London, England, United Kingdom Hybrid / WFH Options
Starling Bank
from home, that's to be agreed upon between you and your manager. About the Role We are seeking a highly motivated and experienced Vulnerability Manager to lead a growing vulnerabilitymanagement team. A successful candidate will work with the team to analyse emerging vulnerabilities provided by … threat intelligence sources and penetration testing. The vulnerability manager will collaborate with various technology and engineering teams to share vulnerability findings, provide guidance, and assist through the remediation process. This person will help present this information in a simple digestible format, and coordinate remediation and mitigation efforts with … teams across remote and office locations. There will be opportunities to guide continual improvement of the vulnerabilitymanagement process. Responsibilities Lead a team of information security professionals to: Assess, investigate and provide guidance on emerging vulnerabilities, incorporating information from threat intelligence sources, internal software and infrastructure scans. Collate more »
VulnerabilityManagement & Risk Specialist – London hybrid - £70,000 - £80,000 + Benefits Locke & McCloud are looking for an experienced VulnerabilityManagement Risk Specialist to join our clients growing Cyber Security function. In this role you will work with our clients various vendors and 3rd party suppliers … to manage security risks internally and externally, in addition to participating in incident response and vulnerabilitymanagement activities. We are looking for people who have a strong background in managing risks with vendors, incident response, vulnerabilitymanagement, and stakeholder management. Main Responsibilities: Collaborate across various teams … to establish and maintain an effective vulnerabilitymanagement program. Identify, prioritise, and assess vulnerabilities across our clients infrastructure, systems, and applications. Develop and implement strategies to mitigate risks associated with identified vulnerabilities. Coordinate with vendors to assess and manage risks associated with third-party products and services. Lead more »
IT Service Providers and partners to implement and optimise cyber security technical assurance capabilities across four main services; Technical Security Compliance, Product Security Assurance, VulnerabilityManagement (VM), and Disaster Recovery and Business Continuity. Key responsibilities: Define and deliver the cyber security technical assurance strategy, setting out clear policies … variety of technologies and platforms. Ensure the IT estate is compliant with The Client's policies and technical standards to protect company assets having management responsibility for driving the necessary remediation actions and countermeasures to mitigate identified weaknesses and vulnerabilities. Establish and improve a regular red and purple team … penetration testing program aligned to main threat information and industry cyber security intelligence. Establish a VulnerabilityManagement process to ensure that all known security vulnerabilities and weaknesses are identified, contextually assessed, prioritised and tracked to remediation against The Client's policy. Ensure that an IT Disaster Recovery and more »
ATT&CK framework, and lead the charge in containing and remediating security incidents. Collaborate across teams to outsmart threats and keep our defences impenetrable. Vulnerability Slayer: Hunt down weaknesses with vulnerability scans and assessments, prioritise risks like a hawk, and orchestrate swift remediation with IT teams. Keep the … outbound emails with encryption. Become the gatekeeper of our inboxes. Platform Maestro: Deploy, configure, and command a symphony of security tools - EDR/XDR, vulnerabilitymanagement, email gateways, you name it. Fine-tune rules and detections, optimising threat detection and reducing false alarms. Network Security Sage: Possess a … Incident response methodologies (MITRE ATT&CK, D3FEND) Microsoft 365 Security DMARC, SPF, DKIM Strong Scripting (e.g., PowerShell or Python) Security automation frameworks Security platform managementVulnerabilitymanagement tools Privilege Access Management Industry-standard frameworks (NIST, SANS) and best practices controls (CIS) About Us ComfortDelGro is one more »
Job Overview: Join a dynamic and high-performing team as a Senior Analyst in VulnerabilityManagement & Security Testing. This role offers the unique opportunity to enhance a best-in-class Threat Defence capability and make significant contributions to our security operations. Ideal candidates will bring a strong background … in threat management, vulnerability assessment, and security testing, aiming to drive innovation and excellence in our security practices. Key Responsibilities: Conduct thorough vulnerability assessments across various platforms, including networks, systems, applications, and devices. Analyze risks associated with vulnerabilities, provide detailed reporting, and recommend actionable remediation strategies. Work … across IT, IoT, and OT environments. Coordinate and oversee remediation efforts to ensure timely and effective resolution of security vulnerabilities. Requirements: Extensive experience in vulnerabilitymanagement and remediation, including hands-on experience with vulnerability scanning tools. Good knowledge of Exabeam, Tenable.io and Tenable.sc would be considered a more »
