Vulnerability Management Manager
ION
London
The Role The Vulnerability Management Manager is a global role within ION’s central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security vulnerabilities, misconfigurations and risks to the business. This role reports to the Global Head of IT Security, who reports to the Group Chief Information Security Officer (CISO) As a member of the ION Security team, you will build and lead a team of Security professionals specialising in Vulnerability Management along with managing the partners and technology vendor deliverables and of course building and owning the strategy to deliver a world class Vulnerability Management program. The candidate must understand their role in the broader vulnerability management program and your team will regularly perform discovery scanning, risk/exposure assessments, mitigation support activities, continuous validation assessments, and lessons learned workshops and improvement projects to continuously improve our process across Group Security and all other Verticals. We are looking for a diligent, dedicated, creative and motivated individual. Excellent communication skills are a must, and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate with an extensive cybersecurity background, at least 10+ years working in a security role, with focus on Vulnerability Management. Key Responsibilities
- This role may require work-out of hours in support of 24x7 globally coordinated operation
- The primary responsibilities of this role are to:
- Personnel Management
- Ensure team members have clear objectives/development plans
- Align Teams’ objectives to OKRs
- Be the escalation point for security Tooling issues and critical security breaches
- Responsible for team development, upskilling & mentoring
- Protect and defend:
- Manage Vulnerability Management tooling to ensure coverage/availability/efficacy
- Drive improvements and feature enhancement to ensure ROI
- Operate and maintain:
- Configure, tune, maintain & operate key vulnerability management controls
- Management reporting – real-time metrics and scheduled reports
- Drive process/procedure changes accordingly
- Ensure quality of ticketing & runbook maintenance
- Cultivate and maintain strong vendor relationships
- Have an attitude of continuous improvement
- Participate in CAB, Tool review or Architecture Review Boards (ARBs)
- As a member of the ION IT Security Team, it is expected that the person in this role will:
- Execute ongoing, operational business-as-usual (BAU) tasks to meet management-defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
- Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.
- Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents
- Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
- Define, document, and follow approved processes for all the responsibilities included in this job description. Create and maintain documentation for systems, including design and operation
- Review vulnerability management systems, configurations, and processes to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within ION, based on review results
- Degree/diploma/certifications in a technology-related field and/or relevant working experience; highly desired certifications include:
- Security+, CCSP, CEH, GCIH, GMON, CASP, or CISSP
- 10 years’ experience in Vulnerability Management within large organizations with at least 5 years in a senior leadership role
- Excellent track record of building and leading a Vulnerability Management program on a global scale with knowledge on vulnerability assessments, remediation and mitigation activities
- Technical Security/Engineering/Compliance background with a track record of building and running global teams
- Previous track record of build risk management framework and applying to an existing vulnerability management program
- Strong technical expertise in implementing a Prioritization formula to vulnerabilities and misconfigurations and translating these into risks
- Excellent knowledge of Vulnerability Management frameworks such as NIST/SANS
- The following general characteristics are required:
- A team player with the ability to work independently and unsupervised
- Ability to own delegated tasks and see them through to completion
- Ability to manage time and prioritize work to maximize productivity
- Excellent reporting and presentation skills are essential for this role
- Excellent communication skills (both written and verbal)
- Exceptional attention to detail and quality
- Excellent problem-solving techniques and trouble analysis skills
- Experience in design and publishing Security Standards & Policies
- Experienced in leading Purple Teaming
- Experienced in running global Bug Bounty/VDP programs
- Experienced in leading Pen Testing, from scope, schedule, findings, remediation and risk registration and running the Pen Test program for Group Security as well as all other Verticals
- The candidate should have a good knowledge of:
- Vulnerability Management concepts, controls, and best practices for all Operating systems & asset types, (e.g. workstations, endpoints, mobile, servers either Windows/Linux, cloud instances, etc.)
- Vulnerability Management tools (Tenable/Rapid7/Qualys)
- Cloud Security compliance (IaaS, PaaS, SaaS) and misconfigurations
- Multi-platform endpoints, infrastructure and XaaS vulnerability management deployments
- General IT networking concepts, protocols, standards and network security concepts, controls, and best practices
- Forensic investigation techniques
- Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, Vulnerability Management, MDM, etc.
- Excellent track record of Senior Leadership and Board level interaction, reporting and communications
- Experience in InfoSec program management, project support and large-scale change
- Proven knowledge of compliance, regulatory practices and experience managing audits
- Over 2,000 of the world’s leading corporations, including 50% of the Fortune 500 and 30% of the world’s central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.
- Over 800 of the world’s leading banks and broker-dealers use our electronic trading platforms to operate the world’s financial market infrastructure.
Posted 2025-09-07
Recommended Jobs
Senior Urban designer
Hunter Dunning
Tower Hamlets, Greater London
Senior Urban designer Job in Tower Hamlets London An award-winning AJ100 international place making practice of architects and master planners, established 30 years ago, has an experienced Senior Ur…
View Details
Posted 2025-09-02
Live in Carer
Promedica24 UK Ltd
London
Promedica24 is a live-in care provider for more than 10 years in the UK. Our values are: Caring, Positive Approach, Responsiveness and Excellence. We are looking for long-term cooperation with …
View Details
Posted 2025-07-30
Bank Housekeeping Assistant
Sanctuary Group
London
Bank Housekeeping Assistant Princess Louise of Kensington Nursing Home, Pangbourne, Westminster, London, W10 6DH £12.70 per hour Hours as and when required Why work for u…
View Details
Posted 2025-09-07
Fixed Asset Analyst (French Speaking)
Michael Page
London
Maintain accurate fixed asset records, ensuring compliance with accounting standards. Reconcile fixed asset accounts and investigate discrepancies promptly. Prepare detailed reports on asset mo…
View Details
Posted 2025-09-03
Senior Delivery Manager
La Fosse
London
Shape the future of AI, data, and enterprise delivery. At La Fosse , we’re building something special, and we want you to be part of it. As a key figure in our Inovus brand (our fast-growing a…
View Details
Posted 2025-07-16
Head of Inclusion - GLA14203
Stratford, Greater London
Job Description As part of the largest local authority in Scotland, Education Services, makes up one of the five services within Glasgow City Council and is responsible for the teaching and learni…
View Details
Posted 2025-09-05
Construction Litigation Associate Solicitor
Lipson Lloyd-Jones
City of London, Greater London
OUR CLIENT Leading international 190+ Partner law firm THE ROLE We have a new opportunity for an Associate Construction Solicitor 2-4 PQE to join a well-established team to handle a mainly …
View Details
Posted 2025-08-30
Delivery Transformation Lead (IT)
VIQU IT
London
Delivery Transformation Manager London (UK travel required) 12 Month FTC - Competitive Salary VIQU have partnered with a UK organisation undergoing a major business and technology transforma…
View Details
Posted 2025-09-02
Treasury Consultant - Corporate FX Solutions
Smart Group
London
Treasury Consultant – Corporate FX Solutions At Smart Currency Business , we empower businesses to manage currency risks and achieve financial clarity. As part of our Corporate FX Solutions te…
View Details
Posted 2025-07-11
Teaching Assistant
Reeson Education
Kingston upon Thames, Greater London
Teaching Assistant Kingston upon Thames Training Provided No Experience required Are you looking for a rewarding career as a Teaching Assistant in a SEN school based in Kingston upon Thames…
View Details
Posted 2025-08-30