Job Description
About the Role
You’ll act as the central coordination and risk authority for vulnerability activity—working closely with engineering and platform teams who remain accountable for remediation delivery.
This role needs a strong technical foundation and the ability to build, lead and develop a vulnerability management team , setting clear ways of working, coaching capability and scaling our coverage and reporting as we grow.
What you will be doing.
- Own and continuously improve the end-to-end vulnerability management lifecycle across legacy, cloud, containerised and third‑party environments.
- Operate and coordinate the Security Penetration Testing Framework, ensuring a consistent risk‑led approach to scope, frequency, execution, retesting and closure.
- Triage, prioritise and track vulnerabilities and pen test findings—ensuring clear ownership, progress visibility and timely escalation of unmanaged risk.
- Gove...