The Team

Working in Security Operations is a big deal as we play a key role in keeping Virgin Money safe. We’re on an exciting journey with a big vision as we grow our team to enhance our security and cyber operations.

The Vulnerability Management Team are responsible for analysing and reporting of vulnerabilities on Bank infrastructure, assets, and code, evaluation of associated risk, management of key technical and business stakeholders, and engagement on remediation planning. They act as SMEs on the Bank’s vulnerability scanning tools, and direct the organisation’s response to identified threats.

The Cyber Security Vulnerability Management Lead role is responsible for leading this dynamic, high-performing Security Operations Team, with responsibility for task management and ensuring delivery of team objectives and contributing to the organisation’s Vulnerability Management control.

What you’ll be doing…

  • Providing specialist knowledge in Vulnerability Management with a deep understanding of infrastructure, assets or code.
  • Identifying, analysing and reporting of vulnerabilities on Bank infrastructure, assets, and code.
    Lead a team of technical specialists, providing direction and task allocation to ensure delivery of normal operations, strategic planning and improvements.
  • Communicating and collaborating with technical and business stakeholders to ensure the security operations requirements are articulated and understood.
  • Manage of continuous improvements programmes to enhance processes and reduce risk, and ensure we perform more efficiently.
  • With your curious mindset, you’ll risk assess findings to determine appropriate responses.
  • Lead collaboration with key internal stakeholder groups
  • Taking the lead in continuous improvements programmes to enhance processes and reduce risk and improve efficiency as you keep the customer at the heart.
  • Providing advice on appropriate Vulnerability Management controls across technical discipline.
  • Building strong relationships as you work closely with security technology vendors to identify and progress control improvements and perform issue remediation.

We need you to have…

  • Experience of Vulnerability Management solutions, with the ability to operate as an SME and provide support to develop existing team members.
  • Expert knowledge of a vulnerability management scanning tool such as Qualys, SonaType or SonarQube.
  • Expert knowledge of vulnerability management processes.
  • Expert in prioritising multiple activities in a rapidly changing environment.
  • Proven strong analytical, problem solving and IT system skills.
  • Ability to work on your own initiative, taking ownership and responsibility for team deliverables.
  • Expertise in effective communication and resolving complex situations.
  • Drive to manage your own deliverables and development.
  • Capability to upskill on other technologies as required.
  • Ability to lead complex technical improvements and innovations.

It’s a bonus if you have but not essential…

  • Industry related security qualification (e.g. CISSP, CISM) or equivalent practical security experience
  • Experience of Windows or RHEL OS platforms, with an understanding of patching processes and automation options.
  • Knowledge of Azure and cloud infrastructure
  • Knowledge of Penetration Testing, it’s practical approaches and methodologies
  • Knowledge of ITIL framework incl. risk and change management.

To apply for this job please visit