable and Nessus. Regularly … scan networks, systems and applications for security vulnerabilities. Must have 3+ years cyber security experience and at least 2 yrs focusing on vulnerability management. Familiar with threat and standards such as CVSS, NIST, MITRE ATT&CK. This is an excellent opportunity working for an award winning MSP working on exciting projects. You will develop and maintain vulnerability policies More ❯

for driving company IT security, and stability of all IT systems and services. Key Responsibilities: Implement and enforce cybersecurity best practices (ISO 27001,CE+, CIS benchmarks), including endpoint protection, vulnerability scanning, penetration testing, and incident response planning. Ensure compliance with regulatory standards such as GDPR Ensure best security practice for Office 365, Exchange Online, and SharePoint administration. Administer More ❯

e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning Data Loss Prevention (DLP) Candidate Profile Proven experience delivering large-scale cyber and information security programmes Strong hands-on background in cyber security and technical delivery Deep More ❯

for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training More ❯

e.g. Palo Alto, Fortinet) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning tools Data Loss Prevention (DLP) solutions Candidate Profile: Strong hands-on experience in cyber and information security Deep understanding of Microsoft Azure security architecture Experience managing vendor More ❯

security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding … a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

WAF, DDoS, VPN, perimeter firewalls, email/web security, MFA, SSO, PAM, MDM/MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation efforts. Collaborating with external penetration testers and ensuring compliance with frameworks such as ISO 27001, NIST, and CIS . Staying up to date More ❯

WAF, DDoS, VPN, perimeter firewalls, email/web security, MFA, SSO, PAM, MDM/MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation efforts. Collaborating with external penetration testers and ensuring compliance with frameworks such as ISO 27001, NIST, and CIS . Staying up to date More ❯

Managing Microsoft 365 security tools, firewalls, networks, Wi-Fi, and email security platforms Acting as the main contact for our outsourced SOC and overseeing incident response Running pen tests, vulnerability scans, and regular security assessments Owning governance, risk, and compliance activities (ISO 27001, Cyber Essentials) Delivering supplier risk assessments and secure onboarding processes What were looking for Strong technical … Office 365, Azure, AWS) Experience working with or managing a SOC Practical 3rd line operational security background Familiarity with audits, compliance frameworks, and risk management Knowledge of pen testing, vulnerability scanning, and networking best practices Confident project management skills and ability to lead from the front This is an opportunity to be the go-to security expert in More ❯

cyber security measures, best practices, and threat management. Develop and maintain documentation, including best practice guides and incident reports, to educate clients and team members on security awareness. Conduct vulnerability assessments and participate in the development of incident response protocols to enhance security posture. Offer technical guidance to team members, fostering a culture of continuous learning and improvement within … of the strategy plan Active innovation and improvement of internal policies and strategies Technical Skills Required: In-depth knowledge of Office 365 security features and best practices. Proficiency in vulnerability scanning tools and techniques. Solid understanding of networking principles, including TCP/IP, patching, and network security protocols. ISO27001 Implementation and understanding Exceptional report writing skills, with the More ❯

technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Please apply for more details More ❯

technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Please apply for more details More ❯

is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security risks within a project, analyse … information security principles, including confidentiality, integrity, and availability. Demonstrable understanding of Cybersecurity risk and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to More ❯

is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security risks within a project, analyse … information security principles, including confidentiality, integrity, and availability. Demonstrable understanding of Cybersecurity risk and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to More ❯

is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security risks within a project, analyse … information security principles, including confidentiality, integrity, and availability. Demonstrable understanding of Cybersecurity risk and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to More ❯

is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security risks within a project, analyse … information security principles, including confidentiality, integrity, and availability. Demonstrable understanding of Cybersecurity risk and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to More ❯

is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security risks within a project, analyse … information security principles, including confidentiality, integrity, and availability. Demonstrable understanding of Cybersecurity risk and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to More ❯

joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation …/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet all of the More ❯

joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation …/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet all of the More ❯

the threats targeting AJ Bell and ensuring our defences provide and effective response. Key responsibilities: Reviewing and assessing Security Operations Centre alerts to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to More ❯