Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract.
Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis.
This is a senior role with responsibility for the organisation’s vulnerability management programme across multiple business units, technologies, and regulatory environments.
The organisation has made significant investment in Tenable as its core vulnerability management platform. You’ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised.
Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role.
Security Clearance -
Due to the sensitive nature of the work, candidates must be eligible for SC clearance.
Candidates with active or recently lapsed SC clearance will be prioritised.
Applicants without clearance must be willing and eligible to undergo vetting.
The Role -
As Cybersecurity Vulnerability Lead, you will:
Own the end-to-end vulnerability management programme, with Tenable One at the core.
Define and deliver the strategy, policies, SLAs, and operating rhythm.
Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact.
Translate scan data into clear, actionable remediation plans for technical teams.
Build dashboards and executive reports (ServiceNow, Power BI).
Provide rapid risk assessments and emergency patch governance during incidents.
Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR).
Drive automation, integrating tools and workflows to improve efficiency.
Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged.
Mentor analysts and security champions, building maturity across the team.
About You -
You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries.
You should also have hands-on knowledge of the following:
Core Vulnerability Management -
Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity)
AWS Inspector
Agent-based and network-based scanning
Cloud integrations (AWS, Azure, GCP)
Dashboards and risk-based prioritisation
Patch & Endpoint Management -
Microsoft Intune / SCCM / WSUS
Jamf
Workflow & ITSM Integration -
ServiceNow (dashboards, SOAR)
Jira
Cloud & Application Security -
AWS Security Hub
Azure Defender for Cloud
Veracode
Threat Intelligence & Exploit Context -
Tenable Threat Intelligence
Exploit DB
Metasploit
SIEM, SOAR & Monitoring -
Microsoft Sentinel
SOAR platforms (ServiceNow SOAR)
Automation & Scripting -
Python, PowerShell, Bash, Ansible
Reporting & Metrics -
Power BI
ServiceNow dashboards
Excel (advanced analysis)
Frameworks & Standards -
NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR
Security Domains / Capabilities -
Identity and Access Management (IAM)
Network Security
Data Protection
Cloud Security Controls
Application Security
Security Monitoring
Processes & Practices -
Vulnerability Management Programmes
Incident Response and Threat Assessment
Emergency Patch Governance
Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact)
Audit Support (internal assurance, penetration test follow-ups, external audits)
Exception and exemption management
Automation of manual tasks
Dashboarding for risk and SLA metrics
What's on Offer -
A leadership role with significant influence across a major UK organisation.
Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management