176 to 200 of 994 Vulnerability Management Jobs

infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with … with AI/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with … SOC 2, GDPR). Proven ability to align security priorities with business and product strategy. Demonstrated experience delivering large-scale, cross-functional security projects. Excellent leadership, communication, and stakeholder management skills. Preferred Qualifications Experience in cybersecurity for SaaS or AI-native platforms. Familiarity with adversarial machine learning, model governance, or AI-specific threat models. Prior experience scaling security functions More ❯

audits and assessments to verify compliance and address any identified gaps. Security Controls Implementation: Lead the implementation and maintenance of security controls, such as access controls, data encryption, and vulnerability management. Collaborate with IT and other departments to integrate security controls into existing and new systems. Incident Response Management: Manage the organization's security incident response process, including … Risk Assessment and Mitigation: Conduct security risk assessments to identify potential threats and vulnerabilities. Develop and implement risk mitigation strategies to address identified risks, including the creation of risk management plans and the prioritization of security initiatives. Documentation and Compliance: Generate and maintain documentation required for Risk Management Framework (RMF) processes, including Standard Operating Procedures (SOPs), security plans … policies. External Stakeholder Engagement: Represent the organization in meetings and communications with external stakeholders, including government agencies, auditors, and vendors. Prepare and present security reports and updates to senior management and external parties as required. Continuous Improvement: Continuously monitor and evaluate the effectiveness of the information security program and make improvements as necessary. Foster a culture of continuous improvement More ❯

Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. Job responsibilities Ensure effective identification … quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations in Cloud environments Develop and maintain robust relationships, becoming a trusted partner with business technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals Execute reporting and governance of controls, policies, issue management, and measurements, offering senior … management insights into control effectiveness and inform governance work Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills Experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation Familiarity with risk management frameworks, industry More ❯

procedures and practices. Solid technical knowledge and experience on security technologies (like Endpoint protection, Mobile Security, Data Protection, Cloud Security, etc.) and on cyber security capabilities (SIEM, SOC, CERT, Vulnerability Management, Threat intelligence etc.) Strong knowledge of main Information Security standards and framework (ISO27001, ISO22301, ISF, NIST, COBIT.) Good background in information management, with clear understanding of … the challenges of Information and IT security. A good understanding and experience of implementing information security within cloud-based environments. Experience and skills in the project management of corporate Information security projects. Excellent oral and written communications skills, as well as ability to present and explain information security in a way that establishes rapport, persuades others, and gains understanding … across the business (UK & Internationally as required) to ensure relevant and appropriate information security controls are applied to ensure both the departmental and business objectives are met. Liaise with management and business users, to understand business goals, priorities, and information needs, and to recommend information security practices and solutions in line with business requirements. Manage security assessments, based on More ❯

Develop, implement, and maintain information security policies, procedures, and standards. Ensure compliance with ISO 27001, NIS2, and other regulatory requirements; manage documentation and audits. Coordinate change, risk, and incident management activities across IT security functions. Support secure design and delivery of IT projects and solutions. Manage internal security testing schedules and ensure timely execution and review. Deliver cybersecurity awareness … knowledge of ISO 27001 and related frameworks; experience with certified environments. Strong understanding of risk, incident, and change management. Familiarity with security technologies such as SIEM, MFA, encryption, and vulnerability management. Ability to communicate technical issues clearly to non-technical stakeholders. Preferred Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer. Project management qualifications (Agile, PMP, or More ❯

us at Barclays Internal Audit as a Cyber Audit AVP where you will collaborate with cross-functional teams to provide independent and reliable Cyber Security audit assurance to executive management and the Board on governance, risk management, and control effectiveness. In this role, you will contribute to audit planning and execution, risk assessment, control evaluation, and issue resolution. … assurance) covering Cyber Security. Experience in developing and executing assurance testing approaches in some of the following areas: data security (including cryptography), security configuration, network security, cyber incident response, vulnerability management, cyber threat management, information risk management, data leakage protection, identity & access management, cyber resilience. Knowledge of new and emerging technology, cyber security, and cyber More ❯

