Salary: £36,000 - 60,000 per year Requirements: Bachelors degree in IT, Computer Science, or a related discipline (or equivalent professional experience) Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution Strong understanding of operational resilience frameworks Strong understanding of vulnerability lifecycle management Knowledge of regulatory and governance requirements Demonstrated ability to manage complex assessments across multiple applications and stakeholders Strong analytical and problem-solving skills Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences High attention to detail and strong commitment to quality Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment Confident stakeholder manager with experience driving cross-functional outcomes Responsibilities: Lead resilience assessments (TRVA) for multiple Important Business Services (IBS) applications across front-office and back-office environments Ensure alignment with internal operational resilience standards Review architecture documents and application artefacts, leveraging data from enterprise platforms Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities Drive timely sign-off of assessments by all required stakeholders Consolidate findings into clear, comprehensive reports with actionable remediation recommendations Raise identified vulnerabilities in line with governance requirements Contribute to executive-level summaries and participate in stakeholder presentations Manage the end-to-end vulnerability lifecycle, including creation and approval Conduct tolerance assessments, progress tracking, and reporting Oversee remediation and closure governance Prepare closure packs, conduct QA, approval, and final closure Conduct control reviews outside standard assessments and raise vulnerabilities where required Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date Support other Lines of Business with tolerance assessments for MSS-owned applications Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes Ensure remediation actions are accurately reflected in golden source systems Prepare high-quality closure packs with supporting evidence Produce Risk & Control Management Meeting packs and stakeholder reports Represent the team in governance forums when required Contribute inputs to consolidated CIB-level reporting Participate in vulnerability portal feature testing, providing feedback and backlog requirements Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums Technologies: Support Security More: We are a leading financial services organization based in Sheffield, seeking to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This hybrid role is crucial in supporting our Operational Resilience and Vulnerability Management objectives, ensuring that our Important Business Services are resilient, well-governed, and compliant with internal standards and regulatory expectations. We offer a competitive inside IR35 day rate, a long initial contract with potential extension, and the opportunity to play a key role in strengthening operational resilience within our organization. last updated 6 week of 2026