CrawlJobs Logo

Vulnerability Management Response Lead

https://www.hsbc.com Logo

HSBC

Location Icon

Location:
Poland

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Vulnerability Response Lead is a key role within the Vulnerability Management Response & Remediation team and the wider Cyber Security Vulnerability Management function. The role will report into the Head of Vulnerability Management Response & Remediation.

Job Responsibility:

  • Support the remediation efforts of newly discovered vulnerabilities, where the risk score is deemed critical and an immediate risk to HSBC
  • Monitor external threat feeds and Cyber Intelligence Threat Analysis to identify any newly reported external risks
  • Manage the documentation of FRTF and ITAG initiatives and providing / identifying expert advice & guidance on remediation approaches
  • Track and report of ITAG and FRTF initiatives, as well as producing closure reports for completed ITAG’s and FRTF’s
  • Follow operational processes and ensure that they provide the most streamlined and efficient method of operations, whilst identifying opportunities for improvement
  • Support thematic reviews to drive and systematic uplifts and enhancements to services that help protect the bank
  • Maintain operational documentation on what reports are available and how / where to access them
  • Conduct holistic reviews of the overall baseline security posture
  • Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers
  • Support the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs
  • Support Imminent threat review sessions, and deputising for the chair when required
  • Support the Head of Vulnerability Management Response and Remediation in leading the Vulnerability Management Response Team
  • Engage with the Global Head of Vulnerability Management, and other relevant team leads to review and gain approval for submissions, to ensure information requests are aligned with the group risk appetite providing the expected responses

Requirements:

  • Minimum of 3-5 years’ experience in working in IT Security or similar role
  • Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organisation
  • Ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle and use multiple toolsets to convey information, obtain data, and make it meaningful to future plans
  • Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments
  • Ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC
  • Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders
  • Understanding and experience in the practical application and execution of Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms)
  • Vulnerability assessments, scoring and ratings and how they are applied
  • Patch Management
  • Business and architectural design, including controls analysis, process flows and data flows
  • Cyber security principles, global financial services business models, regional compliance regulations and laws
  • MS Excel to interrogate large data sets
  • SharePoint, Microsoft Teams and Confluence
  • Excellent organisational, administrative, analytical, and problem-solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines
  • Proven track record on delivering activities on time to a high standard
  • Strong interpersonal skills with the ability to create and maintain relationships - Internal relationships extend to peers across other functions within IT and externally to HSBC global businesses, which include external relationships with vendors, typically audit, legal, and technology where the need arises
  • High level of integrity and strong ethical values
What we offer:
  • Competitive salary
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Financial support with trainings and education
  • Social fund
  • Flexible working hours
  • Free parking

Additional Information:

Job Posted:
November 01, 2025

Expiration:
January 30, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Management Response Lead

New

Engineering Manager, Offensive Security & Vulnerability Management

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
Canada , Toronto
Salary
Salary:
161500.00 - 190000.00 CAD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security
  • 3+ years managing technical teams in Offensive Security, Red Teaming, or Vulnerability Management
  • Strong technical foundations in adversary simulation, threat modeling, and vulnerability lifecycle management
  • Strategic thinking, translating offensive findings and vuln data into business risk language and operational improvements
  • Experience building and scaling automated security validation (e.g. Purple teaming, attack simulation, continuous testing frameworks)
  • Operating in complex challenging environments and networks
  • Influence across functions and driving remediation outcomes without direct authority
Job Responsibility
Job Responsibility
  • Lead the Offensive Security team in planning and executing red team operations, internal penetration tests, and adversary emulation campaigns
  • Oversee the Vulnerability Management team responsible for running our bug bounty program as well as continuous discovery, triage, and remediation of vulnerabilities across infrastructure, applications, and cloud environments
  • Define and drive the strategy for Autonomic Security Operations, investing in automated testing and validation pipelines that codify security knowledge and detection coverage
  • Partner closely with engineering, product, threat intelligence and detection & response stakeholders to ensure controls are continuously tested and vulnerabilities are effectively surfaced
  • Build processes, tooling, and dashboards to track and communicate vulnerability and control assurance metrics to stakeholder and leadership
  • Contribute to long-term security planning by identifying control gaps, operational bottlenecks, and opportunities to scale security through automation
What we offer
What we offer
  • bonus opportunities
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right
New

Engineering Manager, Offensive Security & Vulnerability Management

Robinhood’s Security Operations team is seeking a strategic and technical Senior...
Location
Location
United States , Menlo Park
Salary
Salary:
217000.00 - 255000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security
  • 3+ years managing technical teams in Offensive Security, Red Teaming, or Vulnerability Management
  • Strong technical foundations in adversary simulation, threat modeling, and vulnerability lifecycle management
  • Strategic thinking, translating offensive findings and vuln data into business risk language and operational improvements
  • Experience building and scaling automated security validation (e.g. Purple teaming, attack simulation, continuous testing frameworks)
  • Operating in complex challenging environments and networks
  • Influence across functions and driving remediation outcomes without direct authority
Job Responsibility
Job Responsibility
  • Lead the Offensive Security team in planning and executing red team operations, internal penetration tests, and adversary emulation campaigns
  • Oversee the Vulnerability Management team responsible for running our bug bounty program as well as continuous discovery, triage, and remediation of vulnerabilities across infrastructure, applications, and cloud environments
  • Define and drive the strategy for Autonomic Security Operations, investing in automated testing and validation pipelines that codify security knowledge and detection coverage
  • Partner closely with engineering, product, threat intelligence and detection & response stakeholders to ensure controls are continuously tested and vulnerabilities are effectively surfaced
  • Build processes, tooling, and dashboards to track and communicate vulnerability and control assurance metrics to stakeholder and leadership
  • Contribute to long-term security planning by identifying control gaps, operational bottlenecks, and opportunities to scale security through automation
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet - a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Vulnerability Reporting Lead

Within CISO, the Vulnerability Operations Team is responsible for managing and i...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in vulnerability management or information security reporting functions
  • Strong project management skills
  • Familiar with management of development items in Jira
  • Strong communication skills
  • Familiarity with Vulnerability Assessment tools, e.g., Nessus, Qualys, etc.
  • OS Security, e.g., Unix, Linux, Windows, Cisco, etc.
  • Web application infrastructure, e.g., Application Servers, Web Servers, Databases
  • Web development and programming languages i.e., Python, Perl, Ruby, Java, and/or .Net
  • Business Intelligence tools
  • SQL scripting and advanced Excel skills
Job Responsibility
Job Responsibility
  • Drive vulnerability reporting and engagement program enhancements
  • Rationalize tooling and initiatives for vulnerability lifecycle management and reporting
  • Develop relationships with sectors to resolve aging critical vulnerabilities on assets within Citi
  • Prioritize various business requirements for enhancements to vulnerability management program
  • Analyze data to identify trends, opportunities and deliver audit/regulatory deliverables
  • Work with vulnerability lifecycle managers, Asia and Europe-based operations and application support teams to analyze requirements, design and develop specs and manage data which supplies information to all vulnerability threat reporting and analysis
  • Lead Europe-based level one support team, responsible for basic troubleshooting and providing clarity to data consumers on steps required for vulnerability remediation
  • Implement identified process improvements
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Engineering Response Lead Engineer

Aruba is an HPE Company, and a leading provider of next-generation network acces...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 5+ years experience
  • Experience in LAN, WAN, cloud technologies, Linux, virtualization, scripting, and security. Python, C, C++
  • Deep knowledge of routing, switching and security architecture and protocols
  • Expert level experience and understanding of protocols involved in networking, security and internet like - BGP, OSPF, EAPoL, ARP, VLAN, DHCP, VRRP, subnetting, ACL, routing, VRF, DNS, TCP, UDP, HTTP, IKE, IPSEC, HTTPS, proxies, load balancing, VoIP, SNMP, REST, JSON
  • Experience working with cloud platforms such as AWS, Azure, GCP and understanding vendor specific cloud computing techniques like Transit Gateway, VPC, Azure virtual WAN, Direct Connect
  • Experience in designing and architecting secure, resilient networks
  • Knowledge of security and vulnerability practices
  • Expertise in performance related tuning and deep packet level debugging
  • Highly organized and effective communicator who can explain complex technical issues and participate in technical discussions
Job Responsibility
Job Responsibility
  • You will be called for engineering assistance by the highest level of services teams to investigate, debug and resolve complex technical issues
  • In investigating the technical issues, you will audit the overall architecture, deployment and configuration best practices in the SASE setup
  • You will troubleshoot customer environments to triage the issue and determine the root cause
  • By maintaining deep technical understanding of Silver Peak and other related HPE product features you will be owning the technical relationship with the Services and account team to deliver timely engineering response on critical technical issues
  • You will provide prompt feedback to customer issues and help engineering management maintain high service level objectives with services team
  • You will isolate customer issues and work with respective engineering SMEs to root cause and resolve product related issues through immediate workarounds and proper software fixes as required
  • You will document reoccurring issues to help Services team identify issues efficiently
  • You will aid Product Management by providing feedback on improving debug features on the SASE product family
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Flexibility to manage work and personal needs
  • Fulltime
Read More
Arrow Right

Engineering Response Lead Engineer

Aruba, an HPE Company, is a leading provider of next-generation network access s...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 5+ years experience
  • Experience in LAN, WAN, cloud technologies, Linux, virtualization, scripting, and security
  • Python, C, C++, Javascript
  • Deep knowledge of routing, switching and security architecture and protocols
  • Expert level experience and understanding of protocols involved in networking, security and internet like - BGP, OSPF, EAPoL, ARP, VLAN, DHCP, VRRP, subnetting, ACL, routing, VRF, DNS, TCP, UDP, HTTP, IKE, IPSEC, HTTPS, proxies, load balancing, VoIP, SNMP, REST, JSON
  • Experience working with cloud platforms such as AWS, Azure, GCP and understanding vendor specific cloud computing techniques like Transit Gateway, VPC, Azure virtual WAN, Direct Connect
  • Experience in designing and architecting secure, resilient networks
  • Knowledge of security and vulnerability practices
  • Expertise in performance related tuning and deep packet level debugging
Job Responsibility
Job Responsibility
  • You will be called for engineering assistance by the highest level of services teams to investigate, debug and resolve complex technical issues
  • You will audit the overall architecture, deployment and configuration best practices in the SASE setup
  • You will troubleshoot customer environments to triage the issue and determine the root cause
  • You will maintain deep technical understanding of Silver Peak and other related HPE product features to deliver timely engineering response on critical technical issues
  • You will isolate customer issues and work with respective engineering SMEs to root cause and resolve product related issues through immediate workarounds and proper software fixes
  • You will document reoccurring issues to help Services team identify issues efficiently
  • You will aid Product Management by providing feedback on improving debug features on the SASE product family
What we offer
What we offer
  • Comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • Personal & Professional Development programs
  • Inclusive working environment
  • Flexibility to manage work and personal needs
  • Fulltime
Read More
Arrow Right

Security Operations Manager

As the Security Operations Manager, you will lead Cyera’s security operations fu...
Location
Location
United States , St. Louis
Salary
Salary:
Not provided
cyera.io Logo
Cyera
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–8 years of progressive experience in security operations, incident response, or threat management roles
  • 2+ years of experience managing or leading a SOC or security operations function
  • Deep technical understanding of modern security tools and technologies (SIEM, EDR, SOAR, IDS/IPS, CSPM, vulnerability scanners)
  • Strong knowledge of cloud security (AWS, Azure, GCP) and modern DevSecOps practices
  • Proven ability to lead cross-functional incident response efforts and drive resolution under pressure
  • Excellent communication, leadership, and stakeholder management skills
  • Solid understanding of compliance frameworks (SOC 2, ISO 27001, NIST, etc.)
Job Responsibility
Job Responsibility
  • Own the Security Operations function, including 24/7 monitoring, detection, triage, and incident response
  • Develop and maintain Cyera’s Security Operations Center (SOC) processes, playbooks, and escalation paths
  • Lead investigations of security alerts and incidents, ensuring timely response, containment, and remediation
  • Manage and continuously improve security tooling (SIEM, EDR, SOAR, vulnerability management, etc.)
  • Build and mentor a high-performing team of security analysts and engineers
  • Partner with Engineering, IT, and Product to embed security into all stages of the development lifecycle
  • Conduct regular threat modeling, risk assessments, and post-incident reviews to identify and mitigate systemic weaknesses
  • Oversee vulnerability management and coordinate patching or mitigations across infrastructure and SaaS environments
  • Collaborate with Compliance to support audit readiness (SOC 2, ISO 27001, GDPR, etc.) and maintain evidence of operational controls
  • Develop and report security KPIs and metrics to leadership and key stakeholders
What we offer
What we offer
  • Ability to work remotely, with office setup reimbursement
  • Competitive salary
  • Unlimited PTO
  • Paid holidays and sick time
  • Health, vision, and dental insurance
  • Life, short and long-term disability insurance
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right
New

Head of Cyber Security

As the Head of Cyber Security at PEXA UK, you’ll play a key role in protecting t...
Location
Location
United Kingdom , Leeds; Thame
Salary
Salary:
100000.00 - 110000.00 GBP / Year
pexa.co.uk Logo
PEXA UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience leading cyber security operations in a regulated or financial services environment (FCA exposure preferred)
  • Strong understanding of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus)
  • Experience with modern security tooling such as: Cortex XDR / Palo Alto Networks, Splunk (SIEM and dashboarding), Abnormal Security (email security), Prisma Cloud (cloud security posture management), Airlock (application and API security), Nucleus (vulnerability management and reporting)
  • Deep knowledge of incident response, threat hunting, and vulnerability management
  • Excellent stakeholder management and communication skills — able to explain complex risks in simple terms
  • Experience building and mentoring high-performing teams across technical and governance functions
  • Confident working in partnership with global teams and external partners to deliver consistent, secure outcomes
Job Responsibility
Job Responsibility
  • Define and deliver the UK cyber security strategy and roadmap aligned with business and group objectives
  • Act as the senior security authority for PEXA UK, Smoove, and Optima Legal
  • Partner with the Group CISO, UK CTO, and Risk functions to align frameworks and initiatives
  • Lead and mentor a multi-disciplinary team across SOC, engineering, and information security
  • Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews
  • Oversee SOC operations ensuring timely threat detection, response, and resolution
  • Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus
  • Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking
  • Coordinate with third-party partners such as Blazeguard and CCX to ensure effective service delivery
  • Oversee secure configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS
What we offer
What we offer
  • Tailored personal and professional learning and development programs
  