Vulnerability Manager

Location: UK - London, UK - Hatfield, UK - Milton Keynes, UK - Nottingham, UK - Reading | Job-ID: 216935 | Contract type: Standard | Business Unit: Cyber Security

Life on the team

Are you passionate about staying one step ahead of cyber threats? Do you thrive in a fast-paced, forward-thinking security environment? If so, we’d love to hear from you.

We’re seeking a Vulnerability Manager to join our expanding global security team—an expert group dedicated to protecting our platforms, services, and operational environments from an ever-evolving threat landscape.

Who Are We?

We are a global community of security specialists united by a shared purpose: safeguarding the organisation on every front. Our team is built around three core functions:

• Security Engineering
• Vulnerability Operations
• Cyber Security Specialists

Together, these teams deliver a full-spectrum, data-driven approach to vulnerability management—ensuring our environments remain secure, resilient, and future-ready.

Working as a Vulnerability Manager you will be responsible for the day-to-day delivery of the vulnerability management function, including its technology and processes. The role will be responsible for the identification, prioritisation and reporting of technical vulnerabilities, as well as providing expert support to operational delivery teams on the remediation of vulnerabilities.

What you’ll do

• Be responsible for owning and operating the vulnerability management process for Computacenter.
• Execute the roadmap for vulnerability management processes and technologies.
• Be responsible for the day-to-day operation of vulnerability identification, assessment and alerting tooling.
• Identify, evaluate and prioritise vulnerability remediation activities across the Computacenter group.
• Provide expert security guidance to support resolver teams in the remediation of technical vulnerabilities and weaknesses.
• Provide experienced support to the vulnerability analysts
• Operate the vulnerability management process across the Computacenter group to ensure cooperation amongst all centralised and regional resolver teams.
• Remain current on the latest cyber security threats, new vulnerabilities and the Tactics, Techniques, and Procedures (TTPs) used by threat actors exploiting them.
• Analyse vulnerability intelligence feeds to inform and prioritise vulnerability remediation.
• Operate as a technical vulnerability SME and support on the Group’s response to new major vulnerabilities affecting Computacenter.
• Support in vulnerability investigation and analysis on cyber security incidents to support the Computacenter Cyber Security Incident Response Team (CSIRT).
• Proactively measure the effectiveness of the vulnerability management process through monitoring and conformance to policy and standards (patch, configuration etc).
• Identify opportunities for the continual improvement of the vulnerability management programme.
• Prepare regular, accurate and actionable reporting metrics to senior management and organisational stakeholders.
• Deliver vulnerability exposure reviews to technical resolver groups for their business areas across the group
• Support the cyber risk management function by verifying that vulnerability controls are delivered for assets and information systems, identifying where controls are not being met and the cyber exposure that results in for Computacenter.
• Support penetration testers in their delivery by providing accurate vulnerability analysis pre- and post-assessment.
• Support CTO with the technical validation of security controls.
• Support our internal organisation by ensuring vulnerability control requirements are delivered for assets and digital services.

What you’ll need

• Demonstrable experience in Information and Cyber Security; especially vulnerability management.
• Experienced in vulnerability analysis and assessment, including the operation of risk-based vulnerability management.
• Experienced in the day-to-day operation of specialist security tooling for vulnerability identification and analysis (e.g., Tenable/Qualys/OWASP ZAP/MDE TVM etc.).
• Experienced in preparing threat and vulnerability briefings for management and technical resolvers.
• Practical experience in supporting IT operations including asset, configuration and patch management.
• Understanding of technical IT security best practices including endpoint security, network security, cloud security and the key vulnerabilities and threats affect them.
• Understanding of common IT enterprise technologies - Windows, Linux, cloud, networking platforms etc. and a desire to deliver success with new and evolving technologies
• Information security standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials (Plus), PCI DSS & GDPR.
• The MITRE ATT&CK Framework.
• Cyber threats and vulnerabilities.
• Advanced Persistent Threats (APT) and their associated Tactics, Techniques, and Procedures (TTP).
• Incident response and handling methodologies.
• Risk management processes (e.g., methods for assessing and mitigating risk).
• Recognised information security and/or information technology industry certification (CISM, CISSP, ISO27001 lead implementer, Nessus/Qualys or equivalent/superior).

About us

We are a leading independent technology and services provider, trusted by large corporate and public sector organisations. We are a responsible business that believes in winning together for our people and our planet. We help our customers to source, transform and manage their technology infrastructure to deliver digital transformation, enabling people and their business.

Our business may be about technology, but first of all it’s about people

With over 20,000 people across 22 countries, we are proud of our inclusive culture - where everyone can thrive, feel valued, and truly belong.

As an equal opportunities employer, we’re committed to ensuring fair and equal access to opportunities for all. Your application will be considered on its merits, regardless of your age, disability, ethnicity, gender identity, or any other characteristics protected by law. What matters most to us is that you share our vision and values, and bring the experience and skills we’re looking for.

We are proud to be a Disability Confident Employer. We welcome applications from disabled people and accept applications in alternative formats. We also guarantee to interview applicants who have a disability.

If you share our values and want to make a meaningful impact in a supportive, forward-thinking environment - we’d love to hear from you!