resource management. Review Azure Monitor analytics and Azure portal logs to identify and remediate subscription and resource issues. Manage containerized workloads using Docker and Azure Container Registries for image management and deployment. Implement automated monitoring, logging, and alerting systems using Azure Monitor, Log Analytics, and Application Insights. Collaborate with development and engineering teams to ensure seamless integration of applications … administering DevSecOps tools, including GitHub Advanced Security (CodeQL, Dependabot, SBOM), GitHub Workflows, and Visual Studio Code/Enterprise. Experience with security tools such as Trellix, Invicti, and Anchore for vulnerability management and compliance. Strong Windows Server administration skills, including troubleshooting SCCM issues and client-side domain joins. Familiarity with Linux (Ubuntu) administration for server and appliance management. Proficiency … of SQL integration in Azure environments. Familiarity with Infrastructure-as-Code tools (e.g., Terraform, Bicep) and configuration management. Experience with helpdesk support, including ticket ownership, problem resolution, and incident management using Remedy or similar ticketing systems. Knowledge of cloud security principles, including identity management, network security, and compliance frameworks (e.g., NIST 800-53, DoD STIGs). Understanding of More ❯

compute and storage infrastructures, delivering efficiency through automation, and ensuring scalability, flexibility, and compliance. Responsibilities • System administration tasks for Windows Server 2022 and RHEL 8 including regular platform upgrades, vulnerability management, troubleshooting, automation with native scripting languages, performance management, application inventory and administration, and compliance to regulatory baselines. • Development and execution of deployments using infrastructure-as-code … of SSL certificates and associated infrastructure and domains. • Manage and test data backups and disaster recovery policies. • Active Directory • Manage human and system identity lifecycles including onboarding, offboarding, role management, just-in-time privilege escalation, and regular access reviews. • Implement, update, and regulate group policy and identities in Active Directory and Azure EntraID in conjunction with the Enterprise Access More ❯

Computer Science, Information Security, or a related field. At least 5 years of experience in a security engineering role. Strong knowledge of security technologies and concepts, such as Identity Management, SIEM, Encryption, Vulnerability Management, Secure Coding Standards etc. Familiarity with compliance standards and regulations, such as ISO27001, PCI-DSS, and GDPR. Experience with security assessments, penetration testing More ❯

requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk … WILL YOU DO? "Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective information on cyber risks for IT and business management with both summary and detailed reporting Assess risk within subject specialty area to evaluate the design and effectiveness of security controls Work collaboratively with all Lines of Defense, coordinate … the control operation. Provide insight and classify data to assess Risk assessments Coordinate the completion of risk mitigating actions and providing status updates of all issues statuses to senior management Investigates large or repetitive loss events impacting the division to assess for potential systemic weaknesses and to ensure appropriate corrective action is taken. Provide insight and classify data to More ❯

requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The Lead ITRC tkeeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk … WILL YOU DO? "Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective information on cyber risks for IT and business management with both summary and detailed reporting Assess risk within subject specialty area to evaluate the design and effectiveness of security controls Work collaboratively with all Lines of Defense, coordinate … the control operation. Provide insight and classify data to assess Risk assessments Coordinate the completion of risk mitigating actions and providing status updates of all issues statuses to senior management Investigates large or repetitive loss events impacting the division to assess for potential systemic weaknesses and to ensure appropriate corrective action is taken. Provide insight and classify data to More ❯

