351 to 375 of 991 Vulnerability Management Jobs

to join our dynamic Security Operations Team. As a Security Operations Engineer, you will play a critical role in safeguarding our organization's assets and data by overseeing the management of Trainline's SIEM. This is done by ensuring the SIEM is fully operational and that we have the logs and alerts needed to support incident detection and response … that our wider set of Security tools are optimized to their full potential in-line with industry best practice. Create and maintain detailed documentation and provide key insights to management through customized dashboards and reports. If you are passionate about cybersecurity, eager to stay ahead of emerging threats, and looking to grow within a fast-paced and evolving environment … we'd love to hear from you! As a Security Analyst at Trainline, you will Own the management and configuration of our SIEM platform (Splunk), ensuring its fully operational, updated, configured to best practice and providing value for money. Drive the creation of new alerts, working with the wider Security Operations team to ensure appropriate enrichment and value, and More ❯

You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at executive level Full driving license & personal transport What’s On Offer Key More ❯

You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at executive level Full driving license & personal transport What’s On Offer Key More ❯

and endpoint environments – including advice on best practices, policy development, and technical control implementation Act as an escalation point and mentor for other consultants and engineers Own and deliver vulnerability assessments, including reporting, debriefs, and remediation planning Continuously evolve Wanstor’s cyber security product offerings, including templates, processes, automation and toolsets Maintain up-to-date knowledge of compliance standards … audits, including hands-on remediation guidance (Cyber Essentials Plus Assessor certified or holding related certifications with the intention of becoming CE Plus Assessor certified is highly desirable) Hands-on vulnerability assessment experience across infrastructure, networks, and applications Familiarity with threat and vulnerability management tools (e.g.Qualys) Excellent report writing and communication skills, able to present technical findings to More ❯

Design, implement, and manage cloud architectures on platforms such as AWS, Azure, or Google Cloud. • Build and maintain scalable, resilient, and high-performance cloud infrastructure. • Automate infrastructure provisioning and management using Infrastructure as Code (IaC) tools like Terraform, CloudFormation, or Ansible. • Optimize cloud resource usage for cost efficiency and performance. • Implement security best practices to protect cloud assets and … sensitive data. • Conduct risk assessments and vulnerability management in the cloud environment. • Ensure cloud infrastructure complies with industry standards, policies, and regulations (e.g., GDPR, HIPAA, SOC2). • Monitor cloud environments for performance, availability, and capacity planning. • Identify bottlenecks and work on optimizing cloud-based workloads. • Troubleshoot and resolve issues related to cloud infrastructure, including network, storage, and compute … e.g., Kubernetes, Docker). • Familiarity with CI/CD pipeline automation tools (e.g., Jenkins, GitLab CI, Azure DevOps). • Proficient in scripting languages (Python, Bash, etc.) for automation and management tasks. • Strong understanding of cloud networking, security (e.g., VPC, IAM, VPN, etc.), and monitoring tools. • Experience with logging and monitoring tools (e.g., CloudWatch, Prometheus, Datadog). • Knowledge of cloud More ❯

with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in … Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack. Automate data ingestion, transformation, and loading tasks. Beats for Data Collection: Agent and Agent Policy Management: Proficiency in configuring and managing agents, including setting up agent policies for various operation systems. Ensure seamless data flow from endpoints to the Elastic Stack. Data Cleaning and Enrichment … Collaborate with data analysts to create meaningful search experiences. Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters. Implement sharding, replication, and index management strategies. End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions. Experience Required More ❯

leader to head global security operations at an innovative, fast-paced technology organisation. This role will drive the strategic and operational excellence of our threat detection, incident response, and vulnerability management functions across a globally distributed digital estate. Reporting directly to the Chief Information Security Officer (CISO), this high-impact position is responsible for setting and executing the … in Cybersecurity, Computer Science, or a related discipline—or equivalent practical experience. Industry-recognised certifications (e.g., CISSP, GIAC, GCIH, GCFE, GREM) a plus. Familiarity with ITIL and enterprise project management practices. Experience managing third-party vendors and security transformation initiatives in large-scale, digitally complex organisations. Seniority level Seniority level Not Applicable Employment type Employment type Full-time Job More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M&A security assessments and maintain compliance. Requirements More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M&A security assessments and maintain compliance. Requirements More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M&A security assessments and maintain compliance. Requirements More ❯

Cloud infrastructure- ability to effectively deploy and manage cloud environments and integrate technologies that are part of customer stacks, to accurately replicate and resolve customer issues Knowledge of SIEM, vulnerability management tools, firewalls, malware, exploits, operating system structure and behavior Strong consulting and project management skills, with validated results working as a trusted advisor to drive business More ❯

experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, API gateways, and API Security (authentication and authorization). Proficiency in programming languages such as Python, JavaScript … GoLang, Terraform, CloudFormation (AWS), and AWS CDK. Familiarity with Agile methodologies like SCRUM, along with proven project management skills to manage multiple security projects effectively. Desired Ability to work independently, take initiative, and maintain a keen attention to detail, ensuring high security standards. Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams. Why More ❯

