Vulnerability Manager
CV-LibraryLondonpermanentPosted: 28 May 2026
Apply NowThe Role
The Vulnerability Manager is responsible for managing the end-to-end vulnerability lifecycle across client environments, ensuring vulnerabilities are identified, prioritised, and resolved in line with risk, SLA, and regulatory requirements.
Working in a client-aligned capacity, you will act as the central coordination point between security teams and technical resolver teams, driving remediation and providing governance and reporting on vulnerability posture.
This role includes ~3 days per week onsite in London.
Key Responsibilities
* Lead end-to-end vulnerability management lifecycle (identify, assess, prioritise, track, report)
* Ensure vulnerabilities are assigned correctly and remediated within SLAs
* Prioritise vulnerabilities based on risk, exploitability, and business impact
* Consume threat intelligence to inform prioritisation and escalation
* Collaborate with resolver teams to drive remediation across environments
* Track remediation progress and ensure accountability across teams
* Chair the Threat & Vulnerability Management (TVM) forum
* Present vulnerability posture, risks, and remediation performance
* Ensure actions from governance forums are tracked and delivered
* Maintain accurate documentation and audit-ready records
* Support compliance with regulatory frameworks (ISO, NIST, FCA, etc.)
* Support audits, risk assessments, and compliance reporting
* Produce dashboards and reporting for technical and business stakeholders
* Identify opportunities to improve tooling, processes, and governance
* Support incident response where vulnerabilities are actively exploited
Experience & Knowledge
Essential:
* Strong experience in vulnerability management across IT environments
* Experience managing remediation across multiple technical teams
* Strong understanding of vulnerability scanning tools and methodologies
* Experience working in regulated environments
* Broad knowledge of infrastructure, cloud, networking, and applications
* Strong stakeholder engagement and governance experience
Desirable:
* Experience with multiple cloud platforms (AWS, Azure, etc.)
* Experience with container security (Kubernetes, Docker)
* Experience with SOC operations or incident response processes
Benefits
* Pension with employer contributions
* Private healthcare
* Discounted gym memberships
* 25–27 days holiday + bank holidays + birthday off
* 24/7 wellbeing support + Team Claranet initiatives
The Vulnerability Manager is responsible for managing the end-to-end vulnerability lifecycle across client environments, ensuring vulnerabilities are identified, prioritised, and resolved in line with risk, SLA, and regulatory requirements.
Working in a client-aligned capacity, you will act as the central coordination point between security teams and technical resolver teams, driving remediation and providing governance and reporting on vulnerability posture.
This role includes ~3 days per week onsite in London.
Key Responsibilities
* Lead end-to-end vulnerability management lifecycle (identify, assess, prioritise, track, report)
* Ensure vulnerabilities are assigned correctly and remediated within SLAs
* Prioritise vulnerabilities based on risk, exploitability, and business impact
* Consume threat intelligence to inform prioritisation and escalation
* Collaborate with resolver teams to drive remediation across environments
* Track remediation progress and ensure accountability across teams
* Chair the Threat & Vulnerability Management (TVM) forum
* Present vulnerability posture, risks, and remediation performance
* Ensure actions from governance forums are tracked and delivered
* Maintain accurate documentation and audit-ready records
* Support compliance with regulatory frameworks (ISO, NIST, FCA, etc.)
* Support audits, risk assessments, and compliance reporting
* Produce dashboards and reporting for technical and business stakeholders
* Identify opportunities to improve tooling, processes, and governance
* Support incident response where vulnerabilities are actively exploited
Experience & Knowledge
Essential:
* Strong experience in vulnerability management across IT environments
* Experience managing remediation across multiple technical teams
* Strong understanding of vulnerability scanning tools and methodologies
* Experience working in regulated environments
* Broad knowledge of infrastructure, cloud, networking, and applications
* Strong stakeholder engagement and governance experience
Desirable:
* Experience with multiple cloud platforms (AWS, Azure, etc.)
* Experience with container security (Kubernetes, Docker)
* Experience with SOC operations or incident response processes
Benefits
* Pension with employer contributions
* Private healthcare
* Discounted gym memberships
* 25–27 days holiday + bank holidays + birthday off
* 24/7 wellbeing support + Team Claranet initiatives