resource management. Review Azure Monitor analytics and Azure portal logs to identify and remediate subscription and resource issues. Manage containerized workloads using Docker and Azure Container Registries for image management and deployment. Implement automated monitoring, logging, and alerting systems using Azure Monitor, Log Analytics, and Application Insights. Collaborate with development and engineering teams to ensure seamless integration of applications … administering DevSecOps tools, including GitHub Advanced Security (CodeQL, Dependabot, SBOM), GitHub Workflows, and Visual Studio Code/Enterprise. Experience with security tools such as Trellix, Invicti, and Anchore for vulnerability management and compliance. Strong Windows Server administration skills, including troubleshooting SCCM issues and client-side domain joins. Familiarity with Linux (Ubuntu) administration for server and appliance management. Proficiency … of SQL integration in Azure environments. Familiarity with Infrastructure-as-Code tools (e.g., Terraform, Bicep) and configuration management. Experience with helpdesk support, including ticket ownership, problem resolution, and incident management using Remedy or similar ticketing systems. Knowledge of cloud security principles, including identity management, network security, and compliance frameworks (e.g., NIST 800-53, DoD STIGs). Understanding of More ❯

supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking. Job information: Functional title - VP, IT Security Risk Department - Security Governance and Risk Management Corporate level - Vice President Report to - Director of Security Location - London, onsite 2 days per week About the role The individual will be part of the security function that … provide evaluation and treatment options, consultation on remediation approaches to address gaps and continue ongoing monitoring of remediation, re-assess until reduced to an acceptable level. Supporting Cybersecurity Risk Management strategies based on security findings and observations. Including informing improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all security functions Profile and assign … to mitigate risks. Excellent verbal and written communication skills to convey complex technical information clearly and effectively. Presenting data insights to non-technical stakeholders Strong understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Experience with GRC tools and best practices. RSA More ❯

government customer. The Cyber Security Systems Engineer assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. As a Cyber Security Systems Engineer, you will play a crucial role in enhancing our security infrastructure and ensuring a … supporting a key government customer. The ISSE assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. As an Information Systems Security Engineer (ISSE), you will play a crucial role in enhancing our security infrastructure and ensuring … in writing the documentation in order to ensure it's easy to understand. Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts. Document and obtain a general understanding of the architecture being developed or that was More ❯

Connect to your IndustryCyber security is critical to every organisation. We are shaping cyber strategies and transforming the management of cyber risk and we need you to join us. You’ll build strong relationships as one of the areas of our a cyber practice with over 450 extremely talented individuals in the UK alone, as part of a UK … a range of security challenges. They bring an ability to apply a robust understanding of security principles and technologies to support clients with varying risk appetite in the pragmatic management of cyber risk.Cyber Security Skills: Strong skills in areas such as cyber strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various … CISA or an MSc in cyber security (or equivalent) or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Consulting Skills: Experience building relationships with clients and developing an internal network of subject matter experts. Experience of business development, responding to More ❯

Threat groups and the ability to conduct in-depth research Able to independently verify the results of Threat Hunts, refining the queries where necessary Experienced in Incident Response and Management Responsible for the quality of all Threat Hunt Reports, ensuring that output is delivered it is at the highest possible standard Responsible for ensuring that all relevant process is … rules/analytics Requirements Technical 3+ years’ experience in Cyber Threat Intelligence, and conducting research and investigating cyber threats in a technical capacity Experience in technical incident response and management An expert understanding of current and emerging threats related to government and CNI Demonstrate a high-level knowledge of Windows operating systems and the Azure Landscape Demonstrate a high … high-level knowledge of and experience operating within cloud platforms Non-Technical Bachelor’s Degree in Cybersecurity, Computer Science or equivalent Experience in a SOC/Threat Intelligence/Vulnerability Management field Excellent written and verbal communication skills with the ability to communicate the risk, potential impact and importance of detailed technical information to non-technical and senior More ❯

