Home
Jobs
Selby Jennings
Vulnerability Management Lead

Vulnerability Management Lead

On site

London, United Kingdom

Full Time

05-02-2025

Share this job:

Score my CV

Job Specifications

Our client, a prominent hedge fund, is seeking a Vulnerability Management Lead to join their London team. This role will take full ownership of the firm's vulnerability management program, focusing on identifying, assessing, and mitigating security risks across systems, networks, and applications. Combining technical expertise with operational oversight, the position requires close collaboration with internal stakeholders to ensure vulnerabilities are addressed promptly and effectively.

As the Vulnerability Management Lead, you will oversee both the technical aspects of vulnerability detection and prioritization, as well as the operational side, including stakeholder communication, cross-functional coordination, compliance, and reporting. You will assess vulnerabilities based on exploitability, manage patching schedules, and ensure robust pre- and post-patch validation. This position reports directly to the Head of Security.

Key Responsibilities
Lead vulnerability scanning, analysis, prioritization, and remediation, ensuring alignment with security policies and compliance requirements.
Collaborate with IT, cloud, engineering, business, and security teams to coordinate patching and remediation with minimal business disruption.
Draft and distribute clear communication regarding upcoming patching activities.
Oversee patch testing and validation, ensuring patches are properly tested pre-deployment and verified post-deployment using appropriate tools.
Maintain oversight of the end-to-end vulnerability management process, ensuring timely resolution and ongoing improvements.

Required Skills & Experience
5+ years of experience in vulnerability management or a similar security role, including 2+ years in a leadership position.
Strong technical knowledge and hands-on experience with vulnerability scanning and assessment tools.
Familiarity with on-premise, cloud (AWS, Azure), and hybrid environments.
Ability to communicate effectively with both technical and non-technical stakeholders.
Proven experience in coordinating patch management across a large organization and multiple time zones while minimizing business disruption.
Ability to assess vulnerabilities based on risk and exploitability, providing strategic guidance on patching priorities.
Strong organizational and coordination skills to manage patching schedules, stakeholder engagement, and compliance requirements.

About the Company

From Investment Banking, Risk Management, Quantitative Trading, and Insurance, to Investment Management, Sales & Trading, Technology, and Wealth Management, Selby Jennings supports the world's largest financial institutions to revolutionary fintech start-ups with all their hiring needs as a leading Financial Sciences and Services talent partner. If you would like to talk to us about your current talent needs, please request a call back here and one of our specialist consultants will call you back to discuss your hiring nee... Know more

Related Jobs

Company Name: Marks Sattin
Job Title: Quantitative Risk Analyst
Job Description: My client, a leading Asset Management firm, is seeking a mid-level Quantitative Risk Analyst with a focus on Credit to join its Risk & Quantitative Research (RQR) team. This team plays a key role in risk management, portfolio construction, and performance attribution to enhance risk-adjusted returns. Key Responsibilities: Analyze portfolios and strategies to identify risk and performance drivers. Work with portfolio managers and senior risk managers on risk limit usage, tail exposure, and forward-looking risk events. Develop and improve stress testing, VaR models, and risk frameworks for macro portfolios. Conduct quantitative research to enhance risk management tools and analytics. Collaborate with technology teams to implement and refine risk models. Key Requirements: Master’s degree preferred (quantitative finance, statistics, math, engineering, or computer science). 3+ years of experience in risk, trading, or quantitative research, with a strong focus on rates. Expertise in pricing models, risk sensitivities, and portfolio risk aggregation. Proficiency in Python, SQL, MATLAB, or R and experience working with large data sets. Strong communication skills and ability to engage with portfolio managers. Ability to multitask and work effectively in a fast-paced environment. This is a fantastic opportunity for a quantitative risk professional to contribute to a high-performing investment team.

London, United Kingdom

Hybrid

Full Time

05-02-2025

Company Name: Amigos
Job Title: Back End Developer
Job Description: Amigos has partnered with Northflank to recruit 2x Backend Software Engineers (Python, Go, NodeJS, MongoDB). Their mission is to develop a platform that allows teams a simple way to deploy and manage their apps, databases, and background jobs without all the infrastructure headache. They’re making it dead-simple to create and run workloads, helping developers move way faster without building complex internal platforms. If you’re tired of the old way—staring at infrastructure code for days— this could be the role for you. If you want to help devs be devs again, keep reading. The role : Design and implement scalable backend systems and APIs Optimize database performance and data structures Develop and maintain microservices architecture Ensure high availability and fault tolerance of our systems Collaborate with front-end developers and DevOps teams Participate in code reviews and technical discussions Your opportunity: You’ll be working on something that can make a real-world impact and lets Developers be Developers again. There is a high-ownership culture where people are trusted to proactively spot and solve critical customer challenges. They’re a well-funded Series A startup that has seen some great traction with plenty more opportunities to expand their product roadmap. What we’re looking for: 3+ years of experience as a Backend focused Developer with Python, Go, Node.js, MongoDB, Redis, RESTful APIs Strong experience with TypeScript Can write your own E2E unit tests Experience in a startup environment (ideally Series A or earlier) Experience with CI/CD, cloud platforms (AWS, GCP, Azure) and with containerization/orchestration (Docker, Kubernetes) Please apply if you'd like to find out more.

Company Name: EVIDEN FRANCE
Job Title: Cloud Security Architect
Job Description: Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. The Opportunity We are seeking a skilled and experienced Cloud Security Architect to design, implement, and optimize Security within our customers cloud environments. As a Cloud Security Architect, you will be responsible for developing a comprehensive security strategy, defining architecture and policies, integrating, and optimizing threat detection, and enabling advanced security monitoring to ensure our customer’s digital assets remain secure from cyber threats. You’ll work collaboratively with cybersecurity engineers and analysts, IT teams, and other stakeholders to assess the security needs of our clients, configuring cloud controls to address them, and continuously adapt our systems to emerging threats. The candidate must be eligible to obtain a security clearance - SC level. Location: Remote working with flexibility for traveling to client sites as required Role And Responsibilities Develop and implement robust Cloud Security architecture and strategies to safeguard our customers cloud environments Providing advice to clients on technical and operational security measures designed to help defend against cyber threats in cloud environments Lead the design and implementation of Azure Sentinel to build a robust security monitoring and alerting system Ensure scalability and performance by optimizing Sentinel resources, data connectors, and data ingestion pipelines Collaborate with security analysts to implement effective use cases and threat hunting scenarios within Azure Sentinel Develop reference architectures, security frameworks and migration strategies for Cloud Security Authorship, ownership, and peer approval of High-Level Design (HLD) documentation Ensuring technical sign-off of Low-Level Design (LLD) and operational documentation Stay updated on the latest cloud security trends, technologies, and threats, and continuously improve security practices and protocols, sharing across the team Act as mentor and provide support to colleagues across the Architecture and Engineering teams Provide technical input for ongoing development of portfolio and into bids, solutions, and RFP documents for Cloud Security Required Skills And Experience Extensive experience as a Cloud Security Architect with a focus on Azure Sentinel and Microsoft Azure Security Strong understanding of information security requirements and capabilities across different industries Experience in information technology and information security Deep knowledge of Azure Sentinel components, some experience with the Microsoft Defender suite, and related Azure security tools as well as other cloud platforms such as AWS and GCP Proficiency in security information and event management (SIEM) systems, some experience of other cloud security tools and technologies, including firewalls, encryption, identity, and access management (IAM), cloud security posture management (CSPM) Ability to guide engineering teams through the deployment where required Ability to write and review reports, procedures, and standards Relevant certifications, such as Microsoft Certified: Cybersecurity Architect Expert (SC-100), Security, Compliance, and Identity Fundamentals (SC-900), Security Operations Analyst Associate (SC-200), Azure Security Engineer Associate (AZ-500), or equivalent Desirable Skills And Experience Industry recognized security qualification (e.g., CISSP, CISM, CISMP, SSCP, CISA, ISACA, CEH, CompTIA Security+, etc.) Industry recognized technology certification in Cloud (Microsoft, AWS, GCP, CCSP, CCSK) Experience with Architecture methodologies such as SABSA and TOGAF Knowledge and understanding of UK government protective marking standards and industry standards, including PCI-DSS, ISO/IEC 27001, NIST, CIS, etc. Awareness of common exploits and vulnerabilities and how these may be prevented Previous hands-on experience in cloud security operational roles Experience of working in a Consulting capacity or environment Pre-sales experience in IT Security Benefits 25 days of Annual leave + an option to purchase more through our Flexible Benefits Flex benefits system – exciting opportunity to choose your own benefits Retail discounts Pension - matching contribution up to 10% Private Medical Scheme Life Assurance Unlimited opportunities to learn in our Training platforms As a Disability Confident employer, our aim is to ensure that disabled applicants who meet the minimum criteria for this position will be offered an interview. The data is only used for the purpose of providing additional support at interview. If this is applicable to you, please ensure you answer “Yes” to the question regarding disability included in the application form for our awareness. #Eviden If you have any questions, please contact our recruiter Diana Mihaylova | LinkedIn Let’s grow together.

