Vulnerability Manager

The Role

The Vulnerability Manager is responsible for managing the end-to-end vulnerability lifecycle across client environments, ensuring vulnerabilities are identified, prioritised, and resolved in line with risk, SLA, and regulatory requirements.

Working in a client-aligned capacity, you will act as the central coordination point between security teams and technical resolver teams, driving remediation and providing governance and reporting on vulnerability posture.

This role includes ~3 days per week onsite in London.

Key Responsibilities

* Lead end-to-end vulnerability management lifecycle (identify, assess, prioritise, track, report)

* Ensure vulnerabilities are assigned correctly and remediated within SLAs

* Prioritise vulnerabilities based on risk, exploitability, and business impact

* Consume threat intelligence to inform prioritisation and escalation

* Collaborate with resolver teams to drive remediation across environments

* Track remediation progress and ensure accountability across teams

* Chair the Threat & Vulnerability Management (TVM) forum

* Present vulnerability posture, risks, and remediation performance

* Ensure actions from governance forums are tracked and delivered

* Maintain accurate documentation and audit-ready records

* Support compliance with regulatory frameworks (ISO, NIST, FCA, etc.)

* Support audits, risk assessments, and compliance reporting

* Produce dashboards and reporting for technical and business stakeholders

* Identify opportunities to improve tooling, processes, and governance

* Support incident response where vulnerabilities are actively exploited

Experience & Knowledge

Essential:

* Strong experience in vulnerability management across IT environments

* Experience managing remediation across multiple technical teams

* Strong understanding of vulnerability scanning tools and methodologies

* Experience working in regulated environments

* Broad knowledge of infrastructure, cloud, networking, and applications

* Strong stakeholder engagement and governance experience

Desirable:

* Experience with multiple cloud platforms (AWS, Azure, etc.)

* Experience with container security (Kubernetes, Docker)

* Experience with SOC operations or incident response processes

Benefits

* Pension with employer contributions

* Private healthcare

* Discounted gym memberships

* 25–27 days holiday + bank holidays + birthday off

* 24/7 wellbeing support + Team Claranet initiatives