Cyber Threat Intelligence & Vulnerability Management Lead
Whitehall Resources currently require an experienced Cyber Threat Intelligence & Vulnerability Management Lead to work with a key client.
Please note this role will require 4 days onsite in Liverpool
Role Purpose
The Cyber Threat Intelligence & Vulnerability Management Lead is responsible for delivering an intelligence‑led defensive capability across IT and Operational Technology (OT) environments. The role combines cyber threat intelligence with proactive vulnerability risk reduction to protect Critical National Infrastructure (CNI) services. It ensures emerging threats are identified, contextualised, and translated into measurable remediation action that reduces real‑world risk to essential operations.
Key Responsibilities
* Develop and deliver the CTI strategy aligned to business risk and regulatory requirements including the Network and Information Systems Regulations 2018.
* Establish Priority Intelligence Requirements (PIRs) aligned to critical services and OT assets.
* Produce tactical, operational and strategic intelligence reporting.
* Monitor nation‑state, organised crime and sector‑specific threats targeting UK CNI.
* Leverage frameworks such as MITRE ATT&CK.
* Provide intelligence briefings to executive leadership and the Board.
* Support cyber security incidents from a CTI perspective.
2. Vulnerability Management Leadership
* Own and mature the vulnerability management programme across IT and OT environments.
* Develop risk‑based vulnerability prioritisation aligned to threat intelligence and exploitability.
* Integrate external threat feeds to identify actively exploited vulnerabilities.
* Establish remediation SLAs based on business criticality and regulatory expectations.
* Track and report vulnerability risk posture to senior leadership.
* Oversee scanning, validation, exception management and risk acceptance processes.
* Correlate threat intelligence with vulnerability data to identify exposure to active campaigns.
* Identify and escape zero‑day or high‑impact vulnerabilities affecting CNI and industrial systems.
* Provide actionable intelligence to SOC and Incident Response teams.
* Support proactive threat hunting based on emerging TTPs.
4. CNI & OT Focus
* Assess vulnerabilities and threat activity impacting ICS/SCADA and industrial control environments.
* Work closely with engineering and OT teams to ensure remediation does not disrupt safety‑critical operations.
* Monitor intelligence from National Cyber Security Centre and sector partners relevant to essential services.
5. Reporting
* Develop metrics including Mean time to remediate (MTTR).
* Exposure to known exploited vulnerabilities.
* Threat landscape trends.
* Provide board‑ready reporting translating cyber risk into operational impact.
Skills & Experience
* 7+ years cyber security experience.
* 3+ years leading Operational CTI and/or Vulnerability Management functions.
* Experience within Critical National Infrastructure or regulated sectors desirable.
* Strong understanding of threat actor TTPs and exploit development trends.
* Experience implementing risk‑based vulnerability prioritisation models.
* Ability to brief executive and non‑technical stakeholders.
* Operational Technology (OT) security experience.
* Experience engaging with NCSC or sector regulators.
* Certifications such as GCTI, CISSP, CREST, or vulnerability management certifications.
#J-18808-Ljbffr