11 Security Operations jobs in London

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
**Responsibilities**
**Responsibilities**
+ Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.)
+ Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network.
+ Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors.
+ Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies.
+ Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows.
+ Contribute to incident documentation, detection playbooks, and operational runbooks.
+ Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT).
**Qualifications**
**Required Qualifications:**
+ Graduate degree in engineering or equivalent discipline.
+ Experience in cybersecurity (SOC, IR, Threat Hunting, Red Team).
+ Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.).
+ Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations.
+ Proficiency in KQL, Python, or similar scripting languages for data analysis and automation.
+ Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs.
+ Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics.
+ Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus.
**Preferred Qualifications:**
+ Strong problem-solving and analytical mindset.
+ Excellent communication skills, able to explain technical risks to non-technical stakeholders.
+ Collaborative, team-first approach with ability to influence without direct authority.
+ Continuous learner with a passion for security.
#CISOOrg #RegulatedIndustries
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

About the Role:
Pearson is looking for an experienced Security Operations Center (SOC) analyst. This role is responsible for performing day-to-day security operations, continuous process improvement, detection engineering and project work related to SOC functions.
Responsibilities:
+ Identify, triage and contain security events, using automation and AI capabilities to reduce mean time to containment.
+ Perform in-depth investigation into the underlying root cause of issues.
+ Identify new detection opportunities and refine existing playbooks.
+ Implement and improve security processes and procedures within the SOC.
+ Ability and willingness to engage in a collaborative and high-performing team environment.
+ Maintain awareness and understanding of the current threat landscape. Analyze threat intelligence with an aim to mitigate emerging risks.
Qualifications:
+ Hands on experience and understanding of fundamental security concepts, SOAR, EDR, NDR and SIEM technologies.
+ Hands on experience with one or more Cloud Service Providers (AWS, Azure, GCP, etc).
+ Demonstrate the ability to multitask, adapt and thrive within a fast-paced environment.
+ Have excellent communication skills and stakeholder management.
+ SANS GCIH certification or equivalent.
+ +4 years' experience working in a Security Operations role.
**Who we are:**
At Pearson, our purpose is simple: to help people realize the life they imagine through learning. We believe that every learning opportunity is a chance for a personal breakthrough. We are the world's lifelong learning company. For us, learning isn't just what we do. It's who we are. To learn more: We are Pearson.
Pearson is an Equal Opportunity Employer and a member of E-Verify. Employment decisions are based on qualifications, merit and business need. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing
**Job:** Security
**Job Family:** TECHNOLOGY
**Organization:** Corporate Strategy & Technology
**Schedule:** FULL_TIME
**Workplace Type:**
**Req ID:** 20801

Our client is actively recruiting a Senior Security Operations Engineer to join their cutting-edge, fully remote cybersecurity team. This challenging role will be instrumental in designing, implementing, and maintaining the organization's security infrastructure, protecting against advanced cyber threats, and ensuring business continuity. As a remote-first position, you will leverage your expertise to build and manage resilient security systems, collaborate with global teams, and drive continuous improvement in our security posture. The ideal candidate will possess extensive experience in security operations, incident response, threat intelligence, and secure system architecture. Responsibilities include developing and automating security workflows, managing SIEM and SOAR platforms, conducting in-depth threat hunting, leading incident response efforts, performing security architecture reviews, and implementing robust security controls across cloud and on-premises environments. You will also be responsible for staying ahead of emerging threats, developing security playbooks, and mentoring junior security engineers. This role requires a deep technical acumen, exceptional problem-solving abilities, and a proactive, hands-on approach. We are seeking a security champion who thrives in a fast-paced, remote environment. A Bachelor's degree in Cybersecurity, Computer Engineering, or a related technical field is required. A Master's degree or equivalent experience is highly advantageous. A minimum of 7-10 years of progressive experience in security operations and engineering is essential. Advanced security certifications (e.g., CISSP, CISM, CCIE Security) are strongly preferred. Deep expertise in SIEM (Splunk, ELK), SOAR, EDR, cloud security (AWS, Azure), network security (firewalls, IDS/IPS), and scripting/automation (Python, Ansible) is mandatory. Proven experience in incident response, threat intelligence analysis, and forensic investigations is critical. Excellent communication and collaboration skills are necessary for working effectively within a distributed team and communicating technical concepts to diverse audiences. This is an unparalleled opportunity to lead cybersecurity initiatives in a remote capacity.

