At a Glance
- Tasks: Lead the Vulnerability Management Programme and reduce cyber risk across the organisation.
- Company: Join a diverse and inclusive team at the Financial Ombudsman Service.
- Benefits: Flexible working options, health plans, gym memberships, and generous holiday entitlement.
- Other info: Opportunities for personal development and a fun, collaborative culture.
- Why this job: Make a real impact in cybersecurity while growing your career in a supportive environment.
- Qualifications: Strong knowledge of vulnerability management and experience with leading VM platforms.
The predicted salary is between 53833 - 65000 £ per year.
Contract: Permanent. Working hours: 35 hours per week, full time. We are open to part time or flexible working patterns; please state your desired pattern in your application.
Reporting to: Information and Cyber Security lead.
Salary: £53,833 to £65,000 for London location; £47,470 to £57,701 for other locations.
Location: London, Cardiff, Manchester, Coventry, or Edinburgh. Hybrid working: at least four days per fortnight in the office.
Extensive opportunities for personal and career development.
What you’ll do
You will lead and shape the Financial Ombudsman Service’s end‑to‑end Vulnerability Management Programme, owning how we identify, assess and reduce cyber risk across the organisation. Working within the Information and Cyber Security function, you will collaborate with technical teams and business stakeholders to embed strong governance, drive accountability and ensure vulnerabilities are effectively prioritised and remediated. You will provide structure, insight and clear reporting to the programme, translating complex risk into meaningful action for both technical teams and senior leadership.
Minimum Criteria
- Strong knowledge of vulnerability management frameworks, vulnerability lifecycle processes and risk‑based prioritisation models
- Hands‑on experience with leading VM platforms such as Qualys, Tenable, Rapid 7, Microsoft Defender for Cloud, including exploitation analysis, CVSS scoring and integration of threat intelligence feeds
- Proven experience engaging technical, business and governance teams to drive remediation accountability
- Knowledge of relevant cybersecurity standards, regulations and frameworks (e.g. NIST, SOC 2, ISO 27001, Cyber Essentials)
Nice to have
- Ability to communicate technical concepts to non‑technical stakeholders, including executives and procurement colleagues
- Strong analytical and problem‑solving skills, with a keen eye for detail
- Ability to manage multiple projects and prioritise tasks effectively
- Excellent written and verbal communication skills, with the ability to write clear, concise reports
Benefits
- Flexibility: remote, hybrid, or in‑office options
- Well‑being: health plan, gym memberships, mental health support
- Growth: investment in your future with courses, mentorship and promotions
- Culture: diverse, inclusive, collaborative, fun
- 25 days holiday entitlement, with option to buy or sell days
- Generous pension
- Family‑friendly policies, including enhanced maternity pay, carers and dependants leave
- Employer‑provided benefits such as private medical insurance, virtual GP, critical illness cover, life assurance cover
- Choice of voluntary benefits including technology scheme, cycle‑to‑work scheme, will‑writing service
- Gym membership discounts and a fully equipped on‑site gym open 24/7 in London only
Equal Opportunity Employer
The Financial Ombudsman is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all team members. We view diversity as fundamental to our success and welcome applications from under‑represented groups across all communities.
Vulnerability Management Lead employer: Financial Ombudsman Service
The Financial Ombudsman Service is an exceptional employer, offering a dynamic work culture that prioritises flexibility and well-being. With extensive opportunities for personal and career development, employees benefit from a diverse and inclusive environment, generous holiday entitlement, and a range of health and wellness initiatives, including gym memberships and mental health support. Located in major cities like London, Cardiff, Manchester, Coventry, and Edinburgh, the company fosters collaboration and innovation, making it an ideal place for professionals seeking meaningful and rewarding careers in cybersecurity.
Contact Details:
Financial Ombudsman Service Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Vulnerability Management Lead
✨Network Like a Pro
Get out there and connect with folks in the cybersecurity field! Attend meetups, webinars, or even local events. The more people you know, the better your chances of landing that Vulnerability Management Lead role.
✨Show Off Your Skills
When you get the chance to chat with potential employers, don’t hold back! Share your hands-on experience with VM platforms like Qualys or Tenable. Let them see how your skills can directly benefit their vulnerability management programme.
✨Tailor Your Approach
Make sure to tailor your conversations to the specific needs of the Financial Ombudsman Service. Highlight your knowledge of relevant cybersecurity standards and how you can help them reduce cyber risk effectively.
✨Apply Through Our Website
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in being part of our diverse and inclusive team.
We think you need these skills to ace Vulnerability Management Lead
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience with vulnerability management frameworks and risk-based prioritisation models. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant achievements!
Showcase Your Communication Skills:Since you'll be translating complex risks into clear actions for both technical teams and senior leadership, it’s crucial to demonstrate your ability to communicate effectively. Use examples in your application that show how you've successfully engaged with non-technical stakeholders.
Be Clear About Your Working Pattern:We’re open to flexible working patterns, so make sure to state your preferred working arrangement in your application. Whether you’re looking for part-time or hybrid options, let us know what works best for you!
Highlight Your Analytical Skills:As a Vulnerability Management Lead, strong analytical and problem-solving skills are key. In your application, include specific instances where you've tackled complex issues or managed multiple projects effectively. This will help us see your keen eye for detail in action!
How to prepare for a job interview at Financial Ombudsman Service
✨Know Your Vulnerability Management Frameworks
Make sure you brush up on your knowledge of vulnerability management frameworks and lifecycle processes. Be ready to discuss how you've applied these in past roles, especially with platforms like Qualys or Tenable. This will show that you’re not just familiar with the theory but have practical experience too.
✨Communicate Clearly with Non-Technical Stakeholders
Since you'll need to translate complex risk into meaningful action for non-technical stakeholders, practice explaining technical concepts in simple terms. Think about examples from your previous work where you successfully communicated with executives or procurement teams.
✨Demonstrate Your Analytical Skills
Prepare to showcase your analytical and problem-solving skills during the interview. Bring examples of how you've tackled vulnerabilities in the past, including any specific metrics or outcomes that highlight your attention to detail and effectiveness in managing multiple projects.
✨Show Enthusiasm for Personal Development
The role offers extensive opportunities for personal and career development, so express your eagerness to grow within the company. Mention any relevant courses or certifications you’re interested in pursuing, and how they align with the organisation's goals.
