Find & Fix / Vulnerability Engineer:Active UK SC Clearance is essentialHybrid – 1 day onsite per week from... Read more
Find & Fix / Vulnerability Engineer:
Active UK SC Clearance is essential
Hybrid – 1 day onsite per week from Stevenage or Filton
We are seeking a Vulnerability Management Engineer to take ownership of the full lifecycle of vulnerability management across both internal systems and client environments. This is a key role focused on improving security posture through effective identification, prioritisation, and remediation of vulnerabilities across cloud and on-prem environments.
The Role
You will be responsible for driving vulnerabilities through to full resolution—ensuring issues are not just identified but properly remediated, verified, and evidenced. Working closely with cross-functional teams, you will help balance risk reduction with operational stability while embedding secure practices at scale.
Key Responsibilities
Own the end-to-end vulnerability remediation lifecycle — from identification and validation through to remediation, verification, and closureRemediate cloud security issues using tools such as:Microsoft Defender for CloudAzure AdvisorAWS Inspector & Security HubConduct on-prem vulnerability scanning and coordinate remediation activitiesTranslate security advisories into clear, actionable remediation tasks for engineering teamsResolve OS and application vulnerabilities via patching, hardening, and control implementationCollaborate with infrastructure, platform, and application teams to deploy fixes safely (including change control, testing, and rollback planning)Maintain comprehensive documentation and audit evidence, including root cause analysis and validationProduce regular reporting on vulnerability trends, SLA performance, and residual riskDeliver remediation at scale using DevOps practices and Infrastructure as Code (Terraform)Continuously improve vulnerability management processes and security baselines
Environment
Hybrid cloud: Azure & AWSOn-prem infrastructure environmentsSecurity tooling and enterprise vulnerability management frameworksCross-functional collaboration across engineering, security, and operations teams
Key Requirements
Proven experience in vulnerability management and remediationStrong exposure to Azure, AWS, and on-prem environmentsExperience with vulnerability scanning and security toolsUnderstanding of security frameworks and best practicesDevOps mindset with experience in automation, IaC (Terraform), and scalable solutionsStrong stakeholder management and communication skillsActive UK SC Clearance is essential Read less
