1,911 Vulnerability Assessment jobs in the United Kingdom

Overview

Job Description. We are seeking a proactive and detail-oriented Information Security Analyst to help safeguard our clients’ digital assets and IT infrastructure. The ideal candidate will be responsible for monitoring security events, responding to incidents, and supporting continuous security risk management, compliance initiatives, and vulnerability assessments. This is a hands-on role for professionals with strong experience in threat detection, SIEM tools, cyber risk analysis, and security best practices. You will work closely with security teams to prevent breaches, enhance cyber resilience, and ensure policy enforcement across the enterprise.nResponsibilities

Monitor, analyse, and respond to security alerts using SIEM platforms (e.g., Splunk, Sentinel).nConduct incident investigations, root cause analyses, and escalate critical threats.nSupport vulnerability scans, patch assessments, and mitigation planning.nMaintain security policies, procedures, and compliance documentation.nAssist in security audits, risk assessments, and internal/external reporting.nCollaborate with IT and compliance teams to strengthen the organization’s security posture.nPerform regular reviews of access controls, firewall logs, and endpoint security events.nStay up-to-date with evolving threats, tools, and security frameworks (e.g., NIST, ISO 27001).nRequirements & Details

Experience:

RequirednEmployment:

Full-timenSalary:

£45,000 – £70,000 yearlynBenefits:

Job Benefits • Competitive salary and bonus structure • Hybrid or remotenAbout MastarRec:

We are seeking a proactive and detail-oriented Information Security Analyst to help safeguard our clients’ digital assets and IT infrastructure. The ideal candidate will be responsible for monitoring security events, responding to incidents

#J-18808-Ljbffrn

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

• Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
• Lead the development and implementation of security policies, procedures, and controls
• Manage ISO27001 compliance, including internal and external audits
• Conduct risk assessments and oversee incident response planning
• Collaborate with technical teams to ensure security is embedded across services
• Advise on regulatory requirements and emerging threats

Candidate Profile:

• Extensive experience in information security within an MSP or MSSP
• CISSP certified
• Strong working knowledge of GRC frameworks, including ISO27001
• Demonstrated experience in a vCISO capacity
• Excellent stakeholder engagement and communication skills
• Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

• Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
• Lead the development and implementation of security policies, procedures, and controls
• Manage ISO27001 compliance, including internal and external audits
• Conduct risk assessments and oversee incident response planning
• Collaborate with technical teams to ensure security is embedded across services
• Advise on regulatory requirements and emerging threats

Candidate Profile:

• Extensive experience in information security within an MSP or MSSP
• CISSP certified
• Strong working knowledge of GRC frameworks, including ISO27001
• Demonstrated experience in a vCISO capacity
• Excellent stakeholder engagement and communication skills
• Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

️ Information Security Analyst Location: City of London (Hybrid – 2 days/week in office) Salary: Competitive Benefits Industry: B2B Travel Tech / SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment and settlement solutions for travel operators. What You’ll Do ️ ️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. Security Implementation: Improve and implement security measures across systems and infrastructure. Compliance: Ensure alignment with GDPR and other relevant data protection laws and industry standards. Reporting: Deliver detailed reports on incidents, vulnerabilities, and security effectiveness. Threat Research: Stay ahead of emerging threats and technologies to proactively defend systems. Disaster Recovery: Develop and test contingency plans to ensure business continuity. Cross-Team Collaboration: Work closely with IT, Engineering, and other departments to enhance security posture. Training: Deliver cybersecurity awareness training across the organisation. Who You Are ️ 3 years’ experience as an Information Security Analyst in a commercial tech environment Degree in Computer Science, Information Systems, or related field Certifications such as CISSP, CISM, CEH, or CompTIA Security (desirable) Strong analytical mindset and attention to detail Proficient in operating systems, firewalls, encryption, VPNs, and SIEM tools ️ Excellent communicator, able to engage both technical and non-technical audiences Proactive, curious, and passionate about staying ahead of cyber threats Culture Snapshot Hybrid working (Tues & Thurs in-office, flexibility expected) No dress code – substance over style Flat structure, direct access to leadership Debt-free, cash-rich, consistently profitable Opportunity to shape a new function and drive real impact

️ Information Security Analyst Location: City of London (Hybrid – 2 days/week in office) Salary: Competitive Benefits Industry: B2B Travel Tech / SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment and settlement solutions for travel operators. What You’ll Do ️ ️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. Security Implementation: Improve and implement security measures across systems and infrastructure. Compliance: Ensure alignment with GDPR and other relevant data protection laws and industry standards. Reporting: Deliver detailed reports on incidents, vulnerabilities, and security effectiveness. Threat Research: Stay ahead of emerging threats and technologies to proactively defend systems. Disaster Recovery: Develop and test contingency plans to ensure business continuity. Cross-Team Collaboration: Work closely with IT, Engineering, and other departments to enhance security posture. Training: Deliver cybersecurity awareness training across the organisation. Who You Are ️ 3 years’ experience as an Information Security Analyst in a commercial tech environment Degree in Computer Science, Information Systems, or related field Certifications such as CISSP, CISM, CEH, or CompTIA Security (desirable) Strong analytical mindset and attention to detail Proficient in operating systems, firewalls, encryption, VPNs, and SIEM tools ️ Excellent communicator, able to engage both technical and non-technical audiences Proactive, curious, and passionate about staying ahead of cyber threats Culture Snapshot Hybrid working (Tues & Thurs in-office, flexibility expected) No dress code – substance over style Flat structure, direct access to leadership Debt-free, cash-rich, consistently profitable Opportunity to shape a new function and drive real impact

Information Security Consultant - Virtual CISO (vCISO) Up to £80,000 | Fully Remote (with occasional client travel) My client is seeking an experienced cyber security professional to step into a Virtual CISO (vCISO) role, acting as a trusted advisor to a diverse portfolio of organisations. This is an opportunity to directly influence and shape cyber security strategies at board level while embedding yourself as a valued extension of your clients’ security teams. Key Responsibilities Serve as a strategic security partner, helping clients to define, develop, and mature their cyber security roadmap. Build strong, long-term relationships with stakeholders and establish yourself as a core member of their security function. Take ownership of client-specific Security Improvement Plans, ensuring risks are reduced and resilience is increased. Lead governance and oversight activities, including risk reviews, board-level reporting, and mentoring client teams. Carry out security reviews across cloud, hybrid, and on-premises environments, identifying vulnerabilities and improvement areas. Work closely with SOC teams to review threat hunting outcomes and ensure remediation of poor practices. Provide guidance on compliance and frameworks such as ISO 27001, Cyber Assessment Framework (CAF), and Cyber Essentials. Contribute to incident readiness and response as part of the Cyber Security Incident Response Team (CSIRT). Actively contribute to the internal growth and knowledge-sharing within the wider team, suggesting improvements and supporting colleagues. Ensure compliance with internal security and governance standards. About You: Proven experience as a CISO, vCISO, or senior cyber security advisor. Strong knowledge of security frameworks, governance, risk management, and compliance. Excellent communication and stakeholder engagement skills, with the ability to influence at board level. Hands-on experience with cloud and hybrid architectures, audits, and security assessments. Incident response and crisis management experience is a plus. Holding CISSP/CISM ISO27001 Lead implementer What’s on Offer Salary up to £80,000 Fully remote role with flexibility to travel to client sites when required Opportunity to work across varied industries, influencing security at the highest levels If you’re looking for a role where you can combine strategic influence with hands-on expertise, and you thrive on building trusted client relationships, this could be your next career move.

**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now