Selby, England, United Kingdom Hybrid / WFH Options
Drax
vulnerabilities, assess their impact, and prioritize responses accordingly. Incident Response: Developing and implementing incident response plans for handling cyber incidents in OT environments, including containment, eradication, and recovery procedures. VulnerabilityManagement: Identifying and assessing vulnerabilities in OT systems and coordinate with relevant teams to remediate them. Security Assessment: Conducting security assessments and facilitate penetration testing of OT systems … level of attention to detail, be self-motivated and have the ability to think outside the box when working on complex problems. This role requires strong communication and stakeholder management skills, with the ability to influence beyond your sphere of control. Rewards and benefits As you help us to shape the future, we’ve shaped our rewards and benefits More ❯
deployments. Provide technical support with risk assessments on PHI, and steering improvements to our environment in line with common standards such as NIST. Support External Penetration Testing and application vulnerability efforts, delivering assessments and prioritizing remediation activities across the organization. Be across Threat Intelligence relevant to our industry and geographic regions, and translating that to real world defenses for … Suite, Kali, Metasploit and such Scripting including the use of python, Powershell, bash or Javascript Securing networks, hosts, web applications and cloud native deployments Working with toolsets such as: vulnerabilitymanagement, firewalls, SIEM, PAM, IDS/IPS, EDR/XDR, WAF Working with code security controls such as SAST/DAST/IAST/RASP You should also More ❯
London, England, United Kingdom Hybrid / WFH Options
Fitch Group, Inc., Fitch Ratings, Inc., Fitch Solutions Group
department where innovation meets impact. Our team includes the Chief Data Office, Chief Software Office, Chief Technology Office, Emerging Technology, Shared Technology Services, Technology, Risk and the Executive Program Management Office (EPMO).Driven by our investment in cutting-edge technologies like AI and cloud solutions, we’re home to a diverse range of roles and backgrounds united by a … risk, financial crimes, or technology risk in enterprise environments. Ability to introduce AI/ML solutions to enhance productivity and compliance monitoring within employee engagement systems. History of leading vulnerabilitymanagement, issue remediation, and exception handling within a governance framework. Strong documentation and policy development skills, capable of aligning business unit security practices with corporate standards. Passion for More ❯
Eastbourne, England, United Kingdom Hybrid / WFH Options
AxisOps
backup strategy Write markdown-based SOPs, runbooks, and infra playbooks that are used, tested, and evolved Work in regulated environments , including audit trail design, SBOM production, and CI-driven vulnerability/pentest workflows Collaborate closely with software engineers to make infrastructure serve delivery, not slow it down Note: this role requires you to work from our Eastbourne (UK) office … infra-as-code tooling Real-world experience operating hybrid environments (on-prem, AWS, Azure) Strong networking fundamentals: routing, firewalls, VPNs, switching A security-first mindset, with practical exposure to vulnerabilitymanagement and secure provisioning Clear written communication – your runbooks don’t need walkthroughs Familiarity with datacentre hardware: racking, patching, switch config, server diagnostics Proactive problem-solving skills and More ❯
London, England, United Kingdom Hybrid / WFH Options
Fitch Ratings
department where innovation meets impact. Our team includes the Chief Data Office, Chief Software Office, Chief Technology Office, Emerging Technology, Shared Technology Services, Technology, Risk and the Executive Program Management Office (EPMO). Driven by our investment in cutting-edge technologies like AI and cloud solutions, we’re home to a diverse range of roles and backgrounds united by … risk, financial crimes, or technology risk in enterprise environments. Ability to introduce AI/ML solutions to enhance productivity and compliance monitoring within employee engagement systems. History of leading vulnerabilitymanagement, issue remediation, and exception handling within a governance framework. Strong documentation and policy development skills, capable of aligning business unit security practices with corporate standards. Passion for More ❯
Manchester, England, United Kingdom Hybrid / WFH Options
Smart DCC
design and implement all security controls. In-depth understanding of the cyber threat landscape and advanced adversary tactics. Expert knowledge and experience of Linux, Windows, Azure, AWS, Elastic Search, Vulnerabilitymanagement, and Mitre ATT&CK. Excellent experience with NW configuration, Routing, Transit Gateways, Private endpoints, and log collection specifically Cloud watch, Cloudtrail, and S3 buckets. About the DCC More ❯
Belfast, Northern Ireland, United Kingdom Hybrid / WFH Options
SMART - Mortgage Brokers / Life Advisers
