• Manage the end-to-end vulnerability lifecycle, including identification, triage, prioritisation, remediation, validation, and reporting.
• Conduct risk-based assessments using CVSS scoring, exploitability data, and business impact considerations.
• Translate vulnerability scan outputs into clear and actionable remediation plans.
• Drive remediation activities and ensure adherence to agreed SLAs for critical and high-risk vulnerabilities.

• Oversee vulnerability remediation and patch management across:
  • Windows Server environments
  • UNIX/Linux platforms (including RHEL and Oracle Enterprise Linux)
  • Enterprise storage technologies
  • PVDI and virtual desktop environments
• Support the implementation and maintenance of secure baselines and hardened system configurations.
• Ensure infrastructure platforms remain aligned with security standards and best practices.

• Act as a trusted advisor on vulnerability-related risks and remediation strategies.
• Partner with engineering and infrastructure teams to drive timely resolution of security issues.
• Review and challenge risk exceptions and acceptance requests where appropriate.
• Communicate security risks and remediation progress to key stakeholders.

• Identify opportunities to automate vulnerability management, patching, and reporting processes.
• Utilise tools such as Ansible, SCCM, PowerShell, and Shell scripting to improve efficiency and consistency.
• Drive process improvements that enhance security outcomes and operational effectiveness.

• Produce and maintain KPI/KRI reporting covering vulnerability trends, remediation performance, and SLA compliance.
• Support audit activities, security reviews, and compliance initiatives.
• Provide visibility of infrastructure security posture and ongoing risk reduction efforts.

• Support the response to security incidents and emerging threats.
• Coordinate rapid remediation and mitigation activities for critical vulnerabilities and zero-day threats.

• Strong experience managing enterprise vulnerability management programmes.
• Solid understanding of Windows, UNIX/Linux, and enterprise infrastructure environments.
• Hands-on experience with vulnerability scanning platforms such as Qualys, Nessus, or Rapid7.
• Strong knowledge of patch management and remediation processes.
• Experience with automation tools including Ansible, SCCM, PowerShell, and Shell scripting.
• Proven ability to influence technical teams and drive remediation activity across complex environments.
• Experience working within regulated or audit-driven organisations.
• Strong communication and stakeholder management skills.

• Measurable reduction in critical and high-risk vulnerabilities.
• Improved patch compliance and remediation SLA performance.
• Increased automation and operational efficiency.
• Successful audit and compliance outcomes.
• Enhanced visibility and control of infrastructure security risk.

We are looking for a Technology Specialist to lead the coordination and orchestration of patching activities across complex, fragmented platforms.

This role sits at the intersection of infrastructure, applications, and operations—ensuring patch scopes are clearly defined and executable across multiple teams.

Key Responsibilities

• Define patching scope across infrastructure, OS, middleware, and application layers
• Coordinate with platform and application teams to align ownership and delivery
• Support phased patching strategies for priority vulnerabilities
• Navigate fragmented environments where accountability spans multiple teams
• Leverage CMDB/ITAM data to ensure accurate asset and ownership mapping
• Engage with third-party providers to align delivery plans

Skills & Experience

• Strong experience in patch management coordination and orchestration
• Solid understanding of infrastructure and middleware environments
• Experience with CMDB / ITAM systems (essential)
• Ability to work across multiple technical domains and teams
• Experience managing third-party delivery partners

What We’re Looking For

• Someone who can bring structure to complexity
• Strong stakeholder management and coordination skills
• A practical, delivery-focused mindset

Contract will be inside IR35. Applicants must be able to work in a hybrid model, 2 days per week in the London office

#LI_DNI

• Develop and manage patching schedules based on risk, scale, and dependencies
• Align maintenance windows with production constraints and service availability
• Incorporate route-to-live and testing requirements into scheduling plans
• Model and manage complex interdependencies across services and platforms
• Work closely with platform teams to ensure schedules are feasible and optimised

• Advanced Excel and spreadsheet modelling capabilities (essential)
• Experience planning large-scale maintenance or patching windows
• Strong analytical and problem-solving skills
• Understanding of infrastructure environments and service dependencies
• Ability to manage competing priorities and constraints

• A highly organised, analytical thinker
• Someone who can balance risk, speed, and operational reality
• Comfortable working with ambiguity and complexity

#LI-DNI