126 to 150 of 466 Vulnerability Management Jobs

through business development, recruitment, and thought leadership Coaching and mentoring consultants to develop the next generation of cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board level Track record of leading large-scale client engagements and delivery teams in consulting environments Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security) advantageous What You'll Receive Salary: £73,100 - £90,950 + benefits 25 days annual More ❯

the FS2 Program. The ISSO is responsible for meeting regulatory and non-regulatory compliance (security best practices) demands, providing leadership over security assessment activities, working across system ownership and management organizations to test security controls, policies, and procedures, providing program management support, team leadership, and participating in and coordinating the support as needed for security assessment and activities … achieve the proper levels of confidentiality, integrity, availability, and privacy protection throughout the system life cycle. The ISSO also assists with the execution, analysis, and remediation activities for the vulnerability management program (scanning, assessment, reporting, and mitigation verification) that spans different accreditation entities, three distinct classification domain enclaves (U), (S) and (TS), using the Nessus and Tenable-ACAS … vulnerability scanning tools. RESPONSIBILITIES: • Develops risk mitigation strategies that contribute to the effectiveness, efficiencies, and performance outcomes for strategic projects, program goals, and business processes. • Must be able to quickly respond to the needs for updates and maintenance of security documentation, especially System Security Plans, Plans of Actions and Milestones (POA&Ms); Security Impact Assessment for proposed system changes More ❯

System Administrator to support our customer's enterprise RedHat Linux environment. This role involves ensuring the stability, security, and performance of these systems while adhering to U.S. government risk management frameworks such as NIST 800-53. the administrator will handle system administration tasks, perform regular updates and security patches, troubleshoot and resolve issues, and develop robust backup and … various applications and services, ensuring comprehensive documentation and compliance with security protocols. Additionally, the subcontractor will assist in the development of Plans of Action and Milestone (POA&Ms), Risk Management Framework (RMF) and Risk Based Decisions (RBDs) for deficiencies found during the information system authorization process. Job duties include: Administer and optimize RedHat Linux systems, OpenShift, VMWare, and Cloudera … platforms including authentication, cluster management, user management, monitoring, performance and data management. Implement and enforce security measures to meet NIST 800-53 standards. Monitor system performance, troubleshoot issues, and perform regular maintenance. Manage system updates, patches, and upgrades to ensure system integrity. Develop and enforce backup and disaster recovery plans. Provide support for system configurations, user management More ❯

and logistics. Our people bring unparalleled expertise and dedication and we are always looking to expand our team. Consulting Services Group (CSG) is seeking a cybersecurity analyst to execute vulnerability scanning and remediation operations within a geographically dispersed enterprise environment. This role encompasses network planning, assessments, and documentation support for compliance and accreditation purposes. Duties/Tasks and Responsibilities … Assist in installation, configuration, and execution of vulnerability and compliance assessment tools including Tenable products like Security Center, Nessus, Nessus Agents, and other application assessment tools. Assists in execution of vulnerability and compliance scans. Perform assessments autonomously with minimal supervision. Ensure scan results are accurate and coordinate authentication and scan failure issues with internal stakeholders. Track software updates … and upgrades of all vulnerability assessment and compliance tools to ensure all systems managed by the team are secure. Assist, review, and maintain documentation including methods and procedures for each of the security boundaries and the scan infrastructure Build and maintain dashboards that present actionable data to leadership and stakeholders in an intuitive manner to include security and network More ❯

secure architecture patterns, reference architectures, and frameworks. Expertise in SaaS, PaaS, and IaaS environments, including platforms like AWS, Azure, M365, and Salesforce. Experience working with various identity and access management (IAM) solutions such as CyberArk, Okta, Ping Identity, Entra ID/Azure AD, and other tools supporting SSO, MFA, and PAM. Familiarity with tools like Jira, Confluence, and ServiceNow … for workflow management and documentation. Expertise in threat modeling, vulnerability management, and risk assessments. Working knowledge of regulatory requirements and compliance standards such as NYDFS, CCPA, GLBA, PCI-DSS, HIPAA, SOX, and GDPR. Relevant certifications such as CISSP, CCSP, or equivalent. Ability to work independently or collaboratively in a team-oriented environment. Bachelor's degree in a … knowledge of common network protocols, including TCP/IP, HTTP/HTTPS, DNS, SMTP, SNMP, SSH, and VPN technologies. Expertise in encryption technologies (e.g., TLS, AES, RSA) and key management practices (e.g., KMS, HSM, PKI). Familiarity with firewalls, IDS/IPS, WAF, VPN, Routers, Switches, Load Balancers, Zero-Trust, microsegmentation, and SD-WAN security solutions, CASB, Proxy, SSE. More ❯

