151 to 175 of 1,000 Vulnerability Management Jobs

Jobs via eFinancialCareers 1 day ago Be among the first 25 applicants Join to apply for the Analyst - Bloomberg role at Jobs via eFinancialCareers Our Team: The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure the confidentiality … integrity, and availability of Bloomberg systems and the data we process. We aim to ensure that our clients see us as a trusted partner. Our Team: The Threat and Vulnerability Management Team (TVM) is dedicated to making our systems and technologies as secure as possible. We protect Bloomberg. We partner with internal technical departments to ensure the confidentiality … and manage identified vulnerabilities through remediation. You will work directly with other cross-department security engineering and incident response teams to set strategic direction for our enterprise Threat and Vulnerability Management program. This is a team that drives company-wide initiatives to improve the effectiveness of Bloomberg's security posture. Analysts in this role must show exemplary judgment More ❯

Infrastructure and Security in the overall delivery and strategic oversight of all PayPoint Group IT security systems and services. This includes providing leadership for the Security Operations Center (SOC), Vulnerability Management and Security teams, ensuring alignment with organizational goals. Collaborating closely with the managers of the respective departments within the team, the successful candidate will offer guidance and … in defining and delivering IT security services across physical and cloud infrastructures, ensuring compliance with regulatory and organizational requirements. Provide strategic leadership and oversight for the Security, SOC and Vulnerability Management teams, enabling their success through effective planning, guidance, and support. Develop close working relationships with internal audit teams and act as the primary IT contact for all … of Infrastructure and Security. Mentor and guide team members, fostering professional growth and building a high-performing security function. Actively participate as a key member of the Cyber Security Management Team, contributing to the development and execution of the organization's cyber security strategy, policies, and initiatives. Play a leading role in the response to any cyber-related incidents More ❯

a crucial role in leading and managing complex Cyber Security projects, ensuring the successful execution of initiatives that safeguard our clients' organisations against evolving threats. Leveraging your extensive project management expertise and technical knowledge, you will partner with and contribute to the enhancement of the overall Cyber Security posture and resilience of our clients, collaborating with cross-functional teams … and resource allocation approaches. Conduct comprehensive risk assessments and develop mitigation strategies to address potential security threats and project risks. Utilise industry frameworks and standards to ensure robust risk management practices. Oversee and manage projects end-to-end in line with the Association for Project Management guidance. Manage projects such as Security Framework Audits and Implementation, Cyber Strategy … Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and clients, serving More ❯

individual with a passion for defending complex digital environments from sophisticated threats. The successful candidate will be part of a dedicated team responsible for executing and advancing a comprehensive Vulnerability Management Program supporting mission-critical systems in a high-security environment. Essential Duties and Responsibilities (but not limited to): • Conduct proactive cyber monitoring and vulnerability management activities across a diverse enterprise IT environment. • Support the execution of vulnerability scanning, analysis, reporting, and remediation efforts, using tools such as Tenable Security Center (or equivalent platforms). • Collaborate with cross-functional teams to drive vulnerability remediation plans and lead working groups to assess, prioritize, and track mitigation efforts. • Collect, analyze, and validate open-source intelligence … enterprise intrusion detection systems (IDS/IPS), host/network security tools, firewalls, HIPS, WAFs, and event correlation. • Proven experience in cybersecurity operations, including threat analysis, incident response, and vulnerability remediation across multiple OS platforms (Linux, Windows, Mac). • Technical expertise in at least one scripting/programming language: Python, PowerShell, Bash, C++, etc. • Familiarity with cyber threat intelligence More ❯

security policies and standards in production environments. Manage and maintain IT Risk Register. Coordinate client security audits and support external certifications (e.g., TPN). Conduct internal penetration tests and vulnerability assessments to proactively identify and mitigate security risks. Infrastructure & Systems Security Manage the firewall whitelisting and approval process. Oversee vulnerability and patch management workflows. Maintain sandbox and … from a security perspective. Develop user and technical security documentation and training resources. Document and maintain critical security and infrastructure policies, e.g., Incident Response Plan, Business Continuity Plan, Change Management Procedures, and Disaster Recovery Plan. Test and improve Disaster Recovery capabilities and identify process gaps. Physical & On-Set Security Manage and maintain physical security systems including CCTV, alarm, and … enterprise environment. Familiarity with enterprise information security standards such as Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR. Proficiency in Microsoft O365 Security solutions, Networking, Security operations, Vulnerability Management, and Security Auditing. Experience in security testing, vulnerability scanning, and risk management. Ability to create formal documents such as reports or procedures. Detailed knowledge of Microsoft More ❯

