Senior Vulnerability Management Consultant – Contract

Senior Vulnerability Management Consultant – Contract

Location: London (Hybrid) – 6‑Month Contract – Inside IR3

We’re supporting a global enterprise organisation in the search for an experienced Senior Vulnerability Management Consultant to help strengthen and mature its infrastructure security and vulnerability management capabilities. This high‑profile role involves owning vulnerability management activities across a large‑scale technology estate, working closely with infrastructure, engineering and security teams to drive risk reduction, improve patch compliance and enhance overall security posture.

Key Responsibilities

• Manage the end‑to‑end vulnerability lifecycle, including identification, triage, prioritisation, remediation, validation, and reporting.
• Conduct risk‑based assessments using CVSS scoring, exploitability data and business‑impact considerations.
• Translate vulnerability scan outputs into clear and actionable remediation plans.
• Drive remediation activities and ensure adherence to agreed SLAs for critical and high‑risk vulnerabilities.
• Oversee vulnerability remediation and patch management for UNIX/Linux platforms, including RHEL and Oracle Enterprise.
• Support implementation and maintenance of secure baselines and hardened system configurations.
• Ensure infrastructure platforms remain aligned with security standards and best practices.
• Act as a trusted advisor on vulnerability‑related risks and remediation strategies.
• Partner with engineering and infrastructure teams to drive timely resolution of security issues.
• Review and challenge risk exceptions and acceptance requests where appropriate.
• Communicate security risks and remediation progress to key stakeholders.
• Identify opportunities to automate vulnerability management, patching and reporting processes.
• Utilise tools such as Ansible, SCCM, PowerShell and Shell scripting to improve efficiency and consistency.
• Drive process improvements that enhance security outcomes and operational effectiveness.
• Produce and maintain KPI/KRI reporting covering vulnerability trends, remediation performance and SLA compliance.
• Support audit activities, security reviews and compliance initiatives.
• Provide visibility of infrastructure security posture and ongoing risk reduction.
• Support the response to security incidents and emerging threats.
• Coordinate rapid remediation and mitigation activities for critical vulnerabilities and zero‑day threats.

Qualifications

• Strong experience managing enterprise vulnerability management programmes.
• Solid understanding of Windows, UNIX/Linux and enterprise infrastructure environments.
• Hands‑on experience with vulnerability scanning platforms such as Qualys, Nessus or Rapid7.
• Strong knowledge of patch management and remediation processes.
• Experience with automation tools, including Ansible, SCCM, PowerShell and Shell scripting.
• Proven ability to influence technical teams and drive remediation activity across complex environments.
• Experience working within regulated or audit‑driven organisations.
• Strong communication and stakeholder management skills.

Success Looks Like

• Measurable reduction in critical and high‑risk vulnerabilities.
• Improved patch compliance and remediation SLAs.
• Increased automation and operational efficiency.
• Successful audit and compliance outcomes.
• Enhanced visibility and control of infrastructure security posture.

#J-18808-Ljbffr…