Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage and assess vulnerabilities to enhance operational resilience across services and systems.
- Company: Join a leading organisation focused on cybersecurity and risk management.
- Benefits: Competitive salary, generous holiday, private medical insurance, and flexible working options.
- Other info: Inclusive workplace with excellent career growth and well-being support.
- Why this job: Make a real impact in cybersecurity while developing your skills in a dynamic environment.
- Qualifications: Experience in risk or vulnerability management and strong analytical skills required.
The predicted salary is between 55167 - 82751 ÂŁ per year.
The vulnerability manager will support the delivery of a data‑driven vulnerability management capability, ensuring that vulnerabilities across services, systems, and third‑party environments are accurately identified, assessed and remediated in line with operational resilience objectives. The role is based at Unity Place, Milton Keynes or Glasgow.
Responsibilities
- Maintain a centralised vulnerability data set (single source of truth), ensuring clear linkage to source systems, impacted services and remediation status.
- Support vulnerability identification, assessment and prioritisation using data‑driven approaches and risk frameworks.
- Perform resilience assessments with stakeholders, identifying weaknesses and driving proactive remediation actions.
- Analyse service architecture, technology dependencies and data flows to understand vulnerability impact and systemic risk exposure.
- Provide SME challenge across cyber, data and third‑party environments to ensure effective vulnerability management practices.
- Support risk reporting, trend analysis and MI production for governance forums and decision‑making.
- Contribute to risk and control assessments (RCSA) and ensure alignment with regulatory and internal frameworks.
- Collaborate with stakeholders to ensure timely remediation and effective risk mitigation across the Directorate.
Qualifications
- Professional Experience – experience in operational risk, vulnerability management or cyber/technology risk environments (required); experience with risk frameworks, controls and governance processes (required); experience analysing data from multiple sources to identify risk trends and insights (required); experience supporting regulatory, audit or compliance activities (preferred).
- Education – undergraduate degree in Risk, Technology, Cybersecurity, Data or a related field, or equivalent experience (preferred).
- Languages – English (required).
- Hard Skills – understanding of vulnerability management processes, tools and frameworks (required); knowledge of technology architecture, system dependencies and data flows (required); strong analytical capability for interpreting risk and vulnerability data (required); experience with risk reporting, MI and trend analysis (required); knowledge of operational risk frameworks and regulatory expectations (required); familiarity with control frameworks such as COSO and SOX (preferred).
- Soft Skills – strong analytical thinking and problem‑solving capability (required); ability to translate technical findings into business‑relevant risk insights (required); strong stakeholder engagement and collaboration skills (required); ability to challenge constructively and influence outcomes (required); high attention to detail and commitment to data accuracy and quality (required).
Benefits
- Salary range: £55,167 – £82,751 per annum (depending on experience).
- 30 days’ holiday plus bank holidays, increasing to 31 days after 5 years of service; option to purchase up to 5 contractual days per year.
- ÂŁ6,000 car allowance per year.
- Company‑funded private medical insurance.
- Death‑in‑service and income protection insurance, plus optional additional life assurance and critical illness cover.
- Share plans and stock‑option opportunities.
- Access to staff versions of Santander products and a range of company discounts.
- Well‑being supports across physical, mental, social and financial pillars.
- Family‑friendly policies including enhanced family leave, childcare options and tailored wellbeing support.
- Flexible working arrangements: hybrid model with a minimum of 12 days per month in the office.
- Possible relocation support as required for the role.
We are an inclusive organisation that provides equal opportunities for all employees, regardless of age, gender, disability, civil status, race, religion or sexual orientation. All candidates must have the right to work in the UK. If a work visa is required, this will not be a factor in the selection process, but the inability to obtain a work permit may prevent the role from proceeding.
Vulnerability Manager | S3 | Chief Information & Resilience Office | Multiple Locations employer: Santander UK
Contact Detail:
Santander UK Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Vulnerability Manager | S3 | Chief Information & Resilience Office | Multiple Locations
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its vulnerability management practices. Be ready to discuss how your skills align with their operational resilience objectives. Show them you’re not just another candidate!
✨Tip Number 3
Practice your problem-solving skills! Think of real-world scenarios where you've identified and remediated vulnerabilities. Being able to share these experiences will set you apart from the competition.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who take that extra step to engage with us directly.
We think you need these skills to ace Vulnerability Manager | S3 | Chief Information & Resilience Office | Multiple Locations
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the role of Vulnerability Manager. Highlight your experience in operational risk and vulnerability management, and don’t forget to mention any relevant tools or frameworks you’ve worked with.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about vulnerability management and how your skills align with our objectives. Be sure to mention specific experiences that demonstrate your analytical thinking and problem-solving capabilities.
Showcase Your Analytical Skills: Since this role requires strong analytical capabilities, make sure to include examples of how you've interpreted risk and vulnerability data in past roles. This will help us see your ability to translate technical findings into business-relevant insights.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Santander UK
✨Know Your Vulnerability Management
Make sure you brush up on your understanding of vulnerability management processes, tools, and frameworks. Be ready to discuss how you've applied these in previous roles, especially in relation to operational risk and cyber environments.
✨Data-Driven Approach is Key
Since the role focuses on data-driven vulnerability management, prepare to talk about how you've used data to identify and assess vulnerabilities. Bring examples of how you've analysed data from multiple sources to spot trends and insights.
✨Stakeholder Engagement Matters
This position requires strong collaboration skills, so think about times when you've successfully engaged with stakeholders. Be prepared to share specific examples of how you’ve driven proactive remediation actions and influenced outcomes.
✨Attention to Detail is Crucial
Given the emphasis on data accuracy and quality, be ready to demonstrate your attention to detail. You might want to discuss how you've ensured the integrity of vulnerability data sets or how you've approached risk reporting and trend analysis in your past work.