9 of 9 Vulnerability Management Jobs in the West Midlands

tooling is optimised Provide advice and support to business units on security best practice and control implementation What We’re Looking For Hands-on experience with security tooling (EDR, vulnerability scanning, access control) Familiarity with Security frameworks such as NIST, PCI-DSS, and GDPR Experience working with Microsoft environments (O365, Azure) Clear communicator, able to engage with both IT … role, and wants to take on broader responsibilities Has been the security point-person in an IT team, leading on patching or endpoint protection Has hands-on experience with vulnerability management tools like Tenable, and is ready to play a bigger role in shaping how security tools are implemented and optimised across the business. This is a chance More ❯

all certification activities related to ISO 27001:2022. Ensure that any business changes, acquisitions, or transformations are accounted for within the scope of certification, through proactive risk identification and management with IT assets owners. Development and championing all Information Security Policies, Procedures and relevant standards, and produce supporting documentation and training material to ensure organizational compliance. Orchestrate continual improvement … and promote security best practices across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of Three Lines of Defence Model … and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we work in. • We're passionate about giving back to society, leaving the world a better More ❯

and Operational Technology (OT) environments. This is a hands-on, technically rich role where you will work with a wide range of security tools and collaborate with threat intelligence, vulnerability management, and incident response teams. You will engineer solutions to mitigate threats, automate detection and response, and ensure our systems remain secure, resilient, and compliant. Why you'll … IT and OT environments. Strategic Contribution - Influence the development of new controls and support the delivery of Cadent's cyber security strategy. Cross-Team Collaboration - Partner with threat intelligence, vulnerability analysts, and incident responders to enhance our defences. Continuous Improvement - Engineer solutions for unpatchable vulnerabilities and automate detection and response processes. National Impact - Help protect the systems that keep More ❯

our organisation's data and IT infrastructure. This role focusses on the operational aspects of data protection - from technical risk assessments and secure system configuration reviews to incident response, vulnerability remediation tracking, and regulatory compliance audits. You will work closely with engineering, DevOps, and IT teams to embed privacy and information security controls into our technology stack. This is … a full-time position. Occasional after-hours work may be required to support incident response, high-priority vulnerability fixes, or audit activities. Develop and implement data protection governance: Design, implement, and enforce data protection and information security policies and procedures aligned with business objectives and regulatory requirements Support the development of strategies to mitigate and monitor data protection risks … a strategy to mitigate, manage, and monitor data protection risks and incidents Work collaboratively with other departments to ensure the alignment of security efforts with wider business objectives Risk management: Identify, assess, and document data protection risks across systems and processes Support administration of data protection systems and risk reporting. Provide advice and guidance to teams on how to More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

major incidents to determine the affected/vulnerable systems, affected/vulnerable users Identify any business areas impacted and coordinate communications with all relevant stakeholders as per Major Incident Management process. Coordinate the remediation and containment activities as advised by either the NTT DATA SOC or Incident Response Team. Oversee, support, and manage through to completion the investigative and … Manager in review of any service delivery processes and workflows, identifying areas for optimization and implementing best practices. Co-ordinate the running and reporting of a risk-based vulnerabilities management including: Scanning systems, networks, and applications to detect potential security weaknesses. Prioritize vulnerabilities based on their risk level, potential impact, and the criticality of the affected assets, ensuring that … challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise: At least 10 years of experience in providing technical support and advice for a Security More ❯

Centurum is seeking a Computer Security System Specialist who will provide expertise following the Risk Management Framework (RMF) and applying it across program and system cybersecurity activities. Apply federal and agency policies to cybersecurity processes, documentation, and continuous monitoring. Assist with preparing packages for system Authority to Operate (ATO). Perform Assessment and Authorization (A&A) and Independent Verification … and Validation (IV&V) tasks. Manage and update cybersecurity documentation and artifacts and post them in required data repositories. Perform system scans and vulnerability management. Manage system Plan of Action and Milestones (POA&Ms). Ensure access controls and elevated user privileges are monitored and tracked. Assist with cyber inspections, audits, and readiness reviews. This will be a hybrid … DoD security clearance. Required Experience: Six (6) years of information assurance/cybersecurity experience with military automated information systems and information technology. (Substitution: None) Working knowledge of the Risk Management Framework (RMF) for Information Technology. (Substitution: None) Certification: Information Assurance Manager level II EOE M/F/Disability/Veteran Benefits Full-time employees are eligible for the More ❯

operation of the infrastructure estate, including but not limited to: Server OS Patch Management. Virtualisation (VMWare) Group Policy. M365 (including exchange online). Active Directory/Entra ID Server Vulnerability Management. Providing on site “eyes” & “hands” for the Network team to support the swift resolution of network related incidents at manufacturing sites. Make sure operational services, hardware and software More ❯

CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/CD More ❯