Senior Vulnerability Management Consultant - Contract - London

Senior Vulnerability Management Consultant - Contract

London (Hybrid)
6-Month Contract
Inside IR35

We're supporting a global enterprise organisation in the search for an experienced Senior Vulnerability Management Consultant to help strengthen and mature its infrastructure security and vulnerability management capabilities.

This is a high-profile role where you'll take ownership of vulnerability management activities across a large-scale technology estate, working closely with infrastructure, engineering, and security teams to drive risk reduction, improve patch compliance, and enhance overall security posture.

If you have a strong background in vulnerability management, infrastructure security, and enterprise-scale remediation programmes, we'd like to hear from you.

The Role:

You will be responsible for managing the end-to-end vulnerability lifecycle across a diverse infrastructure environment, ensuring vulnerabilities are identified, prioritised, remediated, and reported effectively.Working across Windows, Linux/UNIX, storage, and virtual desktop environments, you'll play a key role in driving remediation efforts, improving operational processes, and helping the organisation maintain a robust security posture.

Key Responsibilities

Vulnerability Management

Manage the end-to-end vulnerability lifecycle, including identification, triage, prioritisation, remediation, validation, and reporting.
Conduct risk-based assessments using CVSS scoring, exploitability data, and business impact considerations.
Translate vulnerability scan outputs into clear and actionable remediation plans.
Drive remediation activities and ensure adherence to agreed SLAs for critical and high-risk vulnerabilities.

Infrastructure Security

Oversee vulnerability remediation and patch management across:
- Windows Server environments
- UNIX/Linux platforms (including RHEL and Oracle Enterprise Linux)
- Enterprise storage technologies
- PVDI and virtual desktop environments
Support the implementation and maintenance of secure baselines and hardened system configurations.
Ensure infrastructure platforms remain aligned with security standards and best practices.

Stakeholder Engagement & Risk Management

Act as a trusted advisor on vulnerability-related risks and remediation strategies.
Partner with engineering and infrastructure teams to drive timely resolution of security issues.
Review and challenge risk exceptions and acceptance requests where appropriate.
Communicate security risks and remediation progress to key stakeholders.

Automation & Continuous Improvement

Identify opportunities to automate vulnerability management, patching, and reporting processes.
Utilise tools such as Ansible, SCCM, PowerShell, and Shell scripting to improve efficiency and consistency.
Drive process improvements that enhance security outcomes and operational effectiveness.

Governance & Reporting

Produce and maintain KPI/KRI reporting covering vulnerability trends, remediation performance, and SLA compliance.
Support audit activities, security reviews, and compliance initiatives.
Provide visibility of infrastructure security posture and ongoing risk reduction efforts.

Incident & Threat Response

Support the response to security incidents and emerging threats.
Coordinate rapid remediation and mitigation activities for critical vulnerabilities and zero-day threats.

Skills & Experience Required

Strong experience managing enterprise vulnerability management programmes.
Solid understanding of Windows, UNIX/Linux, and enterprise infrastructure environments.
Hands-on experience with vulnerability scanning platforms such as Qualys, Nessus, or Rapid7.
Strong knowledge of patch management and remediation processes.
Experience with automation tools including Ansible, SCCM, PowerShell, and Shell scripting.
Proven ability to influence technical teams and drive remediation activity across complex environments.
Experience working within regulated or audit-driven organisations.
Strong communication and stakeholder management skills.

What Success Looks Like

Measurable reduction in critical and high-risk vulnerabilities.
Improved patch compliance and remediation SLA performance.
Increased automation and operational efficiency.
Successful audit and compliance outcomes.
Enhanced visibility and control of infrastructure security risk.

#LI_DNI

Vulnerability Management Analyst / Engineer

London

368 Vulnerability Management Analyst / Engineer

London

368

Apply

Contact Us

2 Redheughs Rigg, Edinburgh, EH12 9DQ

recruitment@i-confidential.com

+44 (0) 131 445 1458

GDPR Candidate Agreement | Terms of Use