including Microsoft technologies Your experience should include securing systems by deploying patches and antivirus products Working with network switches, firewalls and wireless access points Working with toolsets such as vulnerabilitymanagement, SIEM, PAM, IDS/IPS, EDR or DLP platforms Familiarity with IAM best practices, including Multi-Factor Authentication (MFA), Conditional Access, and Identity Governance. RBAC configurations and More ❯
Welwyn Garden City, England, United Kingdom Hybrid / WFH Options
Tesco UK
evolving threats. We focus on anticipating and mitigating risks by identifying emerging threats and reducing uncertainty. Our CTI team collaborates closely with internal teams, including Security Operations, Incident Response, VulnerabilityManagement, and Security Engineering, as well as external intelligence-sharing communities, to enhance detection, response, and our understanding of the global threat landscape. We are committed to continuous More ❯
Reading, England, United Kingdom Hybrid / WFH Options
Liberty Global
We’re looking for a Senior VulnerabilityManagement Analyst to join us in either Amsterdam, London or Reading In this role you will be working closely with one of our Operating companies, Telenet, which will mean regular visits to their site in Mechelen, Belgium. The Threat and VulnerabilityManagement team ensure effective prioritization and management of vulnerabilities to reduce risk of infection, remote execution and data exfiltration across the Liberty Global estate. The team's key role is to provide proactive and effective management of vulnerabilities to reduce the attack surface and improve the overall security posture of Liberty Global and their entities. As such the Threat & VulnerabilityManagement team are … looking for talented and passionate security professionals to join their team. As part of TVM our VulnerabilityManagement Analysts focus on delivering the end-to-end vulnerabilitymanagement process, including proactive monitoring and scanning of threats and vulnerabilities in order to protect and defend Liberty Global's interests. With vulnerabilities impacting network, endpoint, and cloud in More ❯
London, England, United Kingdom Hybrid / WFH Options
Liberty Global
We’re looking for a Senior VulnerabilityManagement Analyst to join us in either Amsterdam, London or Reading In this role you will be working closely with one of our Operating companies, Telenet, which will mean regular visits to their site in Mechelen, Belgium. The Threat and VulnerabilityManagement team ensures effective prioritization and management … of vulnerabilities to reduce the risk of infection, remote execution, and data exfiltration across the Liberty Global estate. The team's key role is to provide proactive and effective management of vulnerabilities to reduce the attack surface and improve the overall security posture of Liberty Global and their entities. As such, the Threat & VulnerabilityManagement team is … looking for talented and passionate security professionals to join their team. As part of TVM, our VulnerabilityManagement Analysts focus on delivering the end-to-end vulnerabilitymanagement process, including proactive monitoring and scanning of threats and vulnerabilities in order to protect and defend Liberty Global's interests. With vulnerabilities impacting network, endpoint, and cloud in More ❯
Bath, Somerset, South West, United Kingdom Hybrid / WFH Options
Sanderson Recruitment
Infrastructure Security Analyst, SCCM, Vulnerability, Patch management, Qualys/Nessus Our client, a leading private sector business based in Bath, is looking to hire contractor with a background in infrastructure and related security. The successful candidate will be responsible for ensuring security and integrity for our clients IT infrastructure, taking responsibility for patching and vulnerability remediation for … patches to Windows servers to address vulnerabilities, ensuring compliance with security policies. Manage patching windows and downtime coordination with various business units to minimize disruption during updates. Monitor patch management systems to ensure all systems are up to date and protected from security threats. Server hardening to Windows systems, both physical and virtual. Maintain accurate documentation of remediation activities … incident response by applying emergency patches and remediations Contribute to disaster recovery and business continuity plans Skills and experience required: - Windows server including patching processes Server/security hardening. Vulnerabilitymanagement tools e.g. Nessus, Qualys, for conducting vulnerability assessments Hands-on experience in patch management systems - SCCM, WSUS, or Azure Update Management - for deploying patches More ❯
Edinburgh, Midlothian, Scotland, United Kingdom Hybrid / WFH Options
Lorien
to-end delivery of large cyber security projects, ensuring alignment with business and regulatory requirements. Coordinate cross-functional teams across infrastructure, cloud, and security domains. Oversee project planning, risk management, reporting, and stakeholder engagement. Ensure effective implementation of security controls and best practices across networks, cloud platforms, and infrastructure. Support vulnerabilitymanagement and firewall/security configuration … initiatives. Required Experience & Skills: Proven experience managing large-scale Cyber Security projects. Strong understanding of Networks, VulnerabilityManagement, Cloud Security, and Firewalls . Experience working in regulated environments, ideally financial services. Excellent communication and stakeholder management skills. Ability to work in a fast-paced, delivery-focused environment. If you're a delivery-focused Cyber Security Project Manager More ❯
