Connect with a cause that needs you!

Threat and Vulnerability Management Lead

Barbican, London
Full-time
Listed today

Head Office

Threat and Vulnerability Management Lead

Threat and Vulnerability Management Lead

Barbican, London | Hybrid Working (One office day a week) | Technology | Fixed-Term Contract till end of 2026 | Full time

Competitive Salary available, depending on experience

37.5 hours per week

At Nuffield Health, our mission to build a healthier nation is powered by passionate people who make a difference every day. We are seeking an experienced Threat and Vulnerability Management Lead to join our growing Cyber Security team and take ownership of our enterprise-wide Threat and Vulnerability Management function.

This is an exciting opportunity to shape and mature our vulnerability management capability, driving the evolution from traditional vulnerability management to a risk-based Exposure Management and CTEM approach. You will define the operating model, influence strategic direction, enhance tooling and processes, and work closely with technology and business stakeholders to reduce cyber risk across a complex healthcare environment.

As our Threat and Vulnerability Management Lead you’ll:

  • Lead and continuously improve Nuffield Health's enterprise-wide Threat and Vulnerability Management programme, driving the transition to a mature Exposure Management and CTEM operating model.

  • Own the end-to-end vulnerability lifecycle, ensuring effective discovery, risk-based prioritisation, remediation governance, exception management and reporting.

  • Develop and manage the VM tooling, patching and automation roadmap, enhancing security visibility, ITSM integration, scanning coverage and operational efficiency.

  • Partner with internal technology teams and third-party providers to drive timely remediation, oversee patch deployment activities and strengthen accountability for risk reduction.

  • Deliver meaningful dashboards, KPIs and executive reporting that provide clear insight into cyber exposure, remediation progress and overall security posture.

To succeed as our Threat and Vulnerability Management Lead you’ll bring:

  • Proven expertise leading Threat and Vulnerability Management (TVM) within a complex enterprise environment, with strong technical knowledge across on-premises, cloud and internet-facing infrastructure.

  • Hands-on experience with vulnerability management platforms such as Qualys and/or Microsoft Defender for Endpoint, including configuration, scanning, analysis and reporting.

  • Strong understanding of risk-based and exposure-led vulnerability prioritisation, leveraging threat intelligence, EPSS, attack-path analysis, asset criticality and business impact alongside CVSS.

  • Experience owning the full vulnerability lifecycle, including discovery, triage, remediation governance, exception management, executive reporting and continuous improvement.

  • Knowledge of security frameworks and standards including ISO 27001, Cyber Essentials Plus and CIS Controls.

  • Excellent stakeholder management, communication and influencing skills, with the ability to translate technical risks into actionable business outcomes.

  • Strategic mindset with the ability to build and mature a security capability, drive CTEM adoption, and measure success through meaningful exposure reduction metrics.

Helping you feel good.

At Nuffield Health, we take care of what’s important to you.

Apply today… It starts with you.

Rewards & Benefits

Helping you be and feel your best.

Annual Leave

Nuffield Health Healthcare Plan

Membership is free for employees and you can add partner and dependants at your own cost.

*eligibility criteria applies.

Financial Wellbeing

Cycle to Work Scheme

Gym Membership

Free membership to any Nuffield Health gym, plus discounted memberships for family members.