FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Vulnerability Manager
The Very GroupVulnerability Manager managing vulnerability activities and security penetration testing at Very digital retailer. Leading a high-performing team while ensuring risk mitigation and reporting for stakeholders.
Tech Stack
Tools & technologiesCloudSDLC
About the role
Key responsibilities & impact- Own and continuously improve the end-to-end vulnerability management lifecycle across legacy, cloud, containerised and third-party environments.
- Operate and coordinate the Security Penetration Testing Framework, ensuring a consistent risk-led approach to scope, frequency, execution, retesting and closure.
- Triage, prioritise and track vulnerabilities and pen test findings—ensuring clear ownership, progress visibility and timely escalation of unmanaged risk.
- Govern risk acceptance/exceptions, compensating controls and evidence for audit and regulatory scrutiny.
- Own reporting (risk posture, trends, coverage, performance) for senior stakeholders and governance forums.
- Drive improvements in tooling, data quality, asset coverage and testing scope—working with suppliers and internal teams.
- Establish a sustainable vulnerability management team (hiring, onboarding, performance, coaching)
Requirements
What you’ll need- Strong experience coordinating vulnerability management and security penetration testing in complex enterprise environments.
- Demonstrable technical background (e.g., application/infrastructure security, cloud security, vulnerability assessment and remediation validation) with the capability to hire, lead and develop a high-performing vulnerability management team.
- Solid understanding of penetration testing methodologies and assurance expectations across applications, infrastructure, cloud and externally exposed services.
- Ability to apply risk-based judgement beyond severity scoring (exploitability, exposure and business context).
- Experience governing penetration testing (scope definition, prioritisation, retesting and remediation assurance).
- Proven track record working with engineering teams where remediation ownership sits outside of security.
- Confident stakeholder management—able to translate technical findings into clear business risk narratives.
- High standards for reporting, documentation and audit readiness.
- Experience aligning vulnerability governance to ISO 27001 and/or NIST.
- Hands-on experience configuring and operating industry-standard vulnerability testing tooling.
- Exposure to cloud-native and legacy environments.
- Experience mentoring analysts or leading capability uplift.
- Understanding of secure SDLC and modern engineering delivery models.
Benefits
Comp & perks- Flexible, hybrid working model
- Inclusive culture and environment, check out our Glassdoor reviews
- £1000 flexible benefits allowance to suit your needs
- 30 days holiday + bank holidays
- Udemy learning access
- Bonus potential (performance and business-related)
- Up to 25% discount on Very.co.uk
- Matched pension up to 6%
- More benefits can be found on our career site
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
vulnerability managementsecurity penetration testingapplication securityinfrastructure securitycloud securityvulnerability assessmentremediation validationpenetration testing methodologiesrisk-based judgementsecure SDLC
Soft Skills
stakeholder managementteam leadershipcoachingcommunicationreportingdocumentationaudit readinessmentoringperformance managementrisk narrative translation
Certifications
ISO 27001NIST