Statera Talent is working on a senior Cyber Security leadership role with a well respect global financial organisation. This is a high-visibility position focused on leading a global vulnerability risk programme across a complex technology environment. It would suit someone who can combine technical security knowledge with strong risk judgement, stakeholder management and the ability to drive remediation across multiple teams. The role sits around vulnerability risk, but it is broader than simply managing scan outputs. The successful candidate will help bring together security findings from across infrastructure, cloud, application security, open-source software and testing activity, then ensure the business has a clear, risk-based view of what needs to be prioritised. You will be responsible for leading and developing a vulnerability risk function across a global technology environment. This will include improving how security findings are assessed, prioritised, tracked and reported, while working closely with security, engineering, infrastructure, application and technology teams to ensure remediation is aligned to business risk. Leading a global vulnerability risk programme Overseeing findings from infrastructure, cloud, application security, open-source software and security testing Helping define what should be treated as a genuine business risk priority Working with technical teams to support effective remediation Supporting a more risk-based approach to vulnerability management It is about helping the business answer: Which issues genuinely carry the greatest business risk? We are interested in speaking with people from a range of Cyber Security backgrounds. The key requirement is experience owning, leading or playing a significant role in vulnerability management, remediation tracking, risk prioritisation and stakeholder reporting within a sizeable or complex organisation. Vulnerability management across infrastructure, cloud and applications Risk-based prioritisation beyond basic severity scoring Security testing outputs such as SAST, DAST, SCA, infrastructure scanning, CSPM or penetration testing Executive-level reporting, dashboards, metrics or risk updates Building, improving or maturing security processes Leading people, projects or security programmes