Security related incidents and events investigation and response as required. Work with cross-functional teams to respond to incidents - be they an escalated security event or remediating a critical vulnerability - when the need arises Contribute effectively to the establishment and maintenance of the IT Security knowledge base, documenting clear instructions and known fixes. Work on IT security projects as … SC-200, AZ-500, SC-900. Cloud native security solutions such as GuardDuty and the Microsoft Defender suite of products Content Delivery Networks and Web Application Firewalls. Experience with vulnerability management A broad technical knowledge of server, endpoint, and networking hardware and related security configurations. Experience with EDR/EPP software, deployment, and configuration A strong technical knowledge More ❯

be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows … and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate More ❯

external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data Security Automation: Automate security processes and procedures to enhance efficiency … and effectiveness, reducing the risk of human error Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management Development of Security Standards: Develop and maintain best practices and security standards for the organisation, guiding teams in the implementation of secure coding practices Secure Design: Collaborate with development teams to ensure that web … and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind Risk Management and Compliance: Assist teams in ensuring that products and services are secure by design, align with the organisation's risk appetite, and comply with all relevant group standards, policies, and regulatory requirements Cybersecurity Collaboration: Work closely with stakeholders across the More ❯

Threat groups and the ability to conduct in-depth research Able to independently verify the results of Threat Hunts, refining the queries where necessary Experienced in Incident Response and Management Responsible for the quality of all Threat Hunt Reports, ensuring that output is delivered it is at the highest possible standard Responsible for ensuring that all relevant process is … rules/analytics Requirements Technical 3+ years' experience in Cyber Threat Intelligence, and conducting research and investigating cyber threats in a technical capacity Experience in technical incident response and management An expert understanding of current and emerging threats related to government and CNI Excellent Open-Source research skills Demonstrate a high-level knowledge of Windows operating systems and the … high-level knowledge of and experience operating within cloud platforms Non-Technical Bachelor's Degree in Cybersecurity, Computer Science or equivalent Experience in a SOC/Threat Intelligence/Vulnerability Management field Excellent written and verbal communication skills with the ability to communicate the risk, potential impact and importance of detailed technical information to non-technical and senior More ❯

external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency … practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind. Risk Management and Compliance: Assist teams in ensuring that products and services are secure by design, align with the organisation's risk appetite, and comply with all relevant group standards, policies … knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption, signing and digital certificates, Principles of securing mobile applications and More ❯

the CSOC team, they will develop and improve operationally relevant KPIs and KRIs and associated reporting mechanisms that are suitable to evidence performance to the CCoE and NSS DaS management team, and that demonstrate value to our stakeholders. During an active incident, the post holder is required to provide level-headed and hands-on response actions alongside the CSOC …/7, 365 days a year Delivering and operating IT infrastructure (networks, servers, desktop, cloud, etc.) Working on or leading security operations functions, including: Cyber Security Incident Response and Management; Monitoring & Alerting; Vulnerability Management; Threat Intelligence; Security Architecture Acting as a significant technical authority within the information and cyber security specialist area Developing, designing, and implementing new More ❯

best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. Preferred experience of working with wider Cyber Defence teams, including Intelligence, Vulnerability Management, Threat Hunting and Purple Teams Personal Attributes: Strong interpersonal, analytical, and problem-solving skills. Effective team player with excellent communication. Adaptable, detail-oriented, and proactive. Why Join More ❯

requirements, such as: Working with AWS Cloud Infrastructure team to secure our cloud infrastructure Working with the development team in embedding security in the SDLC Provide assistance in risk management activities Support security-related incidents Support our log monitoring operations Take part in threat modelling sessions Support the teams in risk analysis of technical vulnerabilities Support our Security Champions … CompTIA Network+ ISO 27001 Foundation or Practitioner AWS Certified Security Familiarity with TCP/IP, DNS, firewalls, VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with application security and OWASP Top Ten Scripting languages Experience with capture-the-flags Familiarity with More ❯

domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Penetration testing and vulnerability management Certifications such as CISSP, CISM, CEH, CPENT, Security+, CySA+, OSCP, AWS, GCP or Azure Security Certs, or similar Why Join? Be at the forefront of upskilling future More ❯