Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead vulnerability management and enhance cyber defence capabilities in a dynamic team.
- Company: Join the Intellectual Property Office, a key player in cyber security.
- Benefits: Enjoy competitive salary, hybrid working, unlimited learning access, and generous leave.
- Why this job: Make a real impact in cyber security while developing your skills in a supportive environment.
- Qualifications: Experience in vulnerability management and excellent communication skills are essential.
- Other info: Great career progression opportunities in a collaborative and innovative workplace.
The predicted salary is between 40000 - 60000 £ per year.
This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider, well established security function operating within a highly regulated environment.
In this role, you will lead and continuously enhance the management of vulnerability assessments across our hybrid IT estate. You will prioritise remediation activities using a risk based, threat informed approach, collaborating with stakeholders to strengthen the security posture of our systems and services. You will also oversee our threat intelligence capability, identifying and maintaining relevant intelligence sources to inform tactical, operational, and strategic decision making. You will produce and share high quality threat intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPO's protection, detection, and response capabilities.
Working Style
This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office. The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working arrangements with the recruiting manager to agree a reasonable balance between working from home and the office.
Main duties consist of but are not limited to:
- Vulnerability Management (Primary Focus)
- Lead and enhance the organisations vulnerability management programme, including our Penetration Testing programme across a complex hybrid IT environment covering both infrastructure and applications.
- Scoping, prioritising work, engaging with stakeholders, and ensuring remediation activities happen in a timely fashion.
- Prioritise vulnerabilities using a risk-based, threat-informed approach to support organisational objectives, regulatory requirements, and audit needs.
- Oversee the full lifecycle of vulnerabilities, including triage, mitigation planning, remediation recommendations, and stakeholder coordination.
- Develop and maintain vulnerability management policies, procedures, standards, and best practice guidance.
- Threat Intelligence
- Produce high quality tactical, operational, and strategic intelligence assessments and briefings using analysis and interpretation of current threat intelligence.
- Utilising and liaising with internal stakeholders, commercial sources, open-source intelligence and government partners to provide a rounded, comprehensive view of the current threat landscape.
- Lead initiatives to strengthen the organisations intelligence capability and participate in information sharing communities.
- Incident Response Support
- Contribute and enhance our incident response processes, representing Cyber Security in operational incident calls, keeping stakeholders informed and liaising with government bodies to ensure timely and effective management of threat intelligence and threat hunting.
- Cyber Risk Management
- Play an integral part in Cyber Security risk management, conducting risk and threat assessments aligned with regulations.
- Using your knowledge of standards and expertise to support our stakeholders by providing pragmatic and proportionate advice and best practice guidance.
- Metrics & Reporting
- Develop and maintain actionable metrics that demonstrate the effectiveness of the organisations vulnerability management and threat intelligence capabilities.
Person specification
Essential Criteria
- Strong understanding and experience of vulnerability management, threat intelligence and security operations.
- Experience of managing penetration testing programs.
- Broad technical knowledge, especially around cloud and hybrid technologies.
- Highly organised and self-motivated, able to manage and deliver on multiple concurrent tasks.
- Excellent communication and interpersonal skills.
- Ability to interact with stakeholders of all levels.
- A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.
- Sense of urgency and an ability to respond to tasks proactively and promptly.
- Continually stay abreast of emerging security technologies, threats and trends.
- Self-motivated to drive their learning needs.
How to Apply
Click the 'Apply now' button and complete the application form by providing the following:
- Your CV: Upload an anonymised copy of your current CV. Please remove all identifying markers such as name, title, education institution etc. Make sure it clearly shows how you meet the essential criteria listed in the Person Specification.
- 500-word Personal Statement: Use this to explain why you're suitable for the role. Structure your statement around the essential criteria in the Person Specification. Make sure to provide clear examples to show how you meet each requirement.
- Technical: Provide a 250-word example that demonstrates your technical ability: Penetration testing (focused on managing penetration testing programs rather than conducting the tests themselves): Level - Practitioner.
We'll assess you against these behaviours during the selection process: Seeing the Big Picture, Managing a Quality Service, Changing and Improving.
We'll assess you against these technical skills during the selection process: Provide a 250-word example that demonstrates your technical ability. Penetration testing (focused on managing penetration testing programs rather than conducting the tests themselves): At interview a presentation will be used to assess this. Further details will be provided in your invite to interview.
We only ask for evidence of these technical skills on your application form: Provide a 250-word example that demonstrates your technical ability. Penetration testing (focused on managing penetration testing programs rather than conducting the tests themselves).
Benefits
Alongside your salary of £47,766, Intellectual Property Office contributes £13,837 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
Unlimited Pluralsight video learning access, Access to Microsoft's ESI training suite, Hybrid working with no core hours, Substantial support for career progression, 25 days annual leave moving to 30 days in annual increments, 8 days public leave and 1 day privilege leave.
For more information about what's on offer at the Intellectual Property Office please review our IPO benefit pack attached to the bottom of this advert. Please note that benefits may be subject to change.
Locations
Incident and Vulnerability Manager in Newport, Wales employer: Intellectual Property Office
Contact Detail:
Intellectual Property Office Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Incident and Vulnerability Manager in Newport, Wales
✨Tip Number 1
Network like a pro! Reach out to your connections in the cyber security field, especially those who work at the IPO or similar organisations. A friendly chat can sometimes lead to insider info about job openings or even a referral.
✨Tip Number 2
Prepare for interviews by brushing up on your technical skills and understanding the latest trends in vulnerability management and threat intelligence. We recommend creating a cheat sheet of key concepts and examples from your experience to showcase during your interview.
✨Tip Number 3
Don’t just wait for job postings! Be proactive and reach out directly to hiring managers or team leads at the IPO. Express your interest in the Incident and Vulnerability Manager role and share how your skills align with their needs.
✨Tip Number 4
When you get an interview, make sure to ask insightful questions about the team’s current challenges and how they measure success in vulnerability management. This shows you’re genuinely interested and ready to contribute to their goals.
We think you need these skills to ace Incident and Vulnerability Manager in Newport, Wales
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the role of Incident and Vulnerability Manager. Highlight your experience in vulnerability management and threat intelligence, and don’t forget to showcase your technical skills related to penetration testing.
Craft a Compelling Personal Statement: Your personal statement is your chance to shine! Structure it around the essential criteria in the person specification and provide clear examples that demonstrate how you meet each requirement. Be specific and show us why you're the perfect fit!
Showcase Your Technical Skills: When providing your 250-word example of technical ability, focus on managing penetration testing programmes. Use this opportunity to illustrate your understanding of the process and how you've successfully led similar initiatives in the past.
Apply Through Our Website: We encourage you to apply through our website for a smooth application process. It’s the best way to ensure your application gets the attention it deserves, so don’t hesitate—hit that 'Apply now' button!
How to prepare for a job interview at Intellectual Property Office
✨Know Your Vulnerabilities
Before the interview, brush up on your knowledge of vulnerability management and threat intelligence. Be ready to discuss specific frameworks or methodologies you've used in past roles. This will show that you’re not just familiar with the concepts but have practical experience applying them.
✨Prepare Your Examples
Think of concrete examples from your previous work that demonstrate your ability to manage penetration testing programmes and enhance vulnerability management. Use the STAR method (Situation, Task, Action, Result) to structure your responses, making it easier for the interviewer to follow your thought process.
✨Engage with Stakeholders
Since this role involves collaboration with various stakeholders, be prepared to discuss how you’ve successfully engaged with different teams in the past. Highlight your communication skills and provide examples of how you’ve built relationships to strengthen security postures.
✨Stay Current with Trends
Cybersecurity is always evolving, so make sure you’re up-to-date with the latest threats and technologies. Mention any recent developments in the field during your interview to demonstrate your commitment to continuous learning and staying ahead of the curve.