Resilience Vulnerability Management Lead
<p><b>Salary: £36,000 - 60,000 per year</b></p>
<b>Requirements:</b>
<ul><li>Bachelors degree in IT, Computer Science, or a related discipline (or equivalent professional experience)</li><li>Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution</li><li>Strong understanding of operational resilience frameworks</li><li>Strong understanding of vulnerability lifecycle management</li><li>Knowledge of regulatory and governance requirements</li><li>Demonstrated ability to manage complex assessments across multiple applications and stakeholders</li><li>Strong analytical and problem-solving skills</li><li>Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences</li><li>High attention to detail and strong commitment to quality</li><li>Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment</li><li>Confident stakeholder manager with experience driving cross-functional outcomes</li></ul>
<b>Responsibilities:</b>
<ul><li>Lead resilience assessments (TRVA) for multiple Important Business Services (IBS) applications across front-office and back-office environments</li><li>Ensure alignment with internal operational resilience standards</li><li>Review architecture documents and application artefacts, leveraging data from enterprise platforms</li><li>Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings</li><li>Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities</li><li>Drive timely sign-off of assessments by all required stakeholders</li><li>Consolidate findings into clear, comprehensive reports with actionable remediation recommendations</li><li>Raise identified vulnerabilities in line with governance requirements</li><li>Contribute to executive-level summaries and participate in stakeholder presentations</li><li>Manage the end-to-end vulnerability lifecycle, including creation and approval</li><li>Conduct tolerance assessments, progress tracking, and reporting</li><li>Oversee remediation and closure governance</li><li>Prepare closure packs, conduct QA, approval, and final closure</li><li>Conduct control reviews outside standard assessments and raise vulnerabilities where required</li><li>Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans</li><li>Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details</li><li>Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date</li><li>Support other Lines of Business with tolerance assessments for MSS-owned applications</li><li>Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes</li><li>Ensure remediation actions are accurately reflected in golden source systems</li><li>Prepare high-quality closure packs with supporting evidence</li><li>Produce Risk & Control Management Meeting packs and stakeholder reports</li><li>Represent the team in governance forums when required</li><li>Contribute inputs to consolidated CIB-level reporting</li><li>Participate in vulnerability portal feature testing, providing feedback and backlog requirements</li><li>Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums</li></ul>
<b>Technologies:</b>
<ul><li>Support</li><li>Security</li></ul>
<p><b>More:</b></p>
<p>We are a leading financial services organization based in Sheffield, seeking to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This hybrid role is crucial in supporting our Operational Resilience and Vulnerability Management objectives, ensuring that our Important Business Services are resilient, well-governed, and compliant with internal standards and regulatory expectations. We offer a competitive inside IR35 day rate, a long initial contract with potential extension, and the opportunity to play a key role in strengthening operational resilience within our organization.</p>
<p>last updated 8 week of 2026</p>
<b>Requirements:</b>
<ul><li>Bachelors degree in IT, Computer Science, or a related discipline (or equivalent professional experience)</li><li>Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution</li><li>Strong understanding of operational resilience frameworks</li><li>Strong understanding of vulnerability lifecycle management</li><li>Knowledge of regulatory and governance requirements</li><li>Demonstrated ability to manage complex assessments across multiple applications and stakeholders</li><li>Strong analytical and problem-solving skills</li><li>Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences</li><li>High attention to detail and strong commitment to quality</li><li>Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment</li><li>Confident stakeholder manager with experience driving cross-functional outcomes</li></ul>
<b>Responsibilities:</b>
<ul><li>Lead resilience assessments (TRVA) for multiple Important Business Services (IBS) applications across front-office and back-office environments</li><li>Ensure alignment with internal operational resilience standards</li><li>Review architecture documents and application artefacts, leveraging data from enterprise platforms</li><li>Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings</li><li>Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities</li><li>Drive timely sign-off of assessments by all required stakeholders</li><li>Consolidate findings into clear, comprehensive reports with actionable remediation recommendations</li><li>Raise identified vulnerabilities in line with governance requirements</li><li>Contribute to executive-level summaries and participate in stakeholder presentations</li><li>Manage the end-to-end vulnerability lifecycle, including creation and approval</li><li>Conduct tolerance assessments, progress tracking, and reporting</li><li>Oversee remediation and closure governance</li><li>Prepare closure packs, conduct QA, approval, and final closure</li><li>Conduct control reviews outside standard assessments and raise vulnerabilities where required</li><li>Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans</li><li>Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details</li><li>Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date</li><li>Support other Lines of Business with tolerance assessments for MSS-owned applications</li><li>Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes</li><li>Ensure remediation actions are accurately reflected in golden source systems</li><li>Prepare high-quality closure packs with supporting evidence</li><li>Produce Risk & Control Management Meeting packs and stakeholder reports</li><li>Represent the team in governance forums when required</li><li>Contribute inputs to consolidated CIB-level reporting</li><li>Participate in vulnerability portal feature testing, providing feedback and backlog requirements</li><li>Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums</li></ul>
<b>Technologies:</b>
<ul><li>Support</li><li>Security</li></ul>
<p><b>More:</b></p>
<p>We are a leading financial services organization based in Sheffield, seeking to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This hybrid role is crucial in supporting our Operational Resilience and Vulnerability Management objectives, ensuring that our Important Business Services are resilient, well-governed, and compliant with internal standards and regulatory expectations. We offer a competitive inside IR35 day rate, a long initial contract with potential extension, and the opportunity to play a key role in strengthening operational resilience within our organization.</p>
<p>last updated 8 week of 2026</p>