About the Role
You’ll act as the central coordination and risk authority for vulnerability activity—working closely with engineering and platform teams who remain accountable for remediation delivery.
This role needs a strong technical foundation and the ability to build, lead and develop a vulnerability management team , setting clear ways of working, coaching capability and scaling our coverage and reporting as we grow.
What you will be doing.
- Own and continuously improve the end-to-end vulnerability management lifecycle across legacy, cloud, containerised and third‑party environments.
- Operate and coordinate the Security Penetration Testing Framework, ensuring a consistent risk‑led approach to scope, frequency, execution, retesting and closure.
- Triage, prioritise and track vulnerabilities and pen test findings—ensuring clear ownership, progress visibility and timely escalation of unmanaged risk.
- Gove...