17 of 17 Vulnerability Management Jobs in the West Midlands

safeguard the organisation's information and technology systems. As the Information Security Manager , you will be responsible for overseeing the organisation's information security management system (ISMS). Your primary focus will be on managing the delivery of, and improving, security policies, practices, and standards to protect our company … mitigate potential vulnerabilities. The Information Security Manager will perform fundamental security and data protection tasks. You will conduct security and data protection assessments, supporting vulnerability management, reviewing security configurations, and contributing to the development of security and data protection policies. The ideal candidate is eager to learn and … posture of our systems and infrastructure Work collaboratively with other departments to ensure the alignment of security efforts with wider business objectives 2. Risk Management: Identify and assess information security risks Provide recommendations for mitigating and managing risks effectively Security system management, administration and reporting; Provide advice and More ❯

a related field At least 5 years of experience in a security engineering role Strong knowledge of security technologies and concepts, such as Identity Management, SIEM, Encryption, Vulnerability Management, Secure Coding Standards etc. Familiarity with compliance standards and regulations, such as ISO27001, PCI-DSS, and GDPR Experience More ❯

protocols, and ensuring the detection, analysis, response and resolution of security incidents. The role requires leadership in incident response, detection engineering, threat intelligence, and vulnerability management, while collaborating with other teams across the business to ensure enterprise-wide security measures are effective. Key responsibilities for this role may … include: Leadership and Team Management: Lead and manage a team of SOC analysts and security engineers, ensuring operational excellence and maintaining high levels of motivation. Create and maintain shift schedules for the SOC team to ensure continuous coverage. Develop and implement training programs to enhance the team's skill … set and knowledge in cybersecurity best practices. Conduct performance evaluations, mentoring, and career development for SOC staff. Incident Management: Lead the incident response process, ensuring that security incidents are properly identified, triaged, investigated, and resolved. Develop and refine incident response procedures, playbooks, and escalation protocols. Coordinate with internal stakeholders More ❯

investigates possible security exceptions Updating, maintaining and documenting security controls Participating in security operations support - Following up on information security related incidents Performing Patch & Vulnerability Management (Qualys) Identifying and advising on external risk (Bitsight) Participating in projects Consistently implementing security solutions at the business unit level Testing new More ❯

ISO 27001:2022. Ensure that any business changes, acquisitions, or transformations are accounted for within the scope of certification, through proactive risk identification and management with IT assets owners. Development and championing all Information Security Policies, Procedures and relevant standards, and produce supporting documentation and training material to ensure … across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of … Three Lines of Defence Model and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we More ❯

across the organization. Experience working in a global, multi-business environment is a plus. Technical/Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of … Three Lines of Defence Model and its application. Knowledge of vulnerability management and Identity and Access management. A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor). Our Values: • We care about the safety of everyone. • We respect each other and the wider communities we More ❯

travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M&A security More ❯

improve SIEM/SOAR tools, integrate with core OT security platforms. Threat Modelling & Analytics - Build advanced alerting, analyse attack vectors, and enhance threat visibility. Vulnerability & Patch Strategy - Develop workarounds for unpatchable assets and mitigate OT security risks. Stakeholder Engagement & Compliance - Work with IT, engineering, and regulatory teams to maintain … the ability to collaborate across functions. Proven OT Cyber Experience - in utilities, critical infrastructure, SCADA, ICS Hands-on Security Tooling - SIEM, SOAR, threat intelligence, vulnerability management Threat Modelling - familiar with MITRE ATT&CK for ICS, and developing detection use cases Incident Management - support cyber incident response in More ❯

improve SIEM/SOAR tools, integrate with core OT security platforms. Threat Modelling & Analytics - Build advanced alerting, analyse attack vectors, and enhance threat visibility. Vulnerability & Patch Strategy - Develop workarounds for unpatchable assets and mitigate OT security risks. Stakeholder Engagement & Compliance - Work with IT, engineering, and regulatory teams to maintain … the ability to collaborate across functions. Proven OT Cyber Experience – in utilities, critical infrastructure, SCADA, ICS Hands-on Security Tooling – SIEM, SOAR, threat intelligence, vulnerability management Threat Modelling – familiar with MITRE ATT&CK for ICS, and developing detection use cases Incident Management – support cyber incident response in More ❯

orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Design … implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to More ❯

resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in-depth vulnerability assessments, penetration testing, and security reviews to identify and remediate weaknesses. Partner with development teams to integrate secure coding practices. Drive security initiatives and … Possess relevant industry certifications e.g. CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles, including threat detection, incident response, and vulnerability management. Experienced in leading security initiatives and overseeing security projects from planning to execution. Strong communicator, capable of effectively engaging with technical and non More ❯

resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in–depth vulnerability assessments, penetration testing, and security reviews to identify and remediate weaknesses. Partner with development teams to integrate secure coding practices. Drive security initiatives and … Possess relevant industry certifications eg CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles, including threat detection, incident response, and vulnerability management. Experienced in leading security initiatives and overseeing security projects from planning to execution. Strong communicator, capable of effectively engaging with technical and non More ❯

resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in-depth vulnerability assessments, penetration testing, and security reviews to identify and remediate weaknesses. Partner with development teams to integrate secure coding practices. Drive security initiatives and … Possess relevant industry certifications e.g. CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles, including threat detection, incident response, and vulnerability management. Experienced in leading security initiatives and overseeing security projects from planning to execution. Strong communicator, capable of effectively engaging with technical and non More ❯

resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in-depth vulnerability assessments, penetration testing, and security reviews to identify and remediate weaknesses. Partner with development teams to integrate secure coding practices. Drive security initiatives and … Possess relevant industry certifications e.g. CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles, including threat detection, incident response, and vulnerability management. Experienced in leading security initiatives and overseeing security projects from planning to execution. Strong communicator, capable of effectively engaging with technical and non More ❯

resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in-depth vulnerability assessments, penetration testing, and security reviews to identify and remediate weaknesses. Partner with development teams to integrate secure coding practices. Drive security initiatives and … Possess relevant industry certifications e.g. CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles, including threat detection, incident response, and vulnerability management. Experienced in leading security initiatives and overseeing security projects from planning to execution. Strong communicator, capable of effectively engaging with technical and non More ❯

development lifecycle-from inception to retirement. Expertise in automation tools and processes for streamlined deployment and operations. Strong knowledge of security best practices and vulnerability management. Proficiency in a variety of coding languages and scripting techniques. A proactive, problem-solving mindset with a focus on continuous learning and improvement. … Charts, Python, PowerShell, REST APIs. Kubernetes: Experience building and managing Kubernetes clusters and application delivery. Applications: Familiarity with Apache NiFi, Elastic ECK, Artifactory. Secret Management: Expertise in using HashiCorp Vault. Operating Systems: Solid experience with Red Hat and Windows environments. Apply today via the link provided More ❯

development lifecycle-from inception to retirement. Expertise in automation tools and processes for streamlined deployment and operations. Strong knowledge of security best practices and vulnerability management. Proficiency in a variety of coding languages and scripting techniques. A proactive, problem-solving mindset with a focus on continuous learning and improvement. … Charts, Python, PowerShell, REST APIs. Kubernetes: Experience building and managing Kubernetes clusters and application delivery. Applications: Familiarity with Apache NiFi, Elastic ECK, Artifactory. Secret Management: Expertise in using HashiCorp Vault. Operating Systems: Solid experience with Red Hat and Windows environments. Apply today via the link provided More ❯