1 to 25 of 312 Vulnerability Assessment Jobs

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and compliance . Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The … into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python, Terraform, Ansible, or CloudFormation . Develop security automation scripts for vulnerability scanning and patch management . Collaboration & Knowledge Sharing Provide guidance and best practices to internal teams on cloud security. Work closely with developers, DevOps, and compliance teams to align More ❯

Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. … Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD More ❯

security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery … Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security tools such as SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI More ❯

to: • Provide expertise and recommendations in applying security requirements to complex combatant command projects, identifying gaps, and while integrating new technologies. • Develop secure system architectures and hardening solutions. • Conduct vulnerability assessments, security testing, and continuous monitoring. • Implement security controls per RMF and NIST guidelines. • Support risk assessments and incident response efforts. • Ensure security policies and best practices are integrated … staff. • Apply security controls and all technical mechanisms required by DoD RMF/Joint Special Access Program Implementation Guide (JSIG)/and Intelligence Community (IC) Directives and building security assessment procedures and evidence for assessment by Authorizing Officials of body of evidence. • Engineering, administration, and configuration of Nessus scans and policies, Trellix/McAfee back end and policies … technical certification) is required o Cloud Service Provider Associate Certification (AWS, Azure, Oracle, or Google) • Excellent oral, written, and interpersonal communication skills. • Expertise in building bodies of evidence and assessment and authorization packages/activities within DoD and IC environments, specifically Special Access Programs. • The ability to work under pressure and meet deadlines in a rapidly changing and demanding More ❯

with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security … Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform Root Cause Analysis Experience with vulnerability assessments Ability to discover, design and document security implementations. Strong networking skills. Good understanding of securing Cloud technologies through native and multi-cloud technologies. Performed Ethic Hacking, Intrusion Prevention More ❯

with internal and external audits relating to information security. Conducting security awareness training and education for staff and users on best practices and emerging trends in cyber security. Use vulnerability management to improve Infinigate’s security landscape. Performing risk assessments and vulnerability scans to identify and mitigate potential threats to the network, devices, applications, and data. Complete security … Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform Root Cause Analysis Experience with vulnerability assessments Ability to discover, design and document security implementations. Strong networking skills. Good understanding of securing Cloud technologies through native and multi-cloud technologies. Performed Ethic Hacking, Intrusion Prevention More ❯

is a critical thinker with a strong technical background and a passion for safeguarding systems and data. Key Responsibilities: • Monitor, detect, and respond to security threats and incidents. • Conduct vulnerability assessments and risk mitigation. • Ensuring security updates are current across all systems • Implement and manage security tools (e.g., SIEM , endpoint protection). • Monitor for compliance with security standards such More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

play a critical role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security More ❯

Clearance Status: Must be Current JOB DESCRIPTION: Inferno Systems is currently looking for Penetration Tester positions with a minimum of 7+ years experience conducting technical security and/or vulnerability assessments. Please note the security clearance requirement above: candidates MUST have a current/active TS/SCI with Full Scope Poly to be considered. JOB SUMMARY: We are … law enforcement agencies. You should be able to use sophisticated techniques to identify vulnerabilities, exploit them, and gain and maintain access to targets. You will be performing offensive-like vulnerability assessments against network systems and IT infrastructure. You will identify weaknesses and recommend mitigation steps. You will draft assessment reports for review by senior management to implement your … computing environment and cloud security. • Demonstrated real world experience performing gray and black box penetration testing. • Strong familiarity with some of the following: OWASP top 10, DoD and NSA Vulnerability and Penetration Testing Standards. • Understanding of basic IP fundamentals and how protocols work • Ability to inspect and analyze new applications and traffic flows with the capability of breaking down More ❯

Disk Encryption for data protection. • Automation & Security Tools Utilize automation tools (e.g. ArgoCD) and DevSecOps principles to implement security into the CI/CD pipeline, ensuring that security testing, vulnerability scanning, and security checks are integrated into the entire software development lifecycle. Leverage Infrastructure as Code (IaC) tools such as Terraform, Bicep, or Azure Resource Manager (ARM) templates to … automate secure resource provisioning and configuration. • Security Monitoring & Incident Response Automate security tasks including vulnerability scanning, compliance checks, threat detection, and security monitoring using tools like Azure Sentinel, Azure Monitor, and Azure Defender. Develop and execute incident response plans for handling security breaches, including data exfiltration, DDoS attacks, or insider threats. • Disaster Recovery & Business Continuity Design and implement secure … recoverable in case of incidents. • Cost Management & Optimization Monitor cloud usage and costs, recommend optimization strategies, and help implement cost-effective cloud solutions while ensuring security and performance. • Risk Assessment & Management Conduct security risk assessments, vulnerability assessments, and penetration testing to identify weaknesses in Azure-based applications and infrastructure. Provide remediation strategies to address identified risks. • Collaboration & Leadership More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and more. Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The Role … ability to work collaboratively with clients and internal teams. Key Responsibilities Design, implement, and maintain security solutions to protect networks, applications, and data. Conduct security assessments, penetration testing, and vulnerability management. Monitor and respond to security incidents, ensuring swift mitigation and resolution. Develop and enforce security policies, procedures, and best practices. Perform security audits and risk assessments to identify … alignment with industry standards and regulations. Requirements Proven experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for security More ❯

is for you. What you will do: Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets. Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and driving remediation efforts. Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats. Investigate security breaches and incidents … the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong … capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP/IP, and core network security principles. Proficiency in scripting and programming (i.e. More ❯

assessing, and mitigating security risks across various platforms. The consultant will play a critical role in evaluating and strengthening our clients’ cybersecurity postures by conducting in-depth security assessments, vulnerability analysis, and developing comprehensive security strategies. RESPONSIBILITIES Conduct comprehensive penetration tests, vulnerability assessments, and security audits to identify risks and ensure compliance with industry best practices. Provide expert … reports on penetration testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such as Metasploit, Burp Suite, Nessus, and Wireshark. Strong … understanding of network protocols, firewall configurations, and secure network design. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) to automate tasks and streamline processes. Hands-on experience of vulnerability assessments, Incident response, penetration testing, threat hunting and compromise assessment. Experience collaborating with Sales teams as a pre-sale's cyber security consultant. Experience working in Energy or Construction industry More ❯

and remediate application and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication/authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE … tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to application security, vulnerability remediation, detection coverage, and incident response effectiveness. Support compliance initiatives (e.g., SOC … and log analysis. Proficient in log analysis, SIEM usage/configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially AWS-and cloud-native security practices. Experience conducting penetration tests, vulnerability assessments, and network scans. Excellent communication and collaboration skills More ❯

secure network architectures. Monitor network traffic for suspicious activity and respond to security incidents. Conduct regular network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of … are properly configured and updated. Evaluate and recommend new security tools and technologies to enhance security operations. Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and vulnerability assessments. Prepare reports for management and stakeholders. Collaboration: Work closely with other IT and Digital teams to ensure comprehensive security coverage. Provide security guidance to projects and programs as … solutions. Network Security: Strong understanding of network protocols, VPNs, and network security architecture. Incident Response: Ability to detect, analyse, and respond to security incidents, including forensics and malware analysis. Vulnerability Management: Experience in identifying, assessing, and mitigating vulnerabilities in systems and applications. Automation: Skills in scripting and automation for security tasks (e.g. Python, PowerShell). Information Security Frameworks: Working More ❯

full lifecyclefrom architecture to operations. Key Responsibilities: Implement and manage security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEMs, and endpoint protection Conduct threat and vulnerability assessments, penetration testing, and risk analysis activities Design and deploy security controls that align with enterprise architecture and regulatory requirements Support secure configuration and hardening of systems, applications, and More ❯

we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers. We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify, assess … applications. Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations. Coordinate the testing of patches prior to deployment to validate functionality and compatibility. Utilize vulnerability scanning tools to identify weaknesses in the IT environment. Analyze and prioritize vulnerabilities based on risk impact and business-criticality. Oversee and enforce best practice for security hygiene; access … reviews, vulnerability assessment, key rotation, etc Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner. Ensure compliance with regulatory requirements, internal policies, and industry standards related to patching and vulnerability management Generate reports on vulnerability status, patching progress, and key metrics for senior leadership and audit purposes. Act as a point More ❯

we utilise the best digital capabilities of the ServiceNow ITSM tooling product to provide the very best Experience to our Customers. We are seeking an experienced and results-driven Vulnerability & Security Compliance Lead who plays a critical role in ensuring the security and reliability of our customers IT infrastructure. This role is responsible for leading efforts to identify, assess … applications. Coordinate and implement regular patching cycles while minimizing downtime and disruption to business operations. Coordinate the testing of patches prior to deployment to validate functionality and compatibility. Utilize vulnerability scanning tools to identify weaknesses in the IT environment. Analyze and prioritize vulnerabilities based on risk impact and business-criticality. Oversee and enforce best practice for security hygiene; access … reviews, vulnerability assessment, key rotation, etc Collaborate with internal teams to remediate identified vulnerabilities in a timely and efficient manner. Ensure compliance with regulatory requirements, internal policies, and industry standards related to patching and vulnerability management Generate reports on vulnerability status, patching progress, and key metrics for senior leadership and audit purposes. Act as a point More ❯

As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be a part of the first line of defence in Experian's … departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending on the results of assessment, this team is then responsible for investigating, containing, eradicating, and recovering from events falling in its scope or escalating higher-risk events to dedicated incident response and management teams … security tools including Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch. System administration on Unix, Linux, or Windows Network forensics, logging, and event management Defensive network infrastructure (operations or engineering) Vulnerability assessment and penetration testing concepts Malware analysis concepts, techniques, and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS More ❯

and support to junior engineers and analysts on the team, fostering an environment of continuous learning and professional growth. QUALIFICATIONS 1. Demonstrated expertise in network security analysis, reverse engineering, vulnerability assessment, and exploit development. 2. Proficiency in programming languages such as Python, C, C++, and scripting languages relevant to CNO tasks. 3. Strong knowledge of networking protocols, operating More ❯

TS is looking for a Cybersecurity Analyst to support our efforts at DISA. Key Responsibilities: Detection/Monitoring : Continuously monitor and analyze systems for unusual activity and potential threats. Vulnerability Assessments : Conduct regular vulnerability assessments and penetration testing to identify and address security weaknesses. Incident Response : Investigate security breaches and other cybersecurity incidents, providing timely and effective responses. … operating systems (e.g., Windows, Linux). Strong knowledge of cybersecurity principles, tools, and techniques. Experience with security information and event management (SIEM) systems (e.g. Splunk). Proficiency in conducting vulnerability assessments using ACAS. Security or equivalent certification (DoD 8570 for IAT). Quick learner and team player. Desired Skills & Qualifications: IAT level III certification (CASP, CISA, CISSP, or GCIH More ❯

security related requests Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations … how IT Security tooling such as Firewalls, AV, Proxies and IDS/IPS operate Familiar with the Microsoft stack including desktops, servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing More ❯

Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate … Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. … Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI/CD More ❯