Vulnerability & Configuration Management Engineer

About this role

Responsibilities

• Own and continuously improve the Vulnerability Management programme across applications, infrastructure and end-user devices
• Operate vulnerability management across the full IT estate including code, containers, servers, Kubernetes and endpoints
• Investigate vulnerabilities, drive remediation, and escalate complex issues when required
• Define and maintain processes for technical risk assessment, reporting, escalation and exception handling of vulnerability and configuration items
• Document vulnerability and configuration exceptions in a structured and auditable way
• Provide regular reporting to stakeholders including management, regulators and external partners
• Own and manage recurring reviews of secure configurations (endpoints, baselines, environments, Microsoft recommendations, etc.)
• Manage the full risk lifecycle for vulnerabilities and configuration-related risks
• Contribute to broader security initiatives and tasks as required
• Drive automation of vulnerability analysis, risk scoring and reporting
• Collaborate with engineering and IT teams to prioritise remediation aligned with risk appetite
• Propose and implement pragmatic, secure configuration improvements

Requirements

• Strong experience in Vulnerability Management
• Solid reporting and risk communication skills
• Automation experience is beneficial
• Hands-on experience with tools such as Tenable, Microsoft Vulnerability Management, and Snyk
• Understanding of risk management principles
• Experience: 6+ years in a relevant security role
• Certifications (preferred)
• SC-200 – Microsoft Security Operations Analyst
• MD