Hounslow, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
leading Microsoft Teams-based walkthroughs with control owners Reviewing supporting documentation and evidence Conducting detailed control assessments Documenting findings in Word templates and updating Excel trackers Reporting outcomes to management and stakeholders Controls to Test: 55 prioritized key controls across multiple business units Control Domains: You will test across various domains, including: Perimeter Security: Networks, Devices, Threat Monitoring, Malware … Protection Critical Applications: Change Management, Secure Development, Access Management Resilience: Continuity Planning, Crisis Response, VulnerabilityManagement Financial Control Framework: ITGCs, Access Management, Change Management Qualifications and Skills: Certifications: CISA (essential); CISM, CISSP, ISO27001, COBIT, ITIL (highly desirable) Experience: Strong background in IT controls testing, preferably within financial services Skills: Excellent communication, documentation, and stakeholder More ❯
London, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
leading Microsoft Teams-based walkthroughs with control owners Reviewing supporting documentation and evidence Conducting detailed control assessments Documenting findings in Word templates and updating Excel trackers Reporting outcomes to management and stakeholders Controls to Test: 55 prioritised key controls across multiple business units Control Domains: You’ll be testing across a wide range of domains including: Perimeter Security – Networks … Devices, Threat Monitoring, Malware Protection Critical Applications – Change Management, Secure Development, Access Management Resilience – Continuity Planning, Crisis Response, VulnerabilityManagement Financial Control Framework – ITGCs, Access Management, Change Management What We’re Looking For: Certifications: CISA (essential); CISM, CISSP, ISO27001, COBIT, ITIL (highly desirable) Experience: Strong background in IT controls testing, ideally within financial services More ❯
Brighton, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
leading Microsoft Teams-based walkthroughs with control owners Reviewing supporting documentation and evidence Conducting detailed control assessments Documenting findings in Word templates and updating Excel trackers Reporting outcomes to management and stakeholders Controls to Test: 55 prioritised key controls across multiple business units Control Domains: You’ll be testing across a wide range of domains including: Perimeter Security – Networks … Devices, Threat Monitoring, Malware Protection Critical Applications – Change Management, Secure Development, Access Management Resilience – Continuity Planning, Crisis Response, VulnerabilityManagement Financial Control Framework – ITGCs, Access Management, Change Management What We’re Looking For: Certifications: CISA (essential); CISM, CISSP, ISO27001, COBIT, ITIL (highly desirable) Experience: Strong background in IT controls testing, ideally within financial services More ❯
Reading, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
leading Microsoft Teams-based walkthroughs with control owners Reviewing supporting documentation and evidence Conducting detailed control assessments Documenting findings in Word templates and updating Excel trackers Reporting outcomes to management and stakeholders Controls to Test: 55 prioritised key controls across multiple business units Control Domains: You’ll be testing across a wide range of domains including: Perimeter Security – Networks … Devices, Threat Monitoring, Malware Protection Critical Applications – Change Management, Secure Development, Access Management Resilience – Continuity Planning, Crisis Response, VulnerabilityManagement Financial Control Framework – ITGCs, Access Management, Change Management What We’re Looking For: Certifications: CISA (essential); CISM, CISSP, ISO27001, COBIT, ITIL (highly desirable) Experience: Strong background in IT controls testing, ideally within financial services More ❯
Guildford, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
leading Microsoft Teams-based walkthroughs with control owners Reviewing supporting documentation and evidence Conducting detailed control assessments Documenting findings in Word templates and updating Excel trackers Reporting outcomes to management and stakeholders Controls to Test: 55 prioritised key controls across multiple business units Control Domains: You’ll be testing across a wide range of domains including: Perimeter Security – Networks … Devices, Threat Monitoring, Malware Protection Critical Applications – Change Management, Secure Development, Access Management Resilience – Continuity Planning, Crisis Response, VulnerabilityManagement Financial Control Framework – ITGCs, Access Management, Change Management What We’re Looking For: Certifications: CISA (essential); CISM, CISSP, ISO27001, COBIT, ITIL (highly desirable) Experience: Strong background in IT controls testing, ideally within financial services More ❯
