Job Title: Resilience Vulnerability Management Lead
Location: Sheffield – Hybrid
IR35 Status: Inside IR35
Overview
We are working with a leading financial services organisation to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This role is critical to supporting the organisation’s Operational Resilience and Vulnerability Management objectives, ensuring Important Business Services (IBS) are resilient, well-governed, and compliant with internal standards and regulatory expectations.
You will work in a hybrid model from Sheffield, collaborating closely with IT Service Owners, Service Sustainability Leads, and senior stakeholders across technology and the business.
Key Responsibilities
Resilience Assessment (TRVA)
* Lead resilience assessments (TRVA) for multiple IBS applications across front-office and back-office environments
* Ensure alignment with internal operational resilience standards
* Review architecture documents and application artefacts, leveraging data from enterprise platforms
* Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings
* Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities
* Drive timely sign-off of assessments by all required stakeholders
* Consolidate findings into clear, comprehensive reports with actionable remediation recommendations
* Raise identified vulnerabilities in line with governance requirements
* Contribute to executive-level summaries and participate in stakeholder presentations
Vulnerability Management
* Manage the end-to-end vulnerability lifecycle, including:
* Creation and approval
* Tolerance assessments
* Progress tracking and reporting
* Remediation and closure governance
* Closure pack preparation, QA, approval, and final closure
* Conduct control reviews outside standard assessments and raise vulnerabilities where required
* Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans
* Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details
* Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date
* Support other Lines of Business with tolerance assessments for MSS-owned applications
* Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes
* Ensure remediation actions are accurately reflected in golden source systems
* Prepare high-quality closure packs with supporting evidence
* Produce Risk & Control Management Meeting packs and stakeholder reports
* Represent the team in governance forums when required
* Contribute inputs to consolidated CIB-level reporting
* Participate in vulnerability portal feature testing, providing feedback and backlog requirements
* Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums
Qualifications & Experience
* Bachelor’s degree in IT, Computer Science, or a related discipline (or equivalent professional experience)
* Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution
* Strong understanding of:
* Operational resilience frameworks
* Vulnerability lifecycle management
* Regulatory and governance requirements
* Demonstrated ability to manage complex assessments across multiple applications and stakeholders
Key Capabilities
* Strong analytical and problem-solving skills
* Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences
* High attention to detail and strong commitment to quality
* Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment
* Confident stakeholder manager with experience driving cross-functional outcomes
What’s on Offer
* Competitive inside IR35 day rate
* Long initial contract (10 months) with potential extension
* Opportunity to play a key role in strengthening operational resilience within a major financial services organisation
If you are an experienced Resilience or Vulnerability Management Lead looking for your next contract role, we’d be keen to hear from you.
#J-18808-Ljbffr