Threat and Vulnerability Manager

Job description

Contract Type: Permanent Location: Glasgow or Alderley Park (Wilmslow) Working Style: Hybrid - 50% from home / 50% office based Reporting to the Head of Attack Surface Management, the Threat and Vulnerability Manager is accountable for defining, owning and operating Royal London’s enterprise patching and vulnerability management capability. The role ensures vulnerabilities are identified, prioritised, governed and reported in line with business risk, regulatory expectations and industry best practice, supporting cyber resilience across the Group. You will lead Royal London’s patching and vulnerability management capability, working closely with operational technology teams and our partner resources. Through strong collaboration, clear prioritisation and effective reporting, you will help ensure that vulnerabilities are managed transparently and treated in a timely, risk informed way, strengthening our overall cyber resilience. More About the role: - Own the enterprise patching and vulnerability management framework, standards, policies, processes, controls and operating model. - Own the end-to-end vulnerability lifecycle including identification, triage, risk-based prioritisation,...