Feltham, England, United Kingdom Hybrid / WFH Options
Sanderson Government & Defence
commercial sectors collaborating with stakeholders and engineers across the business. The organisation is seeking an experienced Cyber Security Engineer with security clearance to support critical national security functions, including vulnerabilitymanagement, endpoint protection, and incident response, within a highly secure environment. Role Overview: This is a hands-on engineering role requiring the delivery of endpoint security engineering activities … of the initial project, cannot be dual national . What we're looking for: Strong understanding of modern endpoint security and hardening practices Familiarity with NIST security controls and vulnerabilitymanagement processes Practical experience with tools such as Ivanti, Trellix, SonarQube, Nessus, or Trivvy Comfortable working within Agile or Scrum environments Excellent written and verbal communication skills, with … Professionals who value collaboration and are comfortable working closely with a range of stakeholders. Those with a growth mindset, intellectual curiosity, and a personable, team-oriented approach. Key Responsibilities: Vulnerability Scanning & Reporting Conduct regular scans using tools such as SonarQube, Trivvy, and Nessus Generate and analyse vulnerability reports; support the Vulnerability & Patch Manager Endpoint Security Maintain and More ❯
London, England, United Kingdom Hybrid / WFH Options
Sanderson Government & Defence
commercial sectors collaborating with stakeholders and engineers across the business. The organisation is seeking an experienced Cyber Security Engineer with security clearance to support critical national security functions, including vulnerabilitymanagement, endpoint protection, and incident response, within a highly secure environment. Role Overview: This is a hands-on engineering role requiring the delivery of endpoint security engineering activities … of the initial project, cannot be dual national . What we're looking for: Strong understanding of modern endpoint security and hardening practices Familiarity with NIST security controls and vulnerabilitymanagement processes Practical experience with tools such as Ivanti, Trellix, SonarQube, Nessus, or Trivvy Comfortable working within Agile or Scrum environments Excellent written and verbal communication skills, with … Professionals who value collaboration and are comfortable working closely with a range of stakeholders. Those with a growth mindset, intellectual curiosity, and a personable, team-oriented approach. Key Responsibilities: Vulnerability Scanning & Reporting Conduct regular scans using tools such as SonarQube, Trivvy, and Nessus Generate and analyse vulnerability reports; support the Vulnerability & Patch Manager Endpoint Security Maintain and More ❯
leading Microsoft Teams-based walkthroughs with control owners Reviewing supporting documentation and evidence Conducting detailed control assessments Documenting findings in Word templates and updating Excel trackers Reporting outcomes to management and stakeholders Controls to Test: 55 prioritised key controls across multiple business units Control Domains: You’ll be testing across a wide range of domains including: Perimeter Security – Networks … Devices, Threat Monitoring, Malware Protection Critical Applications – Change Management, Secure Development, Access Management Resilience – Continuity Planning, Crisis Response, VulnerabilityManagement Data Controls – Protection, Loss Prevention, Retention, Accuracy Financial Control Framework – ITGCs, Access Management, Change Management What We’re Looking For: Certifications: CISA (essential); CISM, CISSP, ISO27001, COBIT, ITIL (highly desirable) Experience: Strong background in More ❯
London, England, United Kingdom Hybrid / WFH Options
som3 Recruitment
expand its technical team with the addition of a Junior Consultant. Specialising in preventative cybersecurity, the organisation helps clients improve their IT cleanliness through services such as patch and vulnerabilitymanagement, product engineering, and project delivery. With clients ranging from mid-sized businesses to enterprises of over 100,000 employees, the consultancy has built a reputation for delivering … driven workflows, a broad range of technologies, and mentoring from highly experienced professionals. Key Responsibilities Support technical delivery across cybersecurity and IT hygiene-focused projects Assist with patch and vulnerabilitymanagement implementations Collaborate with internal and client teams to troubleshoot and resolve issues Maintain clear and structured documentation Participate in the design and automation of IT/security … abilities Experience in large or enterprise-scale organisations Familiarity with scripting languages such as PowerShell, Bash, or Python Understanding of automation tools (e.g. Ansible, Chef) Exposure to patch and vulnerabilitymanagement tools or frameworks Knowledge of basic networking concepts (TCP/IP, DNS, DHCP, firewalls) Awareness of platforms like Tanium or other systems management tools Experience with More ❯
London, England, United Kingdom Hybrid / WFH Options
Copello
