Find your next tech and IT Job or contract Remedy

Key Responsibilities Vulnerability Management Lead the full lifecycle of vulnerability management-from discovery and assessment to prioritisation and remediation tracking Administer and optimise scanning tools (e.g., Tenable, Nessus) Conduct regular scans of networks, systems, and applications to identify vulnerabilities Classify and prioritise vulnerabilities using severity ratings, business impact, and threat intelligence Remediation & Coordination Collaborate with Service Operations, Cloud, and Infrastructure teams to ensure timely remediation within agreed SLAs Track remediation efforts and report progress to key stakeholders and leadership Maintain processes for vulnerability exceptions and risk acceptance SOC Integration & Threat Correlation Work closely with SOC analysts and threat intelligence teams to align vulnerabilities with emerging threats and exploitation trends Support incident response efforts by identifying potential weaknesses during investigations and post-incident reviews Reporting & Metrics Produce clear, actionable vulnerability reports and dashboards for both technical and non-technical audiences Provide regular metrics and KPIs to measure the effectiveness of the vulnerability management program Policy & Process Development Develop and maintain vulnerability management policies, procedures, and operational standards Contribute to security architecture reviews and hardening documentation Required Qualifications 3+ years of experience in cybersecurity, with at least 2 years focused on vulnerability management Experience working in or alongside a Security Operations Centre (SOC) Proficiency with vulnerability scanning tools and management frameworks Familiarity with standards such as CVSS, NIST, and MITRE ATT&CK Solid understanding of operating systems (Windows, Linux), network infrastructure, and cloud platforms (AWS, Azure, GCP) Experience with SIEM, EDR, and asset inventory tools Preferred Certifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience) Industry certifications such as CISSP, CISM, GIAC GCIH, OSCP, or equivalent Vendor-specific certifications (e.g., Tenable Certified Specialist, QualysGuard Certified Specialist) Key Skills Strong organisational and attention to detail skills Excellent communication abilities across technical and non-technical teams Ability to work independently as well as collaboratively in a fast-paced environment Strong analytical and problem-solving mindset Working Environment Primarily onsite at our Stoke-on-Trent office, with hybrid working arrangements available (to be discussed during interview) Flexibility for after-hours or on-call support when required Opportunities for continuous learning, certifications, and career development LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the Security Risk Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The Security Risk Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the Security Risk Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

Job title: External Attack Surface Management Analyst Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa 45k dependant on skills and experience What you'll be doing: Supporting the Senior Attack Surface Management Analyst in maintaining the Global Attack Surface Management service to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance Identifying and prioritising vulnerabilities across BAE Systems managed external assets as part of ongoing external attack surface management, coordinating remediation with resolver teams Reviewing and validating vulnerabilities detected by SaaS-based scanning tools, confirming exploitability and severity to inform accurate remediation Supporting vulnerability management across cloud and SaaS environments, identifying risks and coordinating remediation to safeguard externally hosted services Proactively detects external-facing security gaps and misconfigurations, ensuring timely escalation to relevant resolver teams for remediation Your skills and experiences: Essential A extensive technical background with a detailed knowledge of cyber security, computer networks and operating systems Broad and detailed experience of technologies including but not limited to DNS, Certificate Transparency, firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy systems Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Desirable Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy system Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 5th September 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-NP1 #LI-Hybrid

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the GRC Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The GRC Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the GRC Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

Infrastructure Specialist - uberAgent | Berkshire | Contract | Outside IR35 My client is seeking an Infrastructure Analyst on a short term assignment with specific experience in the User Experience Monitoring tool, uberAgent. This organisation has a highly secure, on-premise VDI environment on Citrix technology. They are experiencing persistent performance challenges including slow connection times, extended log-on durations and overall poor user experience and system responsiveness. They have deployed uberAgent, The tool is actively collecting data, But do not have the expertise to properly interpret the insights and telemetry, Diagnose root causes and formulate, implement remediation strategies. Additionally, there is a potential performance bottleneck related to data ingestion into Splunk, which may be impacting the effectiveness of UberAgent or the overall monitoring strategy. Key Responsibilities: Deep-dive analysis into uberAgent telemetry Identification of key performance bottlenecks and root causes Evaluation of Splunk ingestion challenges and recommendations for optimisation Delivery of a detailed findings report and proposed next steps for remediation Collaborate with IT teams to implement agreed improvements. Required Skills for Infrastructure Specialist, uberAgent. Must have proven experience with uberAgent in a Citrix / VDI Environment. Experience of Splunk advantageous. Work within a high security, on premise infrastructure environment is desirable. SC – Clearance is preferred. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

SOC Tier 3 Analyst 6 Month contract initially Based: Remote/Reading - Hybrid. Max 3 days p/w onsite. Rate: Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We a great opportunity for a SOC Tier 3 Analyst to strengthen the Security Operations Center. As a Tier 3 CERT Analyst you will lead the investigation and remediation of advanced cyber threats, leveraging cutting-edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, and Defender and other security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. o Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.). o Familiarity with scripting languages (Python, PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified Forensic Computer Examiner (CFCE) o GIAC Certified Forensic Analyst (GCFA) o GIAC Certified Intrusion Analyst (GCIA) This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

***SC CLEARED*** Vulnerability Manager 6 Month contract initially Location: Barrow-in-Furness. Hybrid, 40% Remote 60% Office Rate: £500 - £550 p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Vulnerability Manager to join the team. We are seeking a Vulnerability Management Lead with proven experience to join our cybersecurity team. Key Responsibilities: * Provide remediation recommendations; Monitor remediation activities; Report on the progress of remediation activities; Provide evidence on closure of remediation activities. * Organise, Scope and Facilitate ITHC Regression testing * Communicate and report technical vulnerabilities to a non-technical audience * Translate and map vulnerabilities to threats and risks. * Work with the client's third-party Pen Testing partners to understand and manage the findings of their testing * Identify remediation dependencies and establish remediation prioritisation plans. * Work with the vulnerability owners to provide recommendations for remediation, short term containment and/or short-term mitigating controls etc. * Create relevant risk acceptance reports where remediation is not possible in the short to medium term. Key Skills & Experience: * Must be a self-starter with good stakeholder management skills. * Experience of working within MOD on OS, S and TS environments. * Knowledge of Vulnerability tools: Nessus, Qualys, Tanium This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.