Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Senior Threat & Vulnerability Analyst

Royal London Group
Macclesfield
9 months ago
Applications closed

Related Jobs

View all jobs

SOC Analyst (2nd Line)

Senior Cyber Security Analyst

SOC Operations Manager

Cyber Security & Centralised Services Manager

Cyber Security Consultant - Remote

Application Security Engineer

Job Title: Senior Threat & Vulnerability Analyst

Contract Type: Permanent

Location: Alderley Edge/Edinburgh

Working style: Hybrid 50% home/office based

Closing date: 7th February 2025

 

We are expanding our security and resilience team within the CISO office. Over the last few years, we have been on a continuous improvement journey and are looking to expand the team. This new role will allow us to fully enact our threat-led vulnerability management program, risk-assess the rapid uptake of cloud services, drive further improvements across cyber and support our organisational goal of building a secure and resilient mutual. With a security team of more than fifty staff, this new role will continue to enhance our capabilities against an ever-changing cyber threat landscape.

We are seeking a highly skilled and experienced Senior Threat and Vulnerability Analyst to join Royal London. In this role, you will play a critical part in safeguarding our organisation against potential threats and vulnerabilities. Your expertise and strategic thinking will be essential in protecting our sensitive information and ensuring the overall security of our operations.

In this position, you will be responsible for the assessment of vulnerabilities across the Royal London estate. You will help lead on the identification, prioritisation, and remediation tracking of vulnerabilities to ensure that Royal London operates in line with current legislative, regulatory, and business security requirements. You will work closely with cross-functional teams to help them implement security measures and provide guidance on best practices. Additionally, you will need to stay up to date with the evolving cyber threat landscape and proactively research and analyse emerging threats.

This is an excellent opportunity for a meticulous and results-driven professional with a strong background in cybersecurity, and particularly vulnerability management. If you are enthusiastic about protecting sensitive information, customer data and have a proven track record of implementing effective security measures, we would love to hear from you.

 

 About the role

  • Support the Vulnerability Manager in leading a team of patching and vulnerability analysts providing effective leadership whilst also helping support senior management thereby ensuring vulnerabilities are resolved appropriately by remediation teams and within documented SLAs. Provide guidance, support, and mentorship to foster professional growth and maximise individual and team performance.
  • Supporting the governance related to this key control.
  • Ensuring all regular and out-of-band vulnerabilities are risk assessed against agreed risk thresholds and support the prioritisation and remediation work of teams within documented SLA and compensating controls.
  • Help provide regular KRI metrics and reports, along with a clear narrative for non-compliant remediation activities.
  • Review and enhance processes and technologies used to support and execute the vulnerability management service.
  • Work collaboratively with other Security Leads and the wider IT team to triage and remediate security threats and vulnerabilities within agreed SLAs.
  • Collaborate with the incident response team in investigating and responding to security incidents, providing subject matter expertise and support in the use of security technologies to identify, contain, and remediate threats.
  • Remain up to date on the latest cyber technologies, threat landscapes and vulnerability exploitation techniques.
  • Ability to work on their own but also manage others, including third parties.

 

About you 

  • Proven experience in vulnerability management and application security technologies across an on-prem and Cloud estate. Experience leading a vulnerability management team.
  • Strong technical understanding of multiple security domains (Identity and Access Management, Data Protection, Networking, Endpoint Protection, Application Security as well as Security Operations).

 

  • Proficient in using vulnerability management platforms such as Tenable, Kenna, Qualys, or Rapid7.
  • Good understanding and practical experience of Cyber Security Frameworks and standards, e.g. NIST.
  • Excellent senior stakeholder and 3rd party management skills.
  • Strong understanding of information security concepts, technologies, and best practices.
  • Excellent problem-solving and analytical skills with effective communication and presentation abilities.
  • Working knowledge of OWASP, MITRE, CVSS and other standards/frameworks relevant to vulnerability management.
  • Experience in assessing and managing risks and implementing required mitigation strategies.
  • Ability to manipulate data, extract insight and provide reporting to key stakeholders for actionable tasks.
  • Previous experience of working within a regulated environment in the financial services industry desirable.
  • Able to maintain composure and professionalism in pressurised, stressful, and uncertain situations.
  • Ability to listen, communicate, constructively challenge, and influence team members, immediate peer group, Operational Resilience function senior leadership team and business management / executives.
  • Proactively seek to generate ideas for new ways to improve.
  • Understands and accepts the relevance of others’ views and is prepared to change and be open to collaboration.
  • Continually analyses and evaluates own performance to identify areas for improvement.
  • Takes personal responsibility for self-development.
  • MS Excel and MS Power BI proficiency preferable.
  • Relevant certifications (e.g., CISSP, CISM, CompTIA Sec+) are a plus.

 

About Royal London

We are the UK’s largest mutual life, pensions, and investment company, offering protection, long-term savings and asset management products and services.

Our People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values of: - Empowered, Trustworthy, Collaborate, Achieve. 

We have always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme and private medical insurance. You can see all our benefits here - Our Benefits  

 

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Cyber Security Hiring Trends 2026: What to Watch Out For (For Job Seekers & Recruiters)

As we move into 2026, the cyber security jobs market in the UK is changing fast. Attackers are scaling up with automation & AI, cloud estates are more complex, & regulators are tightening expectations around resilience & data protection. At the same time, budgets are under pressure & some organisations are consolidating their tech teams. Despite all this, demand for cyber security skills remains strong. Skilled defenders, engineers & leaders are still hard to find, & the stakes are only getting higher. Whether you are a cyber security job seeker planning your next move, or a recruiter building security teams, understanding the key cyber security hiring trends for 2026 will help you make better decisions. This guide mirrors the structure of the AI, biotech, blockchain & cloud articles & is written with SEO in mind for both job seekers & recruiters searching for terms like “cyber security hiring trends 2026”, “cyber security recruitment UK”, “cyber security jobs in the UK” & “SOC analyst roles 2026”.

Jobs

Cyber Security Recruitment Trends 2025 (UK): What Job Seekers Must Know About Today’s Hiring Process

Summary: UK cyber security hiring has shifted from title‑led CV screens to capability‑driven assessments that emphasise incident readiness, cloud & identity security, detection engineering, governance/risk/compliance (GRC), measurable MTTR/coverage gains & secure‑by‑default engineering. This guide explains what’s changed, what to expect in interviews, & how to prepare—especially for SOC analysts, detection engineers, blue/purple teamers, penetration testers, cloud security engineers, DFIR, AppSec, GRC & security architecture. Who this is for: SOC & detection engineers, security operations leads, DFIR analysts, penetration testers/red teamers, purple teamers, AppSec/DevSecOps engineers, security architects, cloud security engineers, identity/IAM engineers, vulnerability managers, GRC/compliance specialists, product security & security programme managers targeting roles in the UK.

Jobs

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.