+ Package A new opportunity has arisen to join a global leader in defence and aerospace and work on the design and development of new infrastructure for naval platform management systems. Your work will be focused on both Operational Technology and Information Technology in a position well suited to an engineer with a background in both Industrial Control Systems … and Infrastructure Engineering. The Role You will contribute to the integration of IT and OT systems and the management of particular IT assets within the development environment. You will play a significant role in ensuring and maintaining alignment to compliance standards (ISO27001 and IEC62443) as well as improving the security posture around relevant assets through advising on protection techniques … network security. Requirements This role would suit an Infrastructure Engineer with an ICS background (incl. PLCs and SCADA) who has experience in IT and OT integration and IT asset management experience. Prior experience with ISO27001 or IEC62443 would be highly advantageous but engineers with a broad understanding of cyber security and vulnerabilitymanagement would certainly be considered. More ❯
Manchester, England, United Kingdom Hybrid / WFH Options
bet365
Information Security Analyst (Manchester) Information Security Analyst (Manchester) An Information Security Analyst, who will work within our vulnerabilitymanagement team, which focuses on the technical side, ensuring IT systems are operated in a secure manner. The Information Security department monitor our live operation, creating and reacting to alerts and other anomalies identified through automated tools or manual analysis. … The vulnerabilitymanagement (VM) function covers two high-level areas, including owning the processes and schedules relating to the vulnerability scanning of all endpoints in the Business. You will review the results in terms of risk and impact assessment, additionally you will own the scheduling of, and planning for specialist third-party vulnerability and penetration testing … home policy. Preferred skills and experience Good understanding of the general principles, practices and technologies of Information and cyber scurity. Ability to demonstrate hands-on technical experience of conducing vulnerability scanning, evaluation of results and articulation of the risk vulnerabilities may pose. Experience of security related technical investigations. Working knowledge of industry standard information security practices. Knowledge of developments More ❯
Havant, Hampshire, United Kingdom Hybrid / WFH Options
Reed Technology
month FTC (with likely extension to permanent) Salary: 50 - 53K plus benefits We are seeking a Cyber Security Specialist to lead the implementation of a new Information Security Management System (ISMS) and ensure compliance with security standards. This role is crucial in driving security improvements, managing risks, and maintaining regulatory compliance within a dynamic IT environment of circa … IT users. Key Accountabilities: * Lead the implementation of a new ISMS, ensuring alignment with industry security standards. * Develop and maintain cyber security policies, procedures, and risk management frameworks. * Manage compliance with cyber security regulations, standards, and frameworks (ISO27001, CAF/eCAF, Cyber Essentials Plus). * Implement and manage security monitoring tools to detect and respond to security events. * Identify … with hands-on involvement in ensuring compliance to security frameworks (ISO27001, NIST, eCAF). * Proven experience in implementing security systems and/or monitoring tools. * Strong knowledge of SIEM, VulnerabilityManagement, Threat Intelligence, and IAM systems. * Experience contributing to enterprise-level security initiatives and aligning with industry standards. * Strong collaboration skills, including experience working with IT Operations teams More ❯
Havant, Hampshire, South East, United Kingdom Hybrid / WFH Options
Reed Technology
month FTC (with likely extension to permanent) Salary: 50 - 53K plus benefits We are seeking a Cyber Security Specialist to lead the implementation of a new Information Security Management System (ISMS) and ensure compliance with security standards. This role is crucial in driving security improvements, managing risks, and maintaining regulatory compliance within a dynamic IT environment of circa … IT users. Key Accountabilities: * Lead the implementation of a new ISMS, ensuring alignment with industry security standards. * Develop and maintain cyber security policies, procedures, and risk management frameworks. * Manage compliance with cyber security regulations, standards, and frameworks (ISO27001, CAF/eCAF, Cyber Essentials Plus). * Implement and manage security monitoring tools to detect and respond to security events. * Identify … with hands-on involvement in ensuring compliance to security frameworks (ISO27001, NIST, eCAF). * Proven experience in implementing security systems and/or monitoring tools. * Strong knowledge of SIEM, VulnerabilityManagement, Threat Intelligence, and IAM systems. * Experience contributing to enterprise-level security initiatives and aligning with industry standards. * Strong collaboration skills, including experience working with IT Operations teams More ❯