IT. You take a hands-on approach. You have a ‘can do’ outlook. You can communicate effectively based on the audience. You proactively deal with issues. You approach change management professionally, considering and communicating potential service impacts. You are flexible to work out of hours as needed. Minimum Criteria: Good knowledge of Microsoft Defender Suite (Defender for servers Plan … including hybrid onboarding and threat/vulnerability management. Excellent knowledge of Defender for Cloud portal. Good knowledge of Azure ARC. Experience with Microsoft Windows Operating Systems (2012, 2016, 2019, 2022). Strong analytical and problem-solving skills. Experience delivering complex infrastructure change projects. Knowledge sharing capabilities. Good knowledge of Active Directory. Intermediate knowledge of M365, Exchange, and Azure AD. More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: * Implement and manage security controls for Microsoft and Azure infrastructure. * Lead vulnerability management and incident response. * Enhance security monitoring and IAM with Microsoft tools. * Drive security architecture and ensure endpoint security. * Support M&A security assessments and maintain compliance. Requirements More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: * Implement and manage security controls for Microsoft and Azure infrastructure. * Lead vulnerability management and incident response. * Enhance security monitoring and IAM with Microsoft tools. * Drive security architecture and ensure endpoint security. * Support M&A security assessments and maintain compliance. Requirements More ❯

candidates across the UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: * Implement and manage security controls for Microsoft and Azure infrastructure. * Lead vulnerability management and incident response. * Enhance security monitoring and IAM with Microsoft tools. * Drive security architecture and ensure endpoint security. * Support M&A security assessments and maintain compliance. Requirements More ❯

travel into London around once or twice a month depending on where you live (expenses-paid). Responsibilities: * Implement and manage security controls for Microsoft and Azure infrastructure. * Lead vulnerability management and incident response. * Enhance security monitoring and IAM with Microsoft tools. * Drive security architecture and ensure endpoint security. * Support M&A security assessments and maintain compliance. Requirements More ❯

coding errors, and vulnerabilities, providing guidance and recommendations for remediation. Security Testing: Plan and execute security testing activities, including SAST/DAST/IAST, penetration testing, fuzz testing, and vulnerability scanning to evaluate the effectiveness of security controls and identify weaknesses. Security Compliance: Ensure that applications comply with relevant security standards, regulations, and industry best practices, such as OWASP … with secure software development methodologies, such as Secure SDLC and DevSecOps. Understanding of IDEs, Code repositories & CI/CD Solutions. Proven experience in application security assessment, penetration testing, and vulnerability management. Strong understanding of web application security concepts, including secure coding practices, authentication mechanisms, and common vulnerabilities. Proficiency in security testing tools and techniques, such as Burp Suite, SonarQube More ❯

to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.Cyber Threat Intelligence and Vulnerability LeadJob Title: Cyber Threat Intelligence and Vulnerability Lead Requisition ID: 121483Location: Leeds (this is a 100% office based role due to the nature of the project)Grade: GG10 … relevant potential cyber threat and key vulnerabilities are detected, triaged and reported on daily Accountable for all regular reporting and ensuring the efficient delivery of all threat intelligence and vulnerability products by their respective deadlines Where there is not established schedule for a product the lead is responsible for ensuring that an achievable deadline is set and the work … tailored collection plan and implementation of both to ensure that the intelligence products are relevant to the client’s interests Accountable for the quality of all Threat Intelligence and Vulnerability Reports, ensuring that when a product is delivered it is at the highest possible standard Accountable for ensuring that all relevant process are effectively documented and regularly reviewed Responsible More ❯

the country. It is the largest news publisher on TikTok with over 28 million total followers and nearly 45 billion views** in the past year. We are seeking a Vulnerability Engineer to help build and drive our vulnerability management function. This is a key role for someone with the technical skills, automation mindset, and proactive attitude to … someone who thrives on ownership, brings ideas to life through automation, and collaborates effectively with teams across the business. Main Responsibilities Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools. Establish and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST … and CIS. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track More ❯