end-to-end delivery of cyber security projects, ensuring alignment with business goals and compliance requirements Work across InfoSec, IT, risk, and compliance teams to deliver initiatives such as vulnerability management, identity and access management (IAM), SIEM upgrades, and cloud security improvements Manage third-party vendors and internal stakeholders to ensure smooth project execution Develop and maintain … adhere to regulatory and governance frameworks Skills and Experience Proven track record delivering cyber security or information security projects in large, complex organisations Strong understanding of cyber risk, threat management, and technical security controls Excellent stakeholder management and communication skills Experience with governance, risk, and compliance frameworks (e.g., ISO 27001, NIST, GDPR) PRINCE2, PMP, or similar project management More ❯

your personal journey. Your Job Responsibilities: Drawing up security project plans : Develop comprehensive project plans for implementing security measures across IT systems, outlining the scope, objectives, and deliverables. People management for the members of the various (security) teams : Lead and manage security teams, ensuring effective collaboration and performance among team members. Planning the security project in terms of timeline … Ensuring that security solutions comply with standards and best practices : Ensure that all security solutions adhere to industry standards and best practices, including resilience patterns, monitoring, and postmortems. Stakeholder management : Proactively coordinate with various project stakeholders to understand their security needs and ensure their requirements are met throughout the implementation process. Regular coordination with the steering group : Maintain regular … provide updates and receive guidance on security projects. Coordination with suppliers and external partners : Collaborate with suppliers and external partners to ensure the successful implementation of security solutions. Change management : Implement change management processes to ensure smooth transitions and adoption of new security measures. Reporting : Prepare and present regular reports on security project progress, risks, and outcomes to More ❯

threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure. Oversee and enhance vulnerability management processes, focusing on strategic remediation, root cause analysis, and preventative measures. Contribute to the implementation of security automation across cloud infrastructure configuration, vulnerability management, and … with a focus on AWS cloud security and application security. Deep expertise in designing, implementing, securing, and managing AWS security services. Experience integrating security tooling (SAST, DAST, SCA, secrets management, IAST) within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Proven experience supporting secure software development lifecycle (SSDLC) practices and secure coding standards. Knowledge of web … attack vectors, and mitigation techniques. Experience securing Infrastructure as Code (Terraform) and implementing security checks. Experience with container security and Kubernetes/EKS security. Ability to contribute to vulnerability management programs, including triaging, root cause analysis, and remediation planning. Strong communication skills to articulate complex security concepts clearly. Knowledge of security frameworks and standards (e.g., NIST CSF, CIS More ❯

support the development and delivery of the products (whilst considering cyber resilience) with the ambition to meet the Secure by Design principles. You'll ensure the development, implementation, and management of security protocols, tools, and practices on maturing products meets the appropriate standards and Def Cons. Working closely with the Integrated Product Team (IPT) frameworks with specialists from other … wider Product IA and Security community across Leonardo Electronics UK, influencing corporate policies, processes and guidance. Managing architects such as the generation of Technical Risk Assessments, Security Design and Management Documentation, and Remediation Action Plans. As well as this, you'll oversee the generation and approval of Product Security and Information Assurance Management Plan; Product Design Reviews; generation … of Product Security deliverable information (Product Integrity certificates, product security cases.) What you will be doing as a Lead Security Engineer; Risk Management: Perform risk assessments to identify potential security risks and work product development teams to implement mitigations and preventive measures. Incident Response & Mitigation: Assess and maintain the Incident Response Plan, lead the response to security incidents and More ❯

procedures and practices. Solid technical knowledge and experience on security technologies (like Endpoint protection, Mobile Security, Data Protection, Cloud Security, etc.) and on cyber security capabilities (SIEM, SOC, CERT, Vulnerability Management, Threat intelligence etc.) Strong knowledge of main Information Security standards and framework (ISO27001, ISO22301, ISF, NIST, COBIT.) Good background in information management, with clear understanding of … the challenges of Information and IT security. A good understanding and experience of implementing information security within cloud-based environments. Experience and skills in the project management of corporate Information security projects. Excellent oral and written communications skills, as well as ability to present and explain information security in a way that establishes rapport, persuades others, and gains understanding … across the business (UK & Internationally as required) to ensure relevant and appropriate information security controls are applied to ensure both the departmental and business objectives are met. Liaise with management and business users, to understand business goals, priorities, and information needs, and to recommend information security practices and solutions in line with business requirements. Manage security assessments, based on More ❯

Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. Job responsibilities Ensure effective identification … quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations in Cloud environments Develop and maintain robust relationships, becoming a trusted partner with business technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals Execute reporting and governance of controls, policies, issue management, and measurements, offering senior … management insights into control effectiveness and inform governance work Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills Experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation Familiarity with risk management frameworks, industry More ❯

end-to-end delivery of cyber security projects, ensuring alignment with business goals and compliance requirements Work across InfoSec, IT, risk, and compliance teams to deliver initiatives such as vulnerability management, identity and access management (IAM), SIEM upgrades, and cloud security improvements Manage third-party vendors and internal stakeholders to ensure smooth project execution Develop and maintain … adhere to regulatory and governance frameworks Skills and Experience Proven track record delivering cyber security or information security projects in large, complex organisations Strong understanding of cyber risk, threat management, and technical security controls Excellent stakeholder management and communication skills Experience with governance, risk, and compliance frameworks (e.g., ISO 27001, NIST, GDPR) Knowledge of cloud security (Azure/ More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure. Oversee and enhance vulnerability management processes, focusing on strategic remediation, root cause analysis, and preventative measures. Contribute to drive implementation of security automation across cloud infrastructure configuration, vulnerability management, and … expertise in designing, implementing, securing, and managing a wide range of AWS security services . Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and supporting the adoption of … as Code (IaC), particularly Terraform, and implementing relevant security checks. Solid experience with container security and securing container orchestration platforms (Kubernetes/EKS). Proven ability contributing significantly to vulnerability management programs, including advanced triaging, root cause analysis, risk assessment, and strategic remediation planning. Strong communication and influencing skills, with the ability to articulate complex security concepts clearly More ❯

authorization Advise program managers on AO determination utilizing OVL documentation Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program Providing support regarding the agile authorization and OVL processes Provide independent risk analysis and recommendation Collaborate between the AO and the … other related degree fields (master's degree is preferred or at least 10 years of related experience) At least 10+ years of cybersecurity experience including a senior technical or management role, project or program management experience At least 1 IAT/IAM or equivalent security certifications ex. CISSP, CCSP, CISM, CISA, or CASP Must have an active TS …/SCI security clearance Preferred Have a strong background in ISSM, risk management, and GRC Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships Manage multiple priorities in a high-paced and fast-changing environment Experience supporting and assessing risks within a CI/CD DevSecOps environment Key areas of experience would include More ❯

provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … mitigate risks. Good verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. More ❯

and wider business goals Build and implement policies, procedures, and board-level metrics to support the strategy Lead on the development and maturity of the organisation’s Cyber Risk Management Framework Drive a security-aware culture across departments through training, communication, and engagement Operational Security Oversight Support architectural decisions and strengthen the company’s threat modelling approach Lead incident … response efforts and run simulations, red team exercises, and readiness activities Conduct proactive assessments of emerging threats and implement mitigation strategies Oversee vulnerability management across a hybrid cloud estate Manage security tooling and third-party SOC relationships Assess new technologies from a security standpoint, including AI initiatives Provide support to commercial teams with security input for tenders, bids … response and security operations Familiarity with compliance standards such as ISO 27001, SOC 2, HIPAA, GDPR Excellent communication skills; able to influence both technical and non-technical stakeholders Project management capabilities and experience delivering key security initiatives More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands–on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4–5 years experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non–technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years’ experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years’ experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

Line of Service Assurance Industry/Sector Not Applicable Specialism Risk Management Level Senior Associate Job Description & Summary About the role We are seeking a Security Specialist, looking for their next step up to an architecture position with cloud experience to join the client-facing Cyber team. The ideal candidate will possess strong technical and functional experience in a … analysis and develop metrics that measure current risk Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats. Communicate threat intelligence and vulnerability management options Analysing threats and current security controls to identify gaps in current defensive posture Meet with clients and leading workshops This role is for you if: You … have strong experience in architecture and security management as well as an understanding of security best practices You have worked with securing network and enterprise cloud applications - ideally GCP, Azure or AWS You have strong knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-53 or OWASP You have knowledge of host hardening, auditing, logging and More ❯

guidance for securing IT assets, change control, security testing, secure systems design and making recommendations to implement effective security controls. Take ownership of day-to-day running of technical vulnerability management programme. Use expert security knowledge with a particular focus in application security testing, web application firewalls, vulnerability management and securing development pipelines to make improvements. … Provide security direction and leadership as required with ability to mentor other security team members. Carry out cyber security engineering tasks using best-practice service management (ITIL), to agreed SLAs/KPIs, whilst promoting and adhering to XPS workplace values. Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Represent Security as Subject … ACLs, TCP/IP, routing and switching. Knowledge of current and future security initiatives e.g. OWASP standards, SASE intelligence led penetration testing, zero-trust, threat centric security, risk-based vulnerability management. Come from an infrastructure/networks background to fully support XPS changes and security initiatives. Has, or is working towards CISSP, SANS GCIA, Comptia Security+ and/or More ❯