Who We Are
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.


What You'll Do
Security Continuous Monitoring Oversight

* Establish and lead BCG’s first enterprise-wide Cybersecurity Continuous Monitoring (CSCM) program, ensuring continuous visibility into system, endpoint, network, and cloud activity.
* Define and implement governance models, including ownership of monitoring metrics (e.g., MTTD, MTTR, false positive rate, coverage completeness).
* Stand up monitoring processes and integrate telemetry sources across SIEM, EDR, identity, network, and cloud platforms.
* Ensure monitoring outputs are actionable, enriching detection and response activities and informing risk and compliance stakeholders.
Technical Architecture & Integration

* Design and implement a continuous monitoring reference architecture, leveraging SIEM, SOAR, UEBA, and threat intelligence.
* Establish enterprise logging standards covering log coverage, retention, encryption, access, and integrity requirements.
* Drive automation of monitoring workflows and correlation logic to reduce dwell time and improve detection accuracy.
* Collaborate with threat intelligence teams to ensure real-time enrichment of event data and alignment with MITRE ATT&CK adversary tactics.
Program & Capability Development

* Build the CCM capability from the ground up, defining the operating model, reporting cadence, and engagement with SOC, risk, and compliance.
* Develop and track KPIs, ensuring CCM effectiveness is measurable and communicated to senior stakeholders.
* Prioritize creation of top 5–10 operational dashboards and reports that provide critical enterprise visibility.
* Mature the function from initial operational capability (M1) toward advanced maturity, embedding continuous improvement cycles.
STRATEGIC LEADERSHIP

* Serve as the founding leader for the CCM function, creating the strategy, roadmap, and tactical build plan.
* Partner with enterprise stakeholders across IT, Risk, and Security to align monitoring with business risk tolerance and resilience objectives.
* Influence senior leaders by translating technical telemetry insights into business-relevant intelligence.
* Build, inspire, and retain a high-performing team of analysts and engineers over time, leveraging both full-time staff and contractors.
* Advise senior leadership (via SecOPS) on monitoring-driven insights, risks, and mitigation recommendations.


What You'll Bring

* Bachelor’s degree (or equivalent). Master’s preferred.
* 10+ years in cybersecurity operations, with at least 5 years in security monitoring, SOC leadership, or equivalent detection & response functions.
* Proven track record of building or maturing monitoring capabilities (SIEM, SOAR, telemetry pipelines, UEBA, threat intel integration).
* Knowledge of log ingestion, normalization, correlation, and enrichment processes.
* Familiarity with leading monitoring technologies: Splunk, DataDog, Microsoft Defender, CrowdStrike Falcon, Azure/AWS/GCP telemetry, threat intelligence platforms.
* Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness.
* Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring.
* Experience in threat hunting, anomaly detection, and behavioral analytics.
* Strong leadership skills: able to recruit, mentor, and develop a high-performing team in a newly established function.
* Executive presence: able to present complex monitoring data and risks to senior leadership in clear, concise business terms.


Additional info
COMPETENCIES: Director, Cybersecurity Continuous Monitoring
Leads a critical security function with measurable business impact. Establishes foundational capabilities, manages delivery, and develops a growing team to support BCG’s enterprise security posture.
 
