Vulnerability Management Engineer (IT/OT Environments) 6 months initial Worcestershire Site based (hybrid) About the Role: Were looking for a skilled Vulnerability Management Engineer to play a key role in strengthening vulnerability management across IT and OT environments. Youll be responsible for operationalising risk-based vulnerability processes, improving visibility of exposure across sites, and embedding automated, standards-aligned reporting into day-to-day operations. This is a hands-on role that works closely with site teams, security stakeholders, and operations to reduce risk in complex, distributed environments. What Youll Do: Operationalise vulnerability management using a risk-based prioritisation approach. Develop and maintain OT site DMZ vulnerability dashboards aligned with NIST frameworks. Identify sites operating flat network architectures and assess associated risks. Conduct site engagement activities, including on-site visits where required, to validate network and vulnerability findings. Enhance operational metrics, reporting, and overall risk visibility across IT and OT estates. Automate vulnerability management processes and integrate outputs with orchestration tools and SIEM platforms. Your Approach: Assess existing vulnerability management processes and identify gaps in coverage, prioritisation, and reporting. Apply risk context to vulnerability data to support meaningful remediation decisions. Design and deliver dashboards that provide clear, actionable insight for operational and security stakeholders. Work with site and central teams to improve network segmentation and reduce exposure caused by flat networks. Drive automation initiatives to streamline vulnerability detection, reporting, and response workflows. Maintain accurate documentation of vulnerability processes, metrics, and improvement actions. About You: Proven experience in vulnerability management, cyber security engineering, or related disciplines. Strong understanding of vulnerability scanning, risk-based prioritisation, and remediation workflows. Knowledge of IT and OT environments, including DMZ architectures and segmentation principles. Familiarity with security frameworks such as NIST and their application in operational environments. Experience integrating vulnerability tools with SIEM and orchestration platforms. Strong communication skills, with the ability to translate technical risk into operational insight. Willingness to engage with sites directly, including on-site assessments where required. Experience in OT environments is highly advantageous, though not essential.