Engineer role will support the systems and applications that deliver enterprise security services for a global organisation. With a focus on identity and access management, the Security Engineer will provide expert knowledge to support the planning, design, development, and deployment of centralized IAM and PAM solutions and the delivery … of the enterprise-level Privileged Access Management program. The role will also support the implementation and management of all cyber security technologies and services in use at the company Role & Accountabilities KEY Identity access management, experience/involvement with Security services such as SIEM and Vulnerability … a subject matter expert on key principles of (IAM) with an in-depth knowledge in the areas of authentication and authorization systems, identity lifecycle management, and identity governance. Build the IAM strategy, and ensure its implementation is a success across the business. Staying up-to-date on current IAM more »
The apprentice will be tasked with sending regular reports using tools like our Security Awareness Training platform, VulnerabilityManagement tool and conducting various scans to assess security posture. Role A IT and Security Apprentice is an integral part of the security team, responsible for a variety of tasks … protection and integrity of data and systems. The apprentice will be tasked with sending regular reports using tools like our Security Awareness Training platform, VulnerabilityManagement tool and conducting various scans to assess security posture. They will also be responsible for the setup and configuration of security solutions … cyber security services. They will assist in the automation and maintenance of various tools streamlining processes to enhance operational efficiency. The role extends to vulnerabilitymanagement, where the apprentice will identify, evaluate, and address security vulnerabilities within the organization's network and systems. RMM (Remote Monitoring and Managementmore »
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
City of London, London, United Kingdom Hybrid / WFH Options
Nigel Frank International
A specialist (re)insurance broker are looking for an experienced Cyber Security Engineer to take responsibility for the development and operation of the vulnerability and security event management programs, within the Information Security function. This is a permanent role with hybrid working arrangements - requiring 2-3 days per … week in their Central London office. Core responsibilities will include: Daily management and maintenance of vulnerability monitoring systems Daily management and maintenance of security event monitoring Support the Information Security Team in performing security assessments for projects and other initiatives Assess cloud applications and provide assurance that … stakeholders and be visible to the c-suite, making this a really exciting step-up for the right candidate. Requirements : Hands-on experience in vulnerabilitymanagement, and configurating and tuning vulnerabilitymanagement tools e.g. Qualys, Microsoft Defender Hands-on experience configurating and tuning SIEM solutions e.g. more »
Leatherhead, England, United Kingdom Hybrid / WFH Options
Zest
to processing personal data with the highest level of diligence, and you’ll play a pivotal role in maintaining and enhancing our robust infosec management system, acquiring and upholding security certifications, fulfilling the role of our Data Protection Officer and ensuring we have appropriate controls to mitigate risk. You … Simultaneously, your comfort with detail will see you managing the day-to-day operations, keeping our platform and business secure. Key responsibilities Information Security Management & Certifications ISMS Oversight: Maintain and enhance Zest’s Information Security Management System. This includes maintaining documentation, conducting and documenting risk assessments, driving improvements … latest cybersecurity threats and trends to inform strategic security planning. Security Infrastructure: Oversee the installation and maintenance of security systems, controls and infrastructure. Incident Management: Take charge of the response to all information security and data protection incidents and collaborate with various business units to understand, document and learn more »
Employment Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, VulnerabilityManagement, Attack Surface Reduction, Software Engineering, Security Architecture, Platform Support both locally and globally. You will have experience … in: Leading the response to complex incidents in a large-scale environments. Years of relevant experience in cyber security operations, incident management or risk management within an enterprise environment. Self-motivated interest in the latest cyber security threats and vulnerabilities and is able to integrate threat intelligence into more »
Birmingham, West Midlands, West Midlands (County), United Kingdom
ARM
Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas … for this role, the ideal candidate will have experience in each of the below; Threat & VulnerabilityManagement Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to … provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerabilitymanagement (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing more »
