Find your next tech and IT Job or contract Vulnerability management in Wales

Main duties consist of but are not limited to: Vulnerability Management (Primary Focus) Lead and enhance the organisation’s vulnerability management programme, including our Penetration Testing programme across a complex hybrid IT environment covering both infrastructure and applications. Scoping, prioritising work, engaging with stakeholders, and ensuring remediation activities happen in a timely fashion. Prioritise vulnerabilities using a risk‑based, threat‑informed approach to support organisational objectives, regulatory requirements, and audit needs. Oversee the full lifecycle of vulnerabilities, including triage, mitigation planning, remediation recommendations, and stakeholder coordination. Develop and maintain vulnerability management policies, procedures, standards, and best practice guidance. Threat Intelligence Produce high quality tactical, operational, and strategic intelligence assessments and briefings using analysis and interpretation of current threat intelligence. Utilising and liaising with internal stakeholders, commercial sources, open-source intelligence and government partners to provide a rounded, comprehensive view of the current threat landscape. Lead initiatives to strengthen the organisation’s intelligence capability and participate in information sharing communities. Incident Response Support Contribute and enhance our incident response processes, representing Cyber Security in operational incident calls, keeping stakeholders informed and liaising with government bodies to ensure timely and effective management of threat intelligence and threat hunting. Cyber Risk Management Play an integral part in Cyber Security risk management, conducting risk and threat assessments aligned with regulations. Using your knowledge of standards and expertise to support our stakeholders by providing pragmatic and proportionate advice and best practice guidance. Metrics & Reporting Develop and maintain actionable metrics that demonstrate the effectiveness of the organisation’s vulnerability management and threat intelligence capabilities.