Overview
The vulnerability manager will support the delivery of a data‑driven vulnerability management capability, ensuring that vulnerabilities across services, systems, and third‑party environments are accurately identified, assessed and remediated in line with operational resilience objectives. The role is based at Unity Place, Milton Keynes or Glasgow.
Responsibilities
* Maintain a centralised vulnerability data set (single source of truth), ensuring clear linkage to source systems, impacted services and remediation status.
* Support vulnerability identification, assessment and prioritisation using data‑driven approaches and risk frameworks.
* Perform resilience assessments with stakeholders, identifying weaknesses and driving proactive remediation actions.
* Analyse service architecture, technology dependencies and data flows to understand vulnerability impact and systemic risk exposure.
* Provide SME challenge across cyber, data and third‑party environments to ensure effective vulnerability management practices.
* Support risk reporting, trend analysis and MI production for governance forums and decision‑making.
* Contribute to risk and control assessments (RCSA) and ensure alignment with regulatory and internal frameworks.
* Collaborate with stakeholders to ensure timely remediation and effective risk mitigation across the Directorate.
Qualifications
* Professional Experience – experience in operational risk, vulnerability management or cyber/technology risk environments (required); experience with risk frameworks, controls and governance processes (required); experience analysing data from multiple sources to identify risk trends and insights (required); experience supporting regulatory, audit or compliance activities (preferred).
* Education – undergraduate degree in Risk, Technology, Cybersecurity, Data or a related field, or equivalent experience (preferred).
* Languages – English (required).
* Hard Skills – understanding of vulnerability management processes, tools and frameworks (required); knowledge of technology architecture, system dependencies and data flows (required); strong analytical capability for interpreting risk and vulnerability data (required); experience with risk reporting, MI and trend analysis (required); knowledge of operational risk frameworks and regulatory expectations (required); familiarity with control frameworks such as COSO and SOX (preferred).
* Soft Skills – strong analytical thinking and problem‑solving capability (required); ability to translate technical findings into business‑relevant risk insights (required); strong stakeholder engagement and collaboration skills (required); ability to challenge constructively and influence outcomes (required); high attention to detail and commitment to data accuracy and quality (required).
Benefits
* Salary range: £55,167 – £82,751 per annum (depending on experience).
* 30 days’ holiday plus bank holidays, increasing to 31 days after 5 years of service; option to purchase up to 5 contractual days per year.
* £6,000 car allowance per year.
* Company‑funded private medical insurance.
* Death‑in‑service and income protection insurance, plus optional additional life assurance and critical illness cover.
* Share plans and stock‑option opportunities.
* Access to staff versions of Santander products and a range of company discounts.
* Well‑being supports across physical, mental, social and financial pillars.
* Family‑friendly policies including enhanced family leave, childcare options and tailored wellbeing support.
* Flexible working arrangements: hybrid model with a minimum of 12 days per month in the office.
* Possible relocation support as required for the role.
We are an inclusive organisation that provides equal opportunities for all employees, regardless of age, gender, disability, civil status, race, religion or sexual orientation. All candidates must have the right to work in the UK. If a work visa is required, this will not be a factor in the selection process, but the inability to obtain a work permit may prevent the role from proceeding.
#J-18808-Ljbffr