13 Vulnerability Management jobs in the United Kingdom

Role: Vulnerability Management

Job Type: Contract

Day Rate: 300 - 330 per day (inside IR35)
Duration: 4 Months

Work Location: Milton Keynes, United Kingdom (thrice in a week at client office) - Mandatory
Start date : ASAP

Note: Candidate should be immediately available

• Understand and analyse vulnerability data before they becomes overdue
• Organize and create work packages for teams for resolution
• Ensure fixes begin within SLA to prevent delays
• Help prioritize overdue and upcoming vulnerabilities effectively.
• Collaborate across teams to streamline technical remediation efforts."
• Understanding of vulnerability assessment and remediation processes
• Ability to triage and create meaningful work packages for remediation of vulnerabilities.
• Good coordination skills to facilitate work packages.
• Effective ability for cross-team collaboration.
• Planning and Management skills

VULNERABILITY MANAGEMENT ANALYST

Up to £70,000 / Bonus + Excellent Staff Benefits

Strong Career Growth Opportunities

2 Days Onsite / 3 Days Remote

No Shift Work (Normal 09:00-17:30pm) Working Hours

An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces behind Innovative Development of Enterprise-Led I.

WHJS1_UKTJ

VULNERABILITY MANAGEMENT ANALYST

Up to £70,000 / Bonus + Excellent Staff Benefits

Strong Career Growth Opportunities

2 Days Onsite / 3 Days Remote

No Shift Work (Normal 09:00-17:30pm) Working Hours

An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces behind Innovative Development of Enterprise-Led I.

WHJS1_UKTJ

Starling is the UK’s first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way.

We’re a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We’re a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices.

Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together!

The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

Hybrid Working

We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. In Technology, we're asking that you attend the office a minimum of 1 day per week.

About the Role

We are seeking a highly motivated and experienced Vulnerability Management Engineer to join our Cyber Security team. As a Vulnerability Management Engineer, your primary responsibility will be to manage existing vulnerability management-specific tooling, and have an active role in improving existing processes. You will achieve this by creating automated solutions through collaboration with various technical teams.

Responsibilities

• Develop and maintain vulnerability management tooling and solutions
• Implement automation to remove manual processes and increase efficiency
• Work with internal remediators to prioritise vulnerability management activities
• Process vulnerability data to provide reports, insights and metrics, that aid in the risk-based approach to vulnerability management.
• Develop integrations for internal and external tools to capture data relevant to the vulnerability remediation process (e.g. by interacting with APIs)
• Ensure compliance with relevant security standards, frameworks, and regulations
• Stay up to date with the latest trends and developments in vulnerability management, security standards, and regulations

Requirements

• Strong technical knowledge of cloud infrastructure, particularly AWS and containerisation technologies.
• Demonstrable experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.
• Proficiency in at least one programming language (ideally Java or Golang) for developing automation and integrations.
• Strong engineering and automation background
• Strong automation skills with CI/CD experience
• Experience with developing integrations by interacting with APIs
• Ability and willingness to learn new technologies and adapt to evolving security landscapes
• The capability to understand the bigger picture while effectively managing details
• Strong written and verbal communication skills to effectively collaborate with cross-functional teams and stakeholders

Good to have

• Interest in cyber security, specifically Vulnerability Management
• Familiar with TypeScript/Vue.js 
• Open source scanning tool such as Trivy or similar

Interview process

Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team:

• Introductory video call - ~45 minutes
• Technical video interview - ~1.5 hours
• Final Interview ~45 minutes

Benefits

• 33 days holiday (including public holidays, which you can take when it works best for you)
• An extra day’s holiday for your birthday
• Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
• 16 hours paid volunteering time a year
• Salary sacrifice, company enhanced pension scheme
• Life insurance at 4x your salary & group income protection
• Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family-friendly policies
• Incentives refer a friend scheme
• Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
• Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing

About us

You may be put off applying for a role because you don't tick every box. Forget that! While we can’t accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren’t sure if you're 100% there yet, get in touch anyway. We’re on a mission to radically reshape banking – and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.

Starling Bank is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice.

By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.

Description

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!

Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem



Key job responsibilities

- Analyse public and private vulnerability disclosures and exploit code

- Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.

- Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.

- Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner

- Engineer high quality, scalable, and accurate vulnerability detection mechanisms

- Design and implement automation, tools and workflows to enhance our operations capabilities.

- Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.

- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL

Basic Qualifications

- Bachelor's degree in computer science or equivalent

- Knowledge of networking protocols such as HTTP, DNS and TCP/IP

- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language

- 5 years security engineering experience in system, network, and/or application security

- 5 years experience developing vulnerability assessment tests with Python or Java.

- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem

- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.

- 3 years experience building cloud-based services

Preferred Qualifications

- Experience with AWS products and services

- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security



Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.



Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.



Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.

Description

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!

Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem



Key job responsibilities

Analyse public and private vulnerability disclosures and exploit code

Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.

Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.

Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner

Engineer high quality, scalable, and accurate vulnerability detection mechanisms

Design and implement automation, tools and workflows to enhance our operations capabilities.

Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.

Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL

Basic Qualifications

- Bachelor's degree in computer science or equivalent

- Knowledge of networking protocols such as HTTP, DNS and TCP/IP

- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language

- 5 years security engineering experience in system, network, and/or application security

- 5 years experience developing vulnerability assessment tests with Python or Java.

- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem

- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.

- 3 years experience building cloud-based services

Preferred Qualifications

- Experience with AWS products and services

- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security



Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.



Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.



Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.

Description

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!

Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem



Key job responsibilities

Analyse public and private vulnerability disclosures and exploit code

Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.

Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.

Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner

Engineer high quality, scalable, and accurate vulnerability detection mechanisms

Design and implement automation, tools and workflows to enhance our operations capabilities.

Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.

Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL

Basic Qualifications

- Bachelor's degree in computer science or equivalent

- Knowledge of networking protocols such as HTTP, DNS and TCP/IP

- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language

- 5 years security engineering experience in system, network, and/or application security

- 5 years experience developing vulnerability assessment tests with Python or Java.

- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem

- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.

- 3 years experience building cloud-based services

Preferred Qualifications

- Experience with AWS products and services

- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security



Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.



Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.



Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.

Description

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!

Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem



Key job responsibilities

- Analyse public and private vulnerability disclosures and exploit code

- Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.

- Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.

- Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner

- Engineer high quality, scalable, and accurate vulnerability detection mechanisms

- Design and implement automation, tools and workflows to enhance our operations capabilities.

- Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.

- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL

Basic Qualifications

- Bachelor's degree in computer science or equivalent

- Knowledge of networking protocols such as HTTP, DNS and TCP/IP

- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language

- 5 years security engineering experience in system, network, and/or application security

- 5 years experience developing vulnerability assessment tests with Python or Java.

- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem

- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.

- 3 years experience building cloud-based services

Preferred Qualifications

- Experience with AWS products and services

- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security



Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.



Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.



Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.

Description

Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team!



Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.



Key job responsibilities

- Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon.

- Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments.

- Collaborate with builder teams to implement security fixes and improvements.

- Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.

- Review and analyse common vulnerability disclosures and assist in evaluating potential impacts.

- Help triage vulnerabilities and contribute to impact and detection logic assessments.

- Contribute to the development of automation of repetitive tasks.

- Actively participate in updating documentation and sharing knowledge across your global peers.

- Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.



If you're excited about the opportunity to make a significant impact on the security of one of the world's largest and most complex technology ecosystems from our London office, we'd love to hear from you!



About the team

Why Amazon Security?



At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazonu2019s products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.



Inclusive Team Culture



In Amazon Security, itu2019s in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.



Training & Career Growth



Weu2019re continuously raising our performance bar as we strive to become Earthu2019s Best Employer. Thatu2019s why youu2019ll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.



Work/Life Balance



We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, thereu2019s nothing we canu2019t achieve.



Mentorship & Career Growth



Weu2019re continuously raising our performance bar as we strive to become Earthu2019s Best Employer. Thatu2019s why youu2019ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.

Basic Qualifications

- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 3+ years equivalent technology experience

- Strong understanding of security concepts with a security mindset.

- Strong understanding of computer and network weaknesses and mitigating controls.

- Strong ability to understand risk and prioritisation in the context of the business.

- Ability to communicate effectively within technical and business settings.

- Ability to document learnings and contribute to knowledge sharing and runbook building.

- Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).

- Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.

Preferred Qualifications

- 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.

- Ability to prioritise multiple tasks and projects.

- Have a passion to learn and thrive in a dynamic and constantly changing environment.

- Experience with virtualisation technologies, especially with AWS services.

- Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.

- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.

- Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.

- Understanding of best practices across multiple security disciplines/domains.

- Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.

- Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.



Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.



Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.



Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.