Vulnerability Manager | S3 | Chief Information & Resilience Office | Multiple Locations in Milton Keynes

This job is with Santander UK, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.

Santander (www.santander.com) is evolving from a global, high-impact brand into a technology-driven organisation, and our people are at the heart of this journey. Together, we are driving a customer-centric transformation that values bold thinking, innovation, and the courage to challenge what's possible. This is more than a strategic shift. It's a chance for driven professionals to grow, learn, and make a real difference. Our mission is to contribute to help more people and businesses prosper. We embrace a strong risk culture and all our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

Santander Digital Services is the team of technology and operations at Santander. We are convinced of the importance of technology that is aligned with the requirements of the business and that our work not only brings value to users, people and communities but also fosters individual creativity. Our team of over 7,000 people in 8 countries (Spain, Portugal, Poland, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of on-premise and cloud-based platforms.

Santander UK is looking for a Vulnerability Manager based out of Unity Place, Milton Keynes or Glasgow. This role will support the delivery of a data-driven vulnerability management capability, enabling effective identification, assessment, and remediation of risks across services, systems, and third-party environments. This is a technically focused role with strong emphasis on data analysis, vulnerability tracking, and dependency understanding, ensuring that vulnerabilities are accurately captured, prioritised, and remediated in line with operational resilience objectives.

You will work across technology, cyber, and business teams to translate complex system and data insights into actionable risk outcomes, supporting the organisation in maintaining a strong and proactive risk posture. To succeed in this role, you will be responsible for:

• Maintaining a centralised vulnerability data set (single source of truth), ensuring clear linkage to source systems, impacted services (IBS), and remediation status.
• Supporting vulnerability identification, assessment, and prioritisation using data-driven approaches and risk frameworks.
• Performing resilience assessments with stakeholders, identifying weaknesses and driving proactive remediation actions.
• Analysing service architecture, technology dependencies, and data flows to understand vulnerability impact and systemic risk exposure.
• Providing SME challenge across cyber, data, and third-party environments to ensure effective vulnerability management practices.
• Supporting risk reporting, trend analysis, and MI production for governance forums and decision-making.
• Contributing to risk and control assessments (RCSA) and ensuring alignment with regulatory and internal frameworks.
• Collaborating with stakeholders to ensure timely remediation and effective risk mitigation across the Directorate.

Our people are our greatest strength. Every individual contributes unique perspectives that make us stronger as a team and as an organisation. We're enabling teams to go beyond by valuing who they are and empowering what they bring. The following requirements represent the knowledge, skills, and abilities essential for success in this role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Professional Experience

• Experience in operational risk, vulnerability management, or cyber/technology risk environments (Required).
• Experience working with risk frameworks, controls, and governance processes (Required).
• Experience analysing data from multiple sources to identify risk trends and insights (Required).
• Experience supporting regulatory, audit, or compliance activities (Preferred).

Education

• Undergraduate degree in Risk, Technology, Cybersecurity, Data, or related field, or equivalent experience (Preferred).

Languages

• English (Required).

Hard Skills

• Understanding of vulnerability management processes, tools, and frameworks (Required).
• Knowledge of technology architecture, system dependencies, and data flows (Required).
• Strong analytical capability for interpreting risk and vulnerability data (Required).
• Experience with risk reporting, MI, and trend analysis (Required).
• Knowledge of operational risk frameworks and regulatory expectations (Required).
• Familiarity with control frameworks (e.g. COSO, SOX) and risk assessment methodologies (Preferred).

Soft Skills

• Strong analytical thinking and problem-solving capability (Required).
• Ability to translate technical findings into business-relevant risk insights (Required).
• Strong stakeholder engagement and collaboration skills (Required).
• Ability to challenge constructively and influence outcomes (Required).
• High attention to detail and commitment to data accuracy and quality (Required).

At Santander, your contribution matters. We recognise the difference you make every day, and we make sure you feel valued, supported and rewarded in return. Here, recognition goes beyond pay. It's about the pride you feel in your work, the impact you have on customers and communities, and the opportunities you have to grow and thrive - personally and professionally.

Salary Range: £55,167.00 - £82,751.00 per annum (depending on experience)

This salary range represents the expected remuneration for the role. Annual salary is based on a standard 35-hour working week. Actual salary offered will depend on skills, experience, qualifications and location.

30 days' holiday plus bank holidays, which increases to 31 days after 5 years service, with the option to purchase up to 5 contractual days per year.

£6,000 car allowance per year.

Company funded individual private medical insurance.

Protection for you and your family, with company-funded death-in-service benefit and income protection insurance, and the option to take advantage of discounted rates for additional life assurance and critical illness cover.

Share in Santander's success by saving or investing in our share plans.

As a Santander UK employee, you are able to request staff versions of our products like our Edge Current Accounts and Credit Cards with no fees, as well as apply to many other deals and discounts in Santander products and services.

Competitive rewards that reflect the real impact you make and the value you bring.

Wellbeing that goes beyond work - we work with a range of wellbeing partners across our 4 pillars of wellbeing (physical, mental, social and financial) to give you access to a suite of apps, discounted gym and fitness access, weekly online classes, flexible healthcare and mental health support.

Support for every life stage - from menopause and pregnancy to parenthood and beyond, with enhanced family leave, childcare options and tailored wellbeing support.

Time to give back through volunteering opportunities that let you make a difference in the communities we serve.

Global growth opportunities to shape your career, learn new skills and explore what's possible across our international network.

Ready to be recognised? It starts with you.

At Santander, we're proud to be an inclusive organisation that provides equal opportunities for everyone - regardless of age, gender, disability, civil status, race, religion or sexual orientation. We're committed to creating a recruitment experience that's accessible, fair and welcoming for all candidates. We want our people to thrive - at work and at home - while delivering the best outcomes for our customers and supporting each other to grow.

To make this possible, our roles are site-based with a hybrid working pattern, where colleagues are expected to attend the office at least 12 days per month (pro-rata for part-time roles). When applying, please consider the travel distance, time and cost to your chosen office location(s).

Every individual must have the right to work in the UK to commence employment with Santander either by way of nationality, visa or work permit. If you do require a working visa / permit this will not influence our decision on whether to progress your application. However, if you do not have a right to work, or an application for a working visa / permit is unsuccessful, Santander will not proceed with your application and will withdraw any conditional offer previously made. We welcome applications on the understanding that, should you be offered this role, there may be no relocation package available. Santander will pay the employer mandatory government fees that are required to pay in connection with visa sponsorship. You may be liable for your own personal employee immigration and relocation costs.

If this sounds like a role you are interested in, then please apply. If there's anything we can do in the recruitment process to help you achieve your best, get in touch. Whether it's a copy of our application form in another format or additional assistance, we're available through email. You can contact us at resourcing@santander.co.uk.