Company Name: ROKA London
Job Title: System Administrator
Job Description: Job Description: Systems Administrator / IT Manager Reporting to: Chief Operating Officer Location: Remote - UK Summary: We seek a proactive and detail-oriented System Administrator to join our team at ROKA London. This vital role will expose you to all facets of our growing and thriving outdoor lifestyle fashion accessories brand. Your role will support and optimise our business systems, focusing on implementing technologies and AI-driven solutions to enhance business processes, increase efficiency, and support data-driven decision-making across the organisation. Key Responsibilities: Systems Administration Manage our ERP system (Brightpearl), central to our operations across US and UK brands, including the flow of information and data between the systems it integrates with. Manage the technical architecture stack and always-on technologies, including e-commerce stores and related applications. Keeping track of all SaaS updates and upgrades to determine new features and functionality API management and troubleshooting, including EDI systems Troubleshoot system issues for team members Managing data exporting, manipulation and transfer between systems Manage user accounts and permissions across all systems. Coordinate new software rollouts, upgrades, and security enhancements. Manage integration middleware that connects systems. Manage third-party development and software vendors. Business Processes & Optimisation Coordinate and manage third-party integrations and processes into the ERP system. Collaborate with teams to understand business challenges and identify areas where technology and AI can add value. Research and recommend SaaS and AI tools and technologies that align with business needs. Implement AI & SaaS tools to automate tasks, streamline workflows, and improve operational efficiency. Security & Compliance Promote cybersecurity awareness, best practices, and access controls to protect the business. Ensure systems comply with data privacy and regulations (e.g., GDPR). Support & Training Provide technical support to staff, resolving system-related, hardware, and SaaS connectivity issues. Conduct training sessions and create guide documentation to improve user proficiency. Maintain comprehensive documentation on software configurations, integration processes, and system policies. Candidate Profile: Excellent analytical and problem-solving skills, with strong attention to detail. Strong interpersonal and communication skills. Ability to work independently and prioritise multiple tasks in a fast-paced environment. Ability to manipulate data sets using Excel, SQL, Python, PowerBI or other data tools Current ROKA technology stack: Google Workspace for Enterprise Brightpearl & Inventory Planner (Sage) Shopify Plus (4 stores) Integration Partners including Syncware, B Solutions Aircall (VoIP) Gorgias (Customer Service) Quickbooks (Accounts) Klaviyo (Marketing CDP platform) Google Ads, Analytics, Tag Manager Meta Ads To Apply: If you are excited about this opportunity and meet the qualifications above, please submit your CV and cover letter through the LinkedIn Apply button. We look forward to hearing from you!