Jobs

Lead Vulnerability Management Engineer

Job details
  • Xcede
  • Greater London
  • 3 weeks ago
Applications closed
Create alert

A leading financial technology and data science firm requires a Lead Vulnerability Management Engineer who will be responsible for delivering a "greenfield" global vulnerability management programme.


The role entails delivering the technical aspects of vulnerability management; identification and prioritisation, as well as the non-technical side involving communication, and coordination with cross-functional teams to ensure timely patching and remediation, compliance and reporting. The role includes evaluating vulnerabilities for exploitability, aligning patching schedules, and overseeing, and ensuring the integrity of pre- and post-patch checks across the corporate technology environment as well as the application development functions.


Whilst this is currently an individual contributor role it will quickly expand into a leadership position so would suit a hands-on VM Engineer looking for a step toward management.


The position reports directly to the Head of Security. Please note: the role requires at least 3 days in the office.


Your present skillset

  • 5 -10 years of experience in vulnerability management or a similar security role in globally distributed financial (or complex) technology environment
  • Strong technical knowledge with hands-on experience using vulnerability scanning/assessment tools - Tenable and AWS Inspector are desirable
  • Familiarity with on-premise and cloud environments (AWS, Azure) and hybrid setups.
  • Ability to communicate effectively with both technical and non-technical stakeholders.
  • Experience in coordinating patch management processes across a large organisation and time zones, ensuring minimal business disruption
  • Ability to evaluate vulnerabilities based on risk and exploitability, guiding patching priorities
  • Strong organisational skills to manage patch schedules, stakeholder coordination, and compliance requirements


Desirable:

  • Certifications such as CISSP, CISM, or relevant security qualifications
  • Familiarity with regulatory requirements and security standards (e.g., ISO 27001, NIST)

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.