Kantar

Head of Security Testing – Vulnerability Management

Kantar

full-time

Posted on:

Location Type: Hybrid

Location: London • 🇬🇧 United Kingdom

Visit company website
AI Apply
Apply

Job Level

Lead

Tech Stack

AzureCloud

About the role

  • Lead the enterprise-wide strategy and execution for security testing, vulnerability assessment, and remediation programs.
  • Ensure the organisation maintains a robust security posture by proactively identifying, assessing, and mitigating vulnerabilities across infrastructure, applications, and cloud environments.
  • Define and implement a global security testing and vulnerability management strategy aligned with enterprise risk objectives.
  • Establish governance frameworks, KPIs, and reporting mechanisms for security testing and vulnerability management.
  • Oversee penetration testing, red teaming, and application security testing programs.
  • Manage vulnerability scanning, prioritisation, and remediation workflows across all technology stacks.
  • Ensure timely patching and mitigation of critical vulnerabilities in collaboration with IT, engineering teams and wider business units.
  • Align vulnerability management practices with regulatory requirements (e.g., ISO 27001, NIST, CIS).
  • Provide executive level reporting on risk exposure and remediation progress.
  • Drive automation and integration of vulnerability management tools into CI/CD pipelines.
  • Stay ahead of emerging threats and testing methodologies to enhance security resilience.
  • Build and lead a team of security testing and vulnerability management professionals.
  • Foster a culture of accountability, collaboration, and continuous learning.

Requirements

  • Proven experience in leading global security testing and vulnerability management programs.
  • Strong knowledge of penetration testing, vulnerability scanning tools (e.g., Qualys, Microsoft Defender Vulnerability Management, etc), and secure development practices.
  • Expertise in integration with risk management frameworks.
  • Excellent team leadership, stakeholder management, and communication skills.
  • Ability to operate in a complex, multi-regional environment with diverse technology landscapes.
  • Preferred Qualifications: CISSP, OSCP, or equivalent certifications.
  • Experience with cloud security (Azure) and DevSecOps practices.
  • Background in large-scale enterprise environments.
Benefits
  • Opportunity to shape global security strategy in a high-impact leadership role.
  • Work with cutting-edge technologies and a world-class cyber security team.
  • Competitive compensation and benefits package.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security testingvulnerability assessmentpenetration testingvulnerability scanningcloud securityDevSecOpssecure development practicesrisk management frameworksautomationintegration
Soft skills
team leadershipstakeholder managementcommunicationcollaborationaccountabilitycontinuous learning
Certifications
CISSPOSCP