Vulnerability Engineer

London - 2 days a week on site

£90K + great benefits

An impressive global media company is looking to hire a Vulnerability Engineer to take ownership of vulnerability remediation across a cloud and on-prem environment. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Vulnerability Engineer will drive and automate the vulnerability management programme across this business. This is a great opportunity for a passionate Vulnerability Engineer to build out a remediation programme and collaborate with a variety of stakeholders at all levels of this international superbrand

Vulnerability Engineer

Duties and Responsibilities

The successful Vulnerability Engineer will:

* Develop, implement, and maintain an automated and scalable vulnerability management program using Tenable and related tools.

* Create and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as NIST or ISO 27001.

* Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed; this business is in a transformative stage!

* Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go.

* Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively.

* Scope and coordinate penetration testing activities; track remediation and risk acceptance outcomes.

* Monitor, measure, and report on vulnerability management performance, including KPIs, SLAs, and risk metrics.

*

Vulnerability Engineer - Your Background

The ideal Vulnerability Engineer will have:

* A technical degree in Information Systems or similar

* Extensive experience with Vulnerability Management across both cloud and On-Prem environments

* Hands on experience with Tenable and integration of VM tooling into CI/CD pipelines

* Strong scripting skills using languages such as Python, Bash, PowerShell, or Go.

* Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack.

* Ability to scope penetration tests and manage findings through to remediation.

* Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS.

* Excellent communication, presentation, and influencing skills, with the ability to explain complex technical issues to non-technical stakeholders.

We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs