Threat and Vulnerability Management Team Lead

12‑month contract (initially). Based onsite in London. Rate £400–£500 per day via Umbrella.

Key Responsibilities

• Strategic Leadership & Vision
  • Lead the design, development, operation and management of the department’s Threat and Vulnerability Management (TVM) strategy and roadmaps, ensuring alignment with business requirements, services, strategic goals and IT risk appetite.
  • Develop short, medium and long‑term strategic goals and objectives for the TVM function, documenting the current environment and defining the future roadmap.
  • Define measurable, repeatable processes and reporting metrics, subject to continuous improvement.
  • Define the function’s Key Risk Indicators (KRIs) and govern accordingly, producing regular KPI, MI and risk‑management data for senior management.
  • Identify cost‑saving and optimisation opportunities within EMEA and the wider group.
• Operational Oversight & Technical Execution
  • Lead a team of Threat and Vulnerability Engineers to deliver best‑practice operations and strategic development, shaping the department’s security posture while adhering to policies and procedures.
  • Oversee the successful deployment of routine and out‑of‑band security patches across IT infrastructure, automating patch deployments and associated post‑deployment check‑outs.
  • Triage vulnerabilities into “Fix, Acknowledge, and Investigate” categories using industry‑aligned risk rating methodologies.
  • Use ServiceNow Application Vulnerability Response (AVR) and Vulnerability Response (VR) modules to manage and report on vulnerabilities and violations across the estate, integrating with dashboards and workflows for visibility and accountability.
• Risk Management & Remediation
  • Work with other technology teams to provide in‑depth analysis of vulnerabilities and impacts to key stakeholders.
  • Collaborate with application teams to ensure secure coding practices and timely remediation of vulnerabilities, aligned with criticality‑based policy enforcement.
  • Prioritise weaknesses in IT infrastructure and applications using manual and automated methods, including results from SAST and SCA tooling in conjunction with the Service Transition team.
  • Influence stakeholders to prioritise and drive remediation of process and technology gaps.
  • Work with Cyber Security, Application Teams and IT Risk to ensure controls are met and vulnerabilities are addressed across infrastructure and applications.
  • Engage and support Cyber Security for remediation of penetration test findings.
  • Act as the SME for internal and external auditors on all matters relating to vulnerability management.
• Stakeholder Engagement & Culture
  • Act as the primary Service Matter Expert and point of contact for the TVM function within the organisation.
  • Work closely with industry partners, vendors and the wider technology ecosystem to leverage external expertise and best practices, and conduct market research to identify emerging risk and vulnerability trends.
  • Build strong relationships across functions, underpinning trust and core values.
  • Lead by example in building relationships, strengthening peer networks and collaboration.
  • Promote a values‑led culture, fostering inclusivity and diversity.
  • Champion staff cyber‑education and awareness to embed a proactive cyber‑focused culture.
  • Promote a dynamic, delivery‑driven culture that works alongside technology and business units to provide responsive resolutions and value‑driven solutions.

Key Skills & Experience

• Leadership & Team Development
  • Proven experience of directly managing a team of Threat and Vulnerability Engineers, including mentoring, developing and guiding security professionals.
  • Strong strategic thinking and visionary skills, able to co‑develop and drive the function’s technical vision, strategy and roadmap aligned with business goals and risk appetite.
• Technical Expertise & Security Operations
  • Extensive experience within infrastructure environments and cloud platforms (AWS, Azure, Oracle), with a high‑level understanding of platforms, operating systems and technologies.
  • Proven capability in creating and executing comprehensive threat and vulnerability management programmes, including vulnerability scanning, penetration testing and security awareness training.
  • Proficiency with vulnerability scanning tools (e.g. Tenable, Qualys, Rapid7, Veracode, JFrog Xray), threat intelligence platforms and incident‑response tools.
  • Experience implementing automated solutions for vulnerability scanning, threat detection and incident response, focusing on continuous process improvement.
• Risk Management & Threat Intelligence
  • Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001) and deep understanding of vulnerability management, threat intelligence, incident response and offensive security techniques.
  • Experience gathering and analysing threat intelligence to understand emerging threats, attack vectors and threat actors, maintaining up‑to‑date knowledge of the latest security threats, vulnerabilities and best practices.
  • Strong analytical and problem‑solving skills to analyse data, identify patterns and develop effective solutions to mitigate risk.
• Communication & Stakeholder Engagement
  • Proven ability to communicate effectively with senior management, providing governance and risk oversight.
  • Excellent verbal and written communication skills to report findings and collaborate across cross‑functional technology and non‑technology teams.
  • Ability to translate technical risks into business‑relevant language for both technical and non‑technical stakeholders, including executive leadership.
  • Recognised cybersecurity certification: CISSP and/or CISM.
  • Strong knowledge of: Ivanti LANDesk, Qualys, Splunk, Windows Server/Desktop, RHEL/OEL Linux, PowerShell and Python scripting.
  • Proven experience leading strategic security initiatives and process automation in large‑scale environments.

Equal Opportunity Statement

We welcome applications from all individuals, regardless of background or identity, and encourage candidates who may not meet every listed requirement to still apply. We are committed to fostering an inclusive, equitable and accessible workplace, and will provide adjustments or support during the recruitment process if required.