Vulnerability Manager (Cybersecurity)

TL;DR

Vulnerability Manager (Cybersecurity): Central coordination and risk authority for vulnerability activity across legacy, cloud, and containerised environments with an accent on establishing a vulnerability management team and governing penetration testing. Focus on triaging risks, improving tooling, and translating technical findings into business risk narratives.

Location: Hybrid working model in Liverpool, United Kingdom

Company

The team behind digital retailer hirify.global, focused on helping families get more out of life.

What you will do

• Own and improve the end-to-end vulnerability management lifecycle across legacy, cloud, containerised, and third-party environments.
• Coordinate the Security Penetration Testing Framework, overseeing scope, execution, and closure.
• Triage and track vulnerabilities and pen test findings to ensure timely escalation of unmanaged risks.
• Govern risk acceptance, exceptions, and compensating controls for audit and regulatory scrutiny.
• Provide reporting on risk posture, trends, and performance for senior stakeholders.
• Build and lead a sustainable vulnerability management team through hiring, onboarding, and coaching.

Requirements

• Strong experience coordinating vulnerability management and penetration testing in complex enterprise environments.
• Technical background in application, infrastructure, or cloud security with the ability to lead a high-performing team.
• Deep understanding of penetration testing methodologies and assurance expectations.
• Ability to apply risk-based judgement based on exploitability, exposure, and business context.
• Proven track record of collaborating with engineering teams where remediation ownership is external to security.
• Must be based in or able to work in a hybrid model in Liverpool, UK.

Nice to have

• Experience aligning vulnerability governance to ISO 27001 and/or NIST.
• Hands-on experience with industry-standard vulnerability testing tooling.
• Exposure to both cloud-native and legacy environments.
• Understanding of secure SDLC and modern engineering delihirify.global models.

Culture & Benefits

• Flexible, hybrid working model.
• £1000 flexible benefits allowance.
• 30 days holiday plus bank holidays.
• Udemy learning access and bonus potential.
• Up to 25% discount on hirify.global.co.uk.
• Matched pension up to 6%.

Hiring process

• Initial Teams call with the Hiring Team.
• One-hour formal interview covering competency and technical questions.
• Take-home task as part of the second stage preparation.