phase. Review any incidents created in the projects service now queue and involve the appropriate teams to help fix them. Stakeholder Engagement: Ability to forge strong relationship with change management, project management team members. Work with end users to fix any bugs post deployment of solutions. Essential Experience Proven experience working as security engineer on large scale programmes … experience deploying Data classification using Microsoft Purview for a large enterprise. Experience collaborating with the Security Operations Centre (SOC) to optimise security monitoring, response planning and execution. Understanding of vulnerability management and threat landscape detection and remediation. Proven experience in being part of Disaster Recovery and Business continuity testing for critical applications. Ability to perform basic Active directory … administration tasks for project work such as user, group and Group policy updates. Essential Technical Skills & Qualifications Experience of the M365 security stack : Microsoft Purview, Microsoft Entra ID, Device management using Intune, Identity Governance. Cloud Security (Tenable, CyberArk, MDR,VPN) Knowledge of best practices and procedures related to Cyber Essentials, UK DPA/GDPR Desirable Experience Proficiency in configuring More ❯

requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk … WILL YOU DO? "Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective information on cyber risks for IT and business management with both summary and detailed reporting Assess risk within subject specialty area to evaluate the design and effectiveness of security controls Work collaboratively with all Lines of Defense, coordinate … the control operation. Provide insight and classify data to assess Risk assessments Coordinate the completion of risk mitigating actions and providing status updates of all issues statuses to senior management Investigates large or repetitive loss events impacting the division to assess for potential systemic weaknesses and to ensure appropriate corrective action is taken. Provide insight and classify data to More ❯

techniques. 4. Demonstrated experience with cyber security principles for Linux, Windows, virtual platforms, networking, and Cloud. 5. Demonstrated experience with network architectures and fundamentals. 6. Demonstrated experience developing risk management methodologies. 7. Demonstrated experience analyzing test results to develop risk and threat mitigation plans. 8. Demonstrated experience with market-leading vulnerability management tools including the ability to … deploy, configure, and run these tools. 9. Demonstrated experience with vulnerability concepts and prevalent vulnerability types such asSQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), path traversals, denial of service (DoS), buffer overflows, command injection, race conditions, open redirects, privilege escalation, authentication bypasses, XML External Entity (XXE) attacks and similar. 10. Demonstrated experience with privilege … and high/low trust boundaries and what defines a vulnerability vs. weakness. 11. Demonstrated experience with vulnerability and risk scoring frameworks and methodologies such as CVSSv2 and CVSSv3. 12. Demonstrated experience with vulnerability repositories (NVD, CVE MITRE, and VULdb) and exploitation techniques (MITRE ATT&CK and DEFEND 13. Demonstrated experience with web application (OWASP) and OS More ❯

in cybersecurity 3+ years of experience in systems, network, or cloud administration Proven track record in IT networking, network security, cloud infrastructure, and SaaS tools Background in risk and vulnerability management Strong written and verbal communication skills in English Experience building relationships in a professional, client-facing context Technical Skills: Network Security: Deep knowledge of network architectures, firewalls … and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting Skills: Risk Management: Ability to assess, prioritize, and manage security risks aligned with client needs Strategic Planning: Capable of developing and executing end-to-end security strategies Communication: Strong ability to convey … complex security concepts to non-technical audiences Problem-Solving: Analytical mindset with a proactive approach to identifying and resolving issues Project Management: Skilled in managing and delivering on technical security projects Client Relationship Management: Adept at maintaining long-term client partnerships through trust and value delivery Training & Mentoring: Able to educate junior staff and clients on cybersecurity best More ❯

Vulnerability Engineer/Manager to join a highly professional established security ops SOC team. You will lead Vulnerability ensuring identification, assessment and remediation of security vulnerabilities across infrastructure, applications and systems. Working with SOC analysts leading the end to end vulnerability management lifecycle, manage and optimise vulnerability scanning tools such as Tenable and Nessus. Regularly … scan networks, systems and applications for security vulnerabilities. Must have 3+ years cyber security experience and at least 2 yrs focusing on vulnerability management. Familiar with threat and standards such as CVSS, NIST, MITRE ATT&CK. This is an excellent opportunity working for an award winning MSP working on exciting projects. You will develop and maintain vulnerability policies More ❯

in aligning on best practice, and delivering improvements in our security posture. Key Responsibilities Assuring day-to-day execution of operational security tasks across multiple areas including threat and vulnerability management, anti-virus management, security monitoring etc. Helping design and deliver improved security tooling across all areas of cyber security (DR design and testing, End user tooling … across the business Protecting the data entrusted to us by our clients at all times Requirements Managing technical risks and proposing solutions and recommendations Security Operations procedures, i.e. Incident management and response Configuring, optimising and reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but experience of … Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to suit you and your lifestyle! Out of a More ❯

