What you will be doing:
1. Lead deployment, configuration, and lifecycle management of Tenable Nessus and across varied environments.
2. Design and execute vulnerability scanning strategies aligned with business priorities and risk appetite.
3. Validate results, investigate anomalies, and coordinate remediation with infra, network, hosting, and app teams.
4. Maintain gold-standard documentation (guides, SOPs, user manuals).
5. Build tailored dashboards and reports to drive visibility and informed decision-making.
6. Embed vulnerability management into IT, security, and compliance workflows and planning.
7. Provide training and mentorship to foster security awareness and technical excellence.
8. Ensure practices meet Cyber Essentials Plus and ISO 27001 requirements, supporting audits and certification.
9. Identify gaps, implement enhancements, and drive automation for continuous improvement.
10. Integrate Tenable tools with SIEM, CMDB, and ticketing systems to streamline workflows.
11. Serve as SME in vulnerability management for incident response, risk assessments, and architecture reviews.
12. Represent the function in cross-functional forums, steering committees, and client engagements.
13. Oversee patching strategies to achieve high compliance with infra and application teams.
What you will bring:
14. Knowledge of leading the deployment, configuration, and lifecycle management of Tenable Nessus and ;across diverse infrastructure environments.
15. Designing and execution of comprehensive vulnerability scanning strategies that align with the client business priorities and risk appetite.
16. Making security recommendations based on market intelligence and new security threats.
17. Validating scan results, investigating anomalies, and coordinating remediation efforts with infrastructure, hosting, networks and application teams.
18. Working knowledge of developing and overseeing patching strategies, working with infrastructure and application teams to achieve high levels of compliance each month.
19. Familiarity and understanding of ISO27001, GDPR and NIST
20. Certification such as CISSP, CISM, CEH, or SC-200, AZ-500
If you are interested in this role but not sure if your skills andexperience are exactly what we’re looking for, please do apply, we’d love to hear from you!
Although this role is advertised as full-time, we support different ways of working and can offer a range of flexible working arrangements. So, if you’re interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible.
Employment Type: Full-time
Location: Newport, Hybrid
Security Clearance Level: holding SC clearance or eligible for SC clearance
Internal Recruiter: Lee
Salary: £37k-£41k dependent on experience
Benefits: 25 days annual leave with the option to buy additional days, health cash plan, life assurance, pension, and generous flexible benefits fund (3% of base salary).
Although this role is advertised as full-time, we believe that flexibility at work can promote work/life balance, increase your motivation, reduce stress and improves performance and productivity. We support different ways of working and can offer a range of flexible working arrangements.