Threat & Vulnerability Manager London – Hybrid Salary: DoE Gresham Hunt is currently partnered with a leading financial services client in the search for an experienced VulnerabilityManagement professional for their London based team. This is an exciting opportunity to help drive the vulnerabilitymanagement programme as … part of the global technology team. The successful candidate will have: 8 years experience across different technical disciplines within the Cybersecurity landscape. Experience using vulnerability scanning tools such as Nessus, Qualys, Rapid7, Wiz, OpenVAS, and penetration testing frameworks like Metasploit. Knowledge of security and risk frameworks, plus regulatory compliance … frameworks e.g. NIST, Cobit, ISO 27001. Understanding of OWASP, MITRE, CVSS and other standards/frameworks relevant to application security and vulnerability management. Experience with cloud technologies, preferably Azure and AWS. Familiarity with security methodologies: Attack and Defensive, Threat Hunting, etc. Scripting experience would be beneficial i.e. Python, Shell more »
issues. Manage the day-to-day operations of the SOC, ensuring the timely and effective delivery of security monitoring, incident response, threat intelligence and vulnerabilitymanagement services. Lead and develop a team of cyber analysts, providing coaching, mentoring, performance management and career development opportunities. Establish and maintain … strong relationships with internal and external stakeholders, including senior management, business units, IT teams, vendors, regulators and law enforcement agencies. Develop and implement security operations policies, procedures, standards and best practices, ensuring alignment with the organisation's security strategy, risk appetite and regulatory requirements. Monitor and report on the … in a large and complex organisation. Expert knowledge of security operations processes, tools and technologies, such as SIEM, SOAR, EDR, XDR NDR, threat intelligence, vulnerabilitymanagement, forensics and malware analysis. Strong understanding of security frameworks, standards and regulations, such as ISO 27001, NIST, CIS, PCI DSS, GDPR and more »
as Security Analyst you will be the subject matter expertise in relation to IT and Information Security controls and assurance, Cyber Security threat and vulnerabilitymanagement and response, and supplier security due diligence and assurance. The role is a key part of the Cyber/Information Security function. … As a Security Analyst you will lead a broad range of initiatives covering, but not limited to Security Operations, Security Assurance, Threat Detection, Incident Management and Response in the objective to protect the organisation against internal and external cyber security threats. Responsibilities: Support with VulnerabilityManagement, Penetration … Testing, Cloud Security Posture Management (CSPM) and Security control maturity processes. Supplier security due diligence and assurance. Create and deliver security awareness and training. Leverage and contribute towards the Policies, Processes, Procedures and Guidelines. Engage with and support IT, Enterprise and Operational Risk Management Processes. Threat intelligence - evaluate more »
and services to ensure that CLS is equipped with appropriate industry best tools and solutions Operational Operate and maintain controls related to SIEM, DLP, VulnerabilityManagement, DLP, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations. Conduct IT Security risk assessments for all … help design, implement and maintain security Prepare for, identify (hunt) and remediate cyber threats Operate and maintain IT Security controls related to SIEM, DLP, VulnerabilityManagement, Cyber Threat Intelligence, DLP, Endpoint Protection, etc. Participate in an on-call rotation to act as an escalation point for events requiring … collaborate effectively with others to drive forward key security objectives Strong documentation and report writing skills (to both technical and business audiences) Excellent time management and organizational skills combined with technical IT Security acumen Expert knowledge of Firewalls, TCP/IP, IPS, DLP, proxies, SIEM, & Endpoint Protection software Financial more »
the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure. Firewall management Web Proxy management and CASB. Anti-Virus/Malware management Standard, third party and privilege access user management Remediation of external … will be used as evidence during COBIT 5, PCI DSS and Security review, internal and external audits. Required Skills Good knowledge of Information Security Management System (Infrastructure Security Operations). Good knowledge of Azure cloud infrastructure and configuration. Good knowledge in System Centre Configuration Manager, Operations Manager and Virtual … Machine Manager. Good knowledge of Microsoft Exchange online Good knowledge of Azure and on-premises Active Directory Good knowledge of Cyber Incident Management and or Security Forensic experience. Good knowledge of Windows Server and Linux Good knowledge in network (WAN, Wi-Fi) and Network Access Control (NAC) managementmore »
career development opportunities. About the Role As a Cyber Security Engineer your primary responsibility will be Security Operations and Incident Response as well as VulnerabilityManagement and Threat Intelligence. In addition, you will work closely with the Cyber Security Manager and Security Architect to independently resolve complex issues. … security operations centre (SOC) and responding to security alerts. Experience in creating response playbooks and handling escalations. Additional experience in EDR, M365 security, SIEM, Vulnerabilitymanagement, MITRE attack framework, and Incident response. Strong stakeholder engagement skills and the ability to promote a secure mindset within an organisation. Previous more »
and security assurance testing, as well as configuring and fine tuning cyber security tools and solutions including preventative and detective measures for example firewalls, vulnerabilitymanagement tools, and EDR. Skills You will have worked as a Cyber Security Engineer or in a similar position. You will have experience … in a broad variety of technology including AWS, Microsoft 365, internet protections, vulnerabilitymanagement, SIEM, EDR. Experience securing on premises infrastructure and cloud services. Experience working with Systems Engineering teams, DevSecOps, CI/CD Senior Security Engineer - Onsite - £100K more »
You will be joining a developing team as a technical resource where you will have the opportunity to lead on projects around incident response, vulnerabilitymanagement, EDR scanning and more. You will work with an already wide ranging tech stack for an exciting scaling business with major expansion … Data Protection & GDPR would be highly sought after too. In this role you will: Work on a variety of technical projects across incident response, vulnerabilitymanagement, triaging and more Work with third parties and vendors to ensure full security coverage Provide support to the governance and data protection … teams Requirements: Hands on experience working in an in-house security environment Direct experience working within a variety of security tools- SIEM, EDR, Vulnerability scanners, etc Understanding and knowledge of different security frameworks- ISO27001, PCI DSS, Cyber Essentials, etc. For more information, please apply or send your CV direct more »
of a broad range of security capabilities, technologies and concepts (e.g. cryptography, data security, network security, endpoint security, security penetration testing, identity and access management, vulnerabilitymanagement etc). Desirable skills/Preferred Qualifications: * Understanding of the interplay between cyber security risk factors, regulatory requirements and changing … of controls and standards to both business and security solutions in order to maintain or increase the Bank's security posture. * Knowledge of risk management processes (e.g. methods for assessing and mitigating risk). * Skill in designing countermeasures to identified security risks. * Knowledge of cybersecurity and privacy principles and more »
ATT&CK and CIS. * Legal and Regulatory Understanding: Familiarity with laws and regulations related to cybersecurity, such as GDPR, CCPA, or HIPAA. Skills * Personnel Management * In house training of personnel. * Stakeholder engagement * Risk Management * Threat Hunting * Threat Analysis * Use of vulnerabilitymanagement tools * Malware reverse engineering … Detection rule engineering * Incident Management * Alert Triage * Crisis management Experience * Extensive working experience in a live SOC environment * Line management experience. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to more »
computer infrastructure, information systems and to ensure the organization maintains an acceptable risk posture. The Senior Information Security Analyst is highly engaged in risk management and mitigation, including evaluating vendor risk, examining vendor contracts for terms of service, understanding third-party risk, and data privacy issues. The analyst serves … detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, business systems, data leakage protection systems, patching, encryption, vulnerability scanning, application code scanning, remediation as well as defining configuration for a variety of security tools. Prior experience in an international enterprise environment is … delivery is on-time, within budget, and adopted to meet the company's information protection requirements. Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA more »
of all Microsoft professional services projects and ongoing programmes across the Stridon client base including: Azure services Microsoft 365 services Infrastructure Cyber security Identity Management Application To be the subject matter expert on all matters related to Microsoft Solutions including Azure, M365 and Windows Server related services across the … Stridon infrastructure Responsible for deployment, configuring, and management of deliverables across all client solution implementations including ADDS, Certificates, Certificate Authorities, DNS, DHCP, DFS, File System, Group Policy, Radius, Exchange, SharePoint, Federation, Web Services and SQL Provide subject matter expertise and manage Stridon internal applications Manage Remote Management and … Monitoring tools to respond to and remediate problems where they have been escalated Deploy vulnerabilitymanagement tools such as Microsoft Defender to scan for and remediate vulnerabilities across client infrastructure Provide expertise and mentoring to Managed Services engineers in problem management of Microsoft solutions and service-related more »