Trust in digital transactions and financial technologies is crucial for the smooth functioning of modern society. Neelam Kadbane, our next pathbreaker, Senior Vulnerability Analyst at Mastercard, identifies and addresses security vulnerabilities within Mastercard’s environment & products by conducting network penetration tests. Neelam talks to Shyam Krishnamurthy fromThe Interview Portal about the innumerable challenges and the satisfacation of her work … . It was a significant achievement for me, especially since it’s rare for companies to hire freshers directly into the InfoSec domain. At Qualys, I worked with the Vulnerability Management team, where we researched new CVEs and zero-day vulnerabilities, and developed signatures for vulnerability scanners. A zero-day vulnerability is a security flaw in … software or hardware that is unknown to the vendor or developer. Since the vendor is unaware of the vulnerability, no patch or fix is available, making it highly dangerous. The term “zero-day” comes from the fact that once the vulnerability is discovered by malicious actors, the vendor has zero days to fix it before it can be More ❯

We are seeking a technically proficient Remediation Engineer - Security & Vulnerability Management to support our vulnerability management and threat remediation efforts. The successful candidate will play a pivotal role in analysing security vulnerabilities, coordinating with cross-functional teams, and implementing timely, effective remediation to reduce the organization's risk exposure-including on-premise environments, AWS, and Azure … through effective vulnerability lifecycle management, stakeholder engagement, and comprehensive tracking and reporting. Key Responsibilities Lead the identification, assessment, and remediation of vulnerabilities across all operating systems (Windows, Linux, macOS) and platforms (on-premise and cloud). Analyze vulnerability scan results from tools such as Qualys, Nessus and cloud native tools. Collaborate with system, application, and infrastructure teams … and application patching using tools such as SCCM, Ansible, Tanium, or Satellite. Contribute to remediation playbooks, SOPs, and security incident response plans. Manage and support secure configurations, patching, and vulnerability remediation across AWS and Azure environments. Remediate security misconfigurations or threats in AWS, Azure, and/or GCP using cloud-native security tools (e.g., AWS Inspector, Azure Security Center More ❯

Key Responsibilities Lead the identification, assessment, and remediation of vulnerabilities across all operating systems (Windows, Linux, macOS) and platforms (on-premise and cloud). Analyze vulnerability scan results from tools such as Qualys, Nessus and cloud native tools. Collaborate with system, application, and infrastructure teams to prioritize and remediate vulnerabilities across on-premise and cloud environments. Prioritize vulnerabilities based … and application patching using tools such as SCCM, Ansible, Tanium, or Satellite. Contribute to remediation playbooks, SOPs, and security incident response plans. Manage and support secure configurations, patching, and vulnerability remediation across AWS and Azure environments. Remediate security misconfigurations or threats in AWS, Azure, and/or GCP using cloud-native security tools (e.g., AWS Inspector, Azure Security Center … . Collaborate with IT, DevOps, and application teams to track and verify remediation efforts. Maintain and enhance tools and processes for vulnerability tracking, reporting, and dashboard metrics. Develop and deliver regular status updates, risk reports, and executive summaries to stakeholders. Create automation scripts (PowerShell, Bash, Python) to assist in large-scale remediation efforts. Support integration of remediation workflows into More ❯

Albany Beck is looking for an experienced Security Consultant with a strong background in Security Risk Management, GRC, Vulnerability Analysis, and Compliance to join a high-impact programme within a leading global investment bank. This is an exciting opportunity to play a key role in the design and implementation of security controls, frameworks, and processes to strengthen the … s overall security posture. As a Security Consultant, you’ll be working in the client’s security team, contributing to critical workstreams that span governance, risk and compliance (GRC), vulnerability management, and security control design. You'll work closely with cross-functional stakeholders including technology, audit, and operations teams to ensure the organisation’s security strategy aligns with … appetite. Support the development, implementation, and continuous improvement of security governance frameworks and GRC processes. Design and enhance security controls across infrastructure, applications, and cloud environments. Lead or support vulnerability analysis activities, including risk-based prioritisation and remediation tracking. Ensure alignment with global security standards and frameworks (e.g. NIST, ISO 27001, CIS). Partner with compliance, audit, and internal More ❯

months, Inside IR35 £400-£450 per day Edinburgh Financial Services A small Edinburgh Financial Services organisation is currently seeking an experienced Information Security Analyst with a strong background in vulnerability management , to join their team on an initial 6 month Contract & working from their office based in Edinburgh (hybrid). The Contract will involve assessing vulnerability reports … and collaborating with cross-functional teams to ensure timely mitigation & to be successful, key knowledge & experience should include: Recent experience working as an Information Security Analyst, Security Engineer or Vulnerability Analyst with strong experience with complex information security projects . In-depth knowledge & expertise of Information Security standards, technologies & methodologies etc (e.g., ISO27001 ). Strong grasp of security best … practices , risk management , and compliance . Particular focus on Vulnerability Management utilising SAST/DAST tools , especially Tenable . Familiarity with Azure DevOps for tracking work items. Ability to work independently and in agile teams. Excellent communication and stakeholder management skills are a must as always. Any formal certifications like CISA, CISM , or ISO27001 Lead Implementer More ❯