Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead vulnerability management to keep our tech secure and resilient.
- Company: Join Mitchells & Butlers, a leader in the hospitality industry.
- Benefits: Enjoy 33% off at all brands, private healthcare, and 26 days annual leave.
- Why this job: Make a real impact on security while working with cutting-edge technology.
- Qualifications: 3+ years in vulnerability management or cyber security roles required.
- Other info: Be part of a diverse team that values inclusion and collaboration.
The predicted salary is between 36000 - 60000 £ per year.
We have an exciting opportunity for a Vulnerability Manager to join our award-winning Business Change and Technology team on a 12-month Fixed Term contract. Reporting into the Information Security Manager you will be responsible for managing, maintaining, and continuously improving the vulnerability management programme across our technology estate. This includes the identification, assessment, prioritisation, and remediation tracking of security vulnerabilities across on-premises systems, cloud environments, networks, applications, and endpoint devices. This role will ensure our technology environment remains secure, resilient, and aligned with internal security policies, legal and regulatory requirements, and industry best practice.
You will be well rewarded: Working 35 hours per week, Monday to Friday, with flexibility around your personal commitments. 33% off at all our brands, including our hotels. A pension that pays, where we’ll more than match your contributions (x1.5 of your contributions, up to a maximum of 5% of your salary). Private healthcare, dental plan, cycle-to-work, and keep-fit schemes. 26 days annual leave plus bank holidays.
The Opportunity – Vulnerability Manager:
- Vulnerability Management & Analysis
- Lead the end-to-end vulnerability management lifecycle, including discovery, scanning, validation, prioritisation, reporting, and remediation tracking.
- Operate and optimise M&B's vulnerability scanning platforms (e.g. Microsoft Defender Vulnerability Management, Edgescan, or equivalent).
- Conduct regular internal and external vulnerability assessments across infrastructure, applications, and cloud environments.
- Validate and analyse vulnerability data, ensuring findings are accurate, contextualised, and relevant to M&B's operational environment.
- Identify and assess critical vulnerabilities and zero-day threats, determining when issues require an expedited remediation.
- Assess vulnerability severity in the context of real-world exploitability, considering threat intelligence, exposure, asset criticality, and compensating controls.
- Maintain a defensible view of which vulnerabilities are exploitable versus non-exploitable, clearly documenting risk decisions and rationale.
- Assess potential business risks based on exploitability, criticality, asset value, and threat intelligence.
- Remediation Coordination
- Collaborate with internal technical teams and managed service providers to ensure vulnerabilities are remediated within agreed SLAs aligned to M&B's risk appetite.
- Develop remediation plans, monitor progress, and escalate high-risk issues where necessary.
- Support patch governance activities, ensuring patch cycles and emergency patches meet M&B security requirements.
- Security Governance & Compliance
- Ensure vulnerability management activities align with M&B's Information Security policies, standards, and operational procedures.
- Support compliance with GDPR, PCI DSS, and other relevant frameworks.
- Produce monthly and quarterly vulnerability risk reports, dashboards, and KPIs for management and relevant stakeholders.
- Provide evidence and reporting for internal and external audits, penetration tests, and regulatory reviews.
- Threat Intelligence & Continuous Improvement
- Integrate threat intelligence to focus remediation on actively exploited or high-risk vulnerabilities.
- Recommend improvements to tools, processes, automation, and reporting to enhance programme maturity.
- Stay updated on emerging vulnerabilities, zero-days, and relevant vendor advisories affecting hospitality and retail systems.
- Support incident response teams when vulnerabilities are linked to potential security events.
What you’ll need to bring to this Vulnerability Manager role:
- Proven experience in vulnerability management, cyber security operations, or technical security roles.
- Solid knowledge of cloud platforms (Azure), operating systems (Windows, Linux), networks, and common enterprise technologies.
- Familiarity with CVSS scoring, exploit analysis, and risk-based prioritisation.
- Experience working within large, distributed enterprise environments.
- Understanding of PCI DSS requirements relevant to a hospitality environment.
- Knowledge of SIEM, SOAR, EDR, and related security tooling.
- Ability to analyse large datasets and produce executive-level reporting with clear risk narratives.
- Experience supporting incident response and forensic investigations.
- Strong stakeholder management and communication skills, capable of influencing technical and non-technical teams.
- Understanding of patch management processes and operational constraints in business-critical environments.
- The ability to think laterally and constructively question established process.
- Able to manage multiple concurrent or competing demands.
- Confident and able to say no where appropriate.
- Positively collaborates with stakeholders to find reasonable and pragmatic solutions to issues.
Qualifications:
- Minimum of 3 years of hands-on experience in vulnerability management, cyber security operations, or a related technical security role.
- Demonstrable understanding of security principles, standards, and methodologies.
- One or more of CISM, CISSP, CEH, CompTIA Security+, CompTIA CySA+, GIAC GVMS preferred.
What makes Mitchells & Butlers a great place to work? To us, a career isn’t just about ‘clocking in’. We really care about our colleagues, and we’re an employer that keeps a promise. In fact, as one of the largest employers in the country, with over 44,000 people working for us, we have the responsibility of valuing every contribution from a diverse workforce that are representative of our guests, and who make us stronger. At M&B we value the unique perspectives each person brings. We believe that by fostering a culture of inclusion, respect, and allyship, we create a sense of belonging, engagement and teamwork which are essential to delivering great guest experiences. Join us and be a part of a great team.
Closing date: Wednesday 11th February 2026 at 11:59pm
it - Fleet St, Birmingham B JP, UK employer: Mitchells & Butlers
Contact Detail:
Mitchells & Butlers Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land it - Fleet St, Birmingham B JP, UK
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their values and how your skills align with their needs. This will help you stand out and show that you're genuinely interested in being part of their team.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or use online platforms to get comfortable with common questions. The more you practice, the more confident you'll feel when it’s time to shine.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who take the initiative to engage directly with us.
We think you need these skills to ace it - Fleet St, Birmingham B JP, UK
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Vulnerability Manager role. Highlight your experience in vulnerability management and any relevant certifications. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about this role and how you can contribute to our team. Keep it concise but impactful – we love a good story!
Showcase Your Technical Skills: Don’t forget to mention your technical skills, especially around cloud platforms and security tools. We’re keen on candidates who can demonstrate their knowledge of the latest technologies and best practices in cybersecurity.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It’s the best way for us to receive your application and keep track of it. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at Mitchells & Butlers
✨Know Your Vulnerabilities
Before the interview, brush up on your knowledge of vulnerability management. Familiarise yourself with common vulnerabilities, CVSS scoring, and the tools mentioned in the job description like Microsoft Defender and Edgescan. This will show that you’re not just a fit for the role but also genuinely interested in the field.
✨Showcase Your Experience
Prepare to discuss specific examples from your past roles where you successfully managed vulnerabilities or led remediation efforts. Use the STAR method (Situation, Task, Action, Result) to structure your answers, making it easier for the interviewer to see your impact.
✨Understand the Business Context
Research Mitchells & Butlers and understand how their technology environment operates within the hospitality sector. Be ready to discuss how your skills can help maintain security and compliance in a business-critical environment, especially regarding GDPR and PCI DSS.
✨Ask Insightful Questions
Prepare thoughtful questions about the company's current vulnerability management practices and future goals. This not only shows your interest but also gives you insight into how you can contribute to their success. For example, ask about their approach to integrating threat intelligence into their processes.