and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the … Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System (ISMS), ideally to the 2022 standard. Security architecture & Secure by Design: Strong understanding and experience of secure software development lifecycles (SDLC) and embedding security by design into product … development processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO More ❯

and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the … Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System (ISMS), ideally to the 2022 standard. Security architecture & Secure by Design: Strong understanding and experience of secure software development lifecycles (SDLC) and embedding security by design into product … development processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO More ❯

resolving system and application faults and errors Ensuring operating systems and applications comply with Department of Defense (DoD) guidelines, including DISA Security Technical Implementation Guide (STIG) and Information Assurance Vulnerability Management (IAVM) bulletins What's In It For You Competitive wages Medical and dental benefits 401k plan Paid time off Rewards & recognition US Citizenship Requirement Pursuant to a … experience, or MS degree with 10+ years of related IT experience Desired Skills: Experience with Teamcenter SOA Gateway Experience with Agile Software Development using Jira Knowledge of software configuration management using GitHub Strong communication and presentation skills to articulate solution ideas Experience advising and consulting with management Effective project management and prioritization skills for handling multiple assignments … Collaboration with vendors for server technology implementation Tenacious documentation of activities, status, and issues worked Knowledge of Microsoft Active Directory, GPOs, DHCP, DNS, and PowerShell General understanding of antivirus, vulnerability scanning, and SIEM tools Preferred Education, Experience, & Skills (Not required but will increase consideration for the position): Teamcenter Application and/or Database Administration experience AWS or similar cloud More ❯

available, you will be able to commute to your nearest site ideally twice a week. As the Website Platform Manager you will be responsible for the end-to-end management, performance, and evolution of our global website platform, which combines a headless CMS with an integrated Logik-powered product hub. You will ensure the platform delivers a seamless, high … and meets enterprise performance, security, and scalability standards. Responsibilities of our Website Platform Manager Platform Ownership Serve as the primary owner for the global website platform, overseeing its content management system, product hub integration, and related services. Maintain the platform roadmap, balancing global business priorities, regional needs, and technical improvements. Business continuity planning. Technical Oversight Liaise with development partners … content publishing, quality standards, and approval workflows. Provide CMS training and support for global and regional content teams. Data privacy (GDPR/CCPA) and cookie & consent management. Domain & DNS Management (e.g SSL certification) Cyber security operations including vulnerability management and penetration testing. Regulatory compliance in local markets. Code quality & security including release management and change controls. More ❯

role offers a chance to make a real impact by ensuring the integrity and resilience of the company’s IT environment against evolving cyber threats. Key Responsibilities: Support incident management and security response efforts, providing expertise to address and resolve security incidents quickly and effectively. Perform regular security checks, including daily, weekly, and monthly monitoring of systems and resolving … security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk identification, and mitigation. Knowledge of security auditing and security incident response processes. Experience with event and log analysis to monitor and assess security risks. Solid understanding of … make an impact in a global organisation, apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

employee at M.C. Dean, you will join forces with more than 5,800 professionals who engineer and deploy automated, secure and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together, we transform the way complex, large-scale systems are designed, delivered, and sustained-enhancing client outcomes, improving lives, and changing the … systems Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conducting ICS/SCADA system inventories following DoD guidance Conducting vulnerability scanning and document system vulnerabilities Supporting ISO standardization and Quality inspections Participating in continuous improvement of organizational cybersecurity posture Provide system security engineering services and/or products to … trusted relations among external systems and architectures. Assess and mitigate system security threats/risks throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Review assessment and accreditation (A&A) documentation, provide feedback on completeness and compliance of its content. Apply system security engineering More ❯

security in a dynamic and mission-critical environment? As a Cyber Engineer, you will work on developing and implementing advanced cyber defense technologies, securing sensitive systems, and supporting risk management processes. You will ensure compliance with cybersecurity frameworks, lead cyber testing initiatives, and contribute to obtaining and maintaining Authority to Operate (ATO) within secure systems. What You'll Do … Cyber Artifacts Management: Manage and assess cyber artifacts to ensure proper documentation and readiness for cyber assessments. • Cyber Testing: Develop, execute, and analyze cyber testing efforts including penetration tests, vulnerability assessments, and cybersecurity audits. • Risk Management Framework (RMF) Implementation: Guide and support the implementation of the RMF process, including categorizing information systems, selecting security controls, and managing … Security Technical Implementation Guides (STIGs) and maintain up-to-date security configurations. • Obtain ATO: Coordinate efforts across teams to prepare systems for ATO through proper documentation, risk assessments, and vulnerability remediation. • Collaboration: Work closely with program managers, engineers, and clients to ensure alignment with project goals and compliance with cybersecurity best practices. • Documentation & Reporting: Assist in the creation of More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯

threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection … incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability to work independently and thrive in a 24/7 on-call More ❯