Technical & Functional Expertise

* Develops and executes the continuous monitoring strategy, aligned to enterprise security goals and SecOPS direction.
* Demonstrates deep technical expertise in telemetry ingestion, SIEM/SOAR integration, log management, and threat intelligence enrichment.
* Serves as a recognized expert in monitoring and detection, providing guidance to peers and influencing related security domains.
* Codifies monitoring practices and standards into repeatable processes and playbooks, reducing reliance on ad hoc approaches.
* Evaluates and pilots emerging monitoring technologies; ensures adoption of digital tools to scale efficiency and coverage.
Problem Solving & Insight

* Frames monitoring and detection challenges in business-relevant terms (risk, resilience, compliance).
* Uses data-driven methods (metrics such as MTTD, MTTR, false positives) to identify control gaps and inform improvements.
* Translates complex monitoring outputs into actionable insights for stakeholders across IT, Risk, and Security.
* Innovates in detection methodologies, leveraging behavioral analytics, anomaly detection, and adversary simulations.
* Acts as a problem-solver during incidents, ensuring monitoring outputs guide rapid containment and response.
Effectiveness & Value Creation

* Leads the build-out of the CCM function from the ground up, establishing governance, processes, and reporting.
* Structures, plans, and executes monitoring programs and initiatives, balancing near-term needs with long-term maturity goals.
* Delivers measurable outcomes (visibility, faster detection, reduced dwell time) that directly enhance business resilience.
* Proactively manages resources, balancing full-time staff and contractors to deliver capability within deadlines.
* Prioritizes actions with the highest impact on reducing enterprise cyber risk.
Role Model

* Operates with integrity, safeguarding BCG and client data through responsible monitoring practices.
* Promotes a culture of transparency, accountability, and data-driven decision-making in the team.
* Demonstrates perseverance and adaptability in building a new function with high visibility and expectations.
* Creates an inclusive working environment that values diverse technical and analytical perspectives.
* Leads by example, modeling sustainable workload practices even under incident-driven pressure.
Communication, Presence & Influence

* Develops and delivers clear dashboards, reports, and executive communications on monitoring outputs.
* Shapes perspectives by translating technical monitoring metrics into risk- and business-relevant insights.
* Communicates effectively across technical and non-technical audiences, ensuring alignment with IT and business leaders.
* Leads conversations in operational reviews, incident post-mortems, and governance forums.
* Encourages open dialogue within the team, and fosters credibility with cross-functional partners.
Teaming & Collaboration

* Builds strong partnerships with SOC, Offensive Security, IT Operations, and Security Architecture teams.
* Develops productive relationships across regions and business units to expand telemetry coverage.
* Works collaboratively with compliance, risk, and audit to align monitoring with enterprise governance.
* Anticipates and manages conflicts in data ownership, tool coverage, and priorities, resolving them constructively.
* Promotes knowledge-sharing across security teams, reducing silos and strengthening collective defense.
People Development & Leadership

* Defines the vision and purpose of the CCM function, instilling clarity and purpose for the team.
* Coaches and mentors analysts, engineers, and contractors to expand monitoring expertise.
* Provides stretch opportunities for team members to develop technical and leadership skills.
* Balances empowerment and oversight — ensuring autonomy in monitoring activities while maintaining governance discipline.
* Leads quality team meetings, defines clear objectives, and ensures alignment to SecOPS priorities.
* Provides frequent developmental feedback, fostering a culture of continuous learning and improvement.
 


Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.

BCG is an E - Verify Employer. (Click here )( for more information on E-Verify.

Security Operations Manager, EMEA - London, EC3V 4AN Responsibilities Security Operations Manager, EMEA

Are you an experienced physical security professional seeking your next challenge? We are looking for a dynamic Security Operations Manager to join our People Safety and Security Services team in London. In this role, you will play a critical part in protecting Aon’s people, property, and information across Europe, the Middle East, and Africa (EMEA).

Aon is in the business of better decisions

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organisation, we are united through trust as one inclusive team and we are passionate about helping our colleagues and clients succeed.

What the day will look like

As a Security Operations Manager, you’ll be part of an industry-leading team, helping to deliver holistic physical security solutions that protect Aon’s people, property and information. Reporting to the Regional Security Manager - EMEA, you will collaborate with a multitude of internal stakeholders including leadership, to identify risks, develop and implement risk mitigating initiatives that positively impact and mature the overall physical security posture of the EMEA region, ensuring the safety of our colleagues and the continuity of our business operations.

• Manage the security risk of Aon’s people, property, and information through the delivery of its robust physical security program.
• Conduct facility risk assessments and drive the implementation of risk mitigating initiatives and physical security solutions across EMEA.
• Enhance colleagues’ security awareness by taking an active role in developing and delivering the regions Physical Security Champion program.
• Lead the EMEA Physical Security Command Centre and UK guarding contract, driving performance and service excellence and maintaining compliance to legal, regulatory and client contractual obligations.
• Provide advice, guidance and insight to colleagues and leaders on how to manage and mitigate Aon’s physical security risks.
• Provide cross functional support to other People Safety and Security Services functions such as crisis management, investigations and event security.

How this opportunity is different

This is a unique opportunity to make a significant impact on Aon’s global security landscape. As Security Operations Manager, you’ll not only help safeguard Aon’s people, property and information, your contribution will help mature Aon’s regional physical security posture across EMEA.

As part of Aon’s physical security function, you’ll work in a collaborative, diverse environment where your expertise is valued, your professional growth is supported, and your contributions make a real positive impact on the lives of Aon colleagues and clients around the world.

Skills and experience that will lead to success

Strong experience in physical security operations, ideally with EMEA regional responsibility.

• Strong communication, negotiation, and presentation skills, both in-person and virtual.
• In-depth knowledge and experience of managing UK security guarding contracts and command centre operations.
• People management/leader experience preferred.
• Proven project management abilities, with experience managing multiple projects across the EMEA region.
• Skilled in identifying and managing physical security risks, from conducting facility risk assessments to development and implementation of risk mitigating measures.
• Familiarity with physical security technology such as access control and CCTV systems.
• Experience in security management within the financial services preferred.

How we support our colleagues

In addition to our comprehensive benefits package, we encourage an inclusive workforce. Plus, our agile environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions for our colleagues as well.

Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued.

Aon values an innovative and inclusive workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.

Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, colour, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status.

We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email 

#LI-JK1

#LI-HYBRID

We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the direction of our forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting and you will provide digital forensics and incident response solutions for matters which involve cyber response investigations, digital forensic investigations, eDiscovery and data analytics. Our clients include law firms and Fortune 500 multi-nationals across the globe.

Day to day, you will be executing and managing matters that arise on short notice and there will be a need to deploy the team and support crises. As the technical lead for engagements, you will provide direction to empower the team and provide quality assured, highly responsive forensic incident management. A significant portion of the role will require you to engage across the business to leverage technology consulting into all business development and go-to-market strategy. You will be responsible for increasing the technical team’s visibility and capability in performing business development and supporting marketing initiatives, from thought leaders, white papers, technical demonstrations and collaborative meetings with our colleagues with clients. This role will play a key part in ensuring our ongoing growth and success across the region.

Responsibilities

• Manage and provide forensic incident response consultancy and expertise in scoping data estates, data collections, investigative analysis to our clients
• Support our teams in our adjacent divisions, notably Digital Risks, Investigations and Technology Consulting across regions
• To provide high quality deliverables to our clients in a timely and efficient manner
• To ensure work is defensible and to an evidential standard as appropriate for tasks
• To be innovative and creative showing initiative in bringing teams together
• To anticipate client needs and continually strive for ways to work efficiently
• To respond to potential enquiries and convert these into opportunities/sales leads and proposals
• To actively engage and lead in business development and marketing for all of Discovery and Data Insights and across services (particularly Cyber and Investigations/Forensic Accounting)

• Willingness and flexibility to travel internationally

Requirements

• Extensive professional and technology experience, preferably in digital forensics in a cyber context, forensic investigations, financial crime or compliance setting.
• Proven knowledge and technical computer forensics experience for cyber incident response and investigations. Thorough understanding of best practice procedures (MITRE ATT&CK framework, NPCC, NIST, SANS etc.) evidence handling, computer systems and tools of the trade
• Expert understanding of multiple operating systems, particularly Microsoft and Linux infrastructure and networking systems, both on-premise and in the cloud, as well as dedicated cloud services such as Microsoft 365/Azure, Google Workspace, AWS etc.
• Expertise in PowerShell scripting, Bash scripts, Python, SQL and data wrangling for log analysis
• Expertise with the industry standard forensic software tools such as X-Ways, EnCase, Nuix, Axiom, Cellebrite and forensic hardware tools.
• Expertise with open-source tools (such as Velociraptor) and leveraging commercial tools (such as X-Ways, EnCase and Nuix) for forensic use.
• Established track record for performing forensic collections, involvement in incident response and digital investigations alongside maintaining detailed contemporaneous notes
• Able to prepare written analyses, summary reports, presentations and other client deliverables for projects and work performed.
• Impeccable written and oral presentation skills to effectively communicate with diverse audiences of varying degrees of expertise.
• Proven experience at managing client expectations and providing relevant solutions through the project lifecycle.
• Identify relevant extensible opportunities such as post-breach/post remediation services.
• Demonstrable interpersonal skills and an ability to work effectively in teams
• Experience in creating project estimates, project plans, proposals and retention agreements.
• Proven ability to manage and develop a team of professionals through empowerment, coaching and motivation.
• Ability to work well under pressure and meet tight deadlines, while effectively juggling competing demands, prioritising appropriately, and overseeing multiple tasks simultaneously.

Preferred

• Wide understanding of programming/scripting skills

Benefits

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

Software Engineering Manager, Site Reliability, Cloud Incident Response
_corporate_fare_ Google _place_ London, UK
**Advanced**
Experience owning outcomes and decision making, solving ambiguous problems and influencing stakeholders; deep expertise in domain.
**Minimum qualifications:**
+ Bachelor's degree or equivalent practical experience.
+ 8 years of experience with software development in one or more programming languages (e.g., Python, C, C++, Java, JavaScript).
+ 3 years of experience in a technical leadership role; overseeing projects, with 2 years of experience in a people management, supervision/team leadership role.
+ Experience with cloud services, telemetry systems and incident response.
**Preferred qualifications:**
+ Master's degree or PhD in Computer Science, or a related technical field.
+ Experience as a cloud customer.
**About the job**
Site Reliability Engineering (SRE) combines software and systems engineering to build and run large-scale, massively distributed, fault-tolerant systems. SRE ensures that Google Cloud's services-both our internally critical and our externally-visible systems-have reliability, uptime appropriate to customer's needs and a fast rate of improvement. Additionally SRE's will keep an ever-watchful eye on our systems capacity and performance.
Much of our software development focuses on optimizing existing systems, building infrastructure and eliminating work through automation. On the SRE team, you'll have the opportunity to manage the complex challenges of scale which are unique to Google Cloud, while using your expertise in coding, algorithms, complexity analysis and large-scale system design. SRE's culture of intellectual curiosity, problem solving and openness is key to its success. Our organization brings together people with a wide variety of backgrounds, experiences and perspectives. We encourage them to collaborate, think big and take risks in a blame-free environment. We promote self-direction to work on meaningful projects, while we also strive to create an environment that provides the support and mentorship needed to learn and grow.
The Cloud Incident Response Team supports the responders, tooling, and outcomes for Google Cloud Platform (GCP) major incidents. The team collaborates across GCP products, customer facing teams, and a wide range of stakeholders, where you will help coordinate, mitigate, or resolve issues across all of GCP.
Google Cloud accelerates every organization's ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
**Responsibilities**
+ Participate in on-call rotation supporting Critical Incident Response for GCP.
+ Focus on high-quality customer outcomes and collaboration across GCP teams.
+ Create Incident Management at Google (IMAG) training and processes for the incident management lifecycle in partnership with Cloud SRE Tech Leads, and the Cloud Support leadership team.
+ Build systems and tooling to support the team, enhance visibility, improve issue detection, and facilitate communication with customers, stakeholders, and other customer-facing teams.
+ Define and escalate risks in Cloud, reduce incident probabilities.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google'sApplicant and Candidate Privacy Policy (./privacy-policy) .
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See alsoGoogle's EEO Policy ( ,Know your rights: workplace discrimination is illegal ( ,Belonging at Google ( , andHow we hire ( .
If you have a need that requires accommodation, please let us know by completing ourAccommodations for Applicants form ( .
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also and If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form:

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The Threat and Vulnerability Management Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying, assessing, and remediating security vulnerabilities. The role sits within the Digital Engineering Services & Solutions (DES) department of the Technology Division.
The role is part of the Digital Engineering Services & Solutions (DES) department, which encompasses Infrastructure and Service Management across EMEA Bank, International Securities, and the 15+ countries in which these entities operate. The position is responsible for leading the Threat and Vulnerability Management function, including oversight of an outsourced offshore third-party service.
This function integrates secure practices into the development lifecycle and aligns with service transition processes to ensure compliance with internal controls and regulatory standards. It plays a critical role in governance, audit readiness, and the continuous improvement of MUFG's security posture, while also serving as the central coordination point for all vulnerability-related activities across DES.
The successful candidate must demonstrate proven experience in leading teams and fostering a culture of technical excellence. They will be expected to establish best practices for risk identification and remediation planning, while also influencing stakeholders and delivering competitive advantage for global organisations by protecting against external threats and potential security vulnerabilities.
NUMBER OF DIRECT REPORTS
Circa 5
**KEY RESPONSIBILITIES**
**Strategic Leadership & Vision**
+ Lead the design, development, operation and management of the department's Threat and Vulnerability Management (TVM) strategy and roadmaps, ensuring alignment with business requirements, services, strategic goals, and IT risk appetite.
+ Develop short, medium, and long-term strategic goals and objectives for DES TVM, including documenting the current environment and defining the future roadmap.
+ Define measurable, repeatable processes and reporting metrics, subject to continuous improvement.
+ Define the DES Threat and Vulnerability function's Key Risk Indicators (KRIs) and govern accordingly. Produce regular KPI, MI, and risk management data for senior management.
+ Responsible for identifying cost-saving and optimisation opportunities within MUS EMEA and the wider MUFG group.
**Operational Oversight & Technical Execution**
+ Lead a team of Threat and Vulnerability Engineers to deliver best practice operations and strategic development, shaping the department's security posture while adhering to MUFG policies and procedures.
+ Oversee the successful deployment of routine and out-of-band security patches across IT infrastructure.
+ Automate patch deployments and associated post-deployment check-outs.
+ Triage vulnerabilities into "Fix, Acknowledge, and Investigate" categories using industry-aligned risk rating methodologies.
+ Use ServiceNow Application Vulnerability Response (AVR) and Vulnerability Response (VR) modules to manage and report on vulnerabilities and violations across the estate, integrating with dashboards and workflows for visibility and accountability.
**Risk Management & Remediation**
+ Work with other technology teams to provide in-depth analysis of vulnerabilities and impacts to key stakeholders.
+ Collaborate with application teams to ensure secure coding practices and timely remediation of vulnerabilities, aligned with criticality-based policy enforcement.
+ Prioritise weaknesses in IT infrastructure and applications using manual and automated methods, including results from Static Application Testing (SAST) and Software Composition Analysis (SCA) tooling (in conjunction with the Service Transition team).
+ Influence stakeholders to prioritise and drive remediation of process and technology gaps
+ Work with Cyber Security, Application Teams, and IT Risk to ensure controls are met and vulnerabilities are addressed across infrastructure and applications.
+ Engage and support Cyber Security for remediation of penetration test findings.
+ Engage with Internal and External Auditors as the SME on all matters relating to VM.
**Stakeholder Engagement & Culture**
+ Act as the primary Service Matter Expert and point of contact for the Threat and Vulnerability Management function within DES.
+ Work closely with industry partners, vendors, and the wider technology ecosystem to leverage external expertise and best practices. Conduct market research to identify emerging risk and vulnerability trends.
+ Build strong relationships across Bank and Securities functions (e.g. IT Risk & Control, Cyber Security, Operational Risk), underpinned by trust and MUFG's core values.
+ Lead by example in building relationships across the Bank, strengthening peer networks and collaboration.
+ Promote MUFG's values-led culture, fostering inclusivity and diversity.
+ Champion staff cyber education and awareness to embed a proactive cyber-focused culture.
+ Promote a dynamic, delivery-driven culture that works alongside Technology and Business units to provide responsive resolutions and value-driven solutions.
**SKILLS AND EXPERIENCE**
**Leadership & Team Development**
+ Proven experience of directly managing a team of Threat and Vulnerability Engineers, including mentoring, developing, and guiding security professionals in a collaborative, high-performing environment.
+ Strong strategic thinking and visionary skills with the ability to co-develop and drive the function's technical vision, strategy, and roadmap aligned with business goals and risk appetite.
**Technical Expertise & Security Operations**
+ Prior extensive experience working within infrastructure environments and cloud platforms (AWS, Azure, Oracle), with a high-level understanding of platforms, operating systems, and technologies.
+ Proven capability in creating and executing comprehensive threat and vulnerability management programmes, including vulnerability scanning, penetration testing, and security awareness training.
+ Proficiency in using vulnerability scanning tools (e.g. Tenable, Qualys, Rapid7, Veracode, JFrog Xray), threat intelligence platforms, and incident response tools.
+ Prior experience implementing automated solutions for vulnerability scanning, threat detection, and incident response, with a focus on continuous process improvement.
**Risk Management & Threat Intelligence**
+ Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001), and deep understanding of security concepts including vulnerability management, threat intelligence, incident response, and offensive security techniques.
+ Experience in gathering and analysing threat intelligence to understand emerging threats, attack vectors, and threat actors. Maintains up-to-date knowledge of the latest security threats, vulnerabilities, and best practices.
+ Strong analytical and problem-solving skills to analyse data, identify patterns and develop effective solutions to mitigate risk.
**Communication & Stakeholder Engagement**
+ Proven ability to communicate effectively with senior management, providing governance and risk oversight.
+ Excellent verbal and written communication skills to report findings and collaborate across cross-functional Technology and non-Technology teams.
+ Ability to translate technical risks into business-relevant language for both technical and non-technical stakeholders, including executive leadership.
EDUCATION / QUALIFICATIONS/ TECHNICAL COMPETENCIES
**Essential**
+ Recognised cybersecurity certification: CISSP and/or CISM
+ Strong knowledge of:
+ Ivanti LANDesk, Qualys, Splunk
+ Windows Server/Desktop, RHEL/OEL Linux
+ PowerShell and Python scripting
+ Proven experience leading strategic security initiatives and process automation in large-scale environments
**Desirable**
+ Additional certifications: CCSP
+ Familiarity with:
+ CyberArk PAM, ServiceNow SecOps Vulnerability Response / Application Vulnerability Response.
+ VMWare, Nutanix, Java VM
+ MSSQL, Oracle, MongoDB
+ Red Hat Satellite, Active Directory, LDAP, Kerberos
+ Confluence, JIRA
+ GDPR and SOX compliance frameworks
**PERSONAL REQUIREMENTS**
+ Excellent communication skills
+ Ability to manage constructive conflict effectively
+ Ability to build strong and lasting relationships across the bank
+ Results driven, with a strong sense of accountability, focused on business outcomes
+ Strong decision-making skills, the ability to demonstrate sound judgement
+ A structured and logical approach to work
+ A creative and innovative approach to work
+ Excellent interpersonal skills
+ The ability to manage large workloads and tight deadlines
+ Excellent attention to detail and accuracy
+ A calm approach, with the ability to perform well in a pressurised environment
+ A confident approach, with the ability to provide clear direction to your team
+ Ability to lead a high performing team
+ A strategic approach, with the ability to lead and motivate your team
+ Conscientious, methodical and logical approach to work
We are open to considering flexible working requests in line with organisational requirements.
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

Description
Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem
Key job responsibilities
- Analyse public and private vulnerability disclosures and exploit code
- Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
- Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
- Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner
- Engineer high quality, scalable, and accurate vulnerability detection mechanisms
- Design and implement automation, tools and workflows to enhance our operations capabilities.
- Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Mentorship and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- 5 years security engineering experience in system, network, and/or application security
- 5 years experience developing vulnerability assessment tests with Python or Java.
- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem
- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.
- 3 years experience building cloud-based services
Preferred Qualifications
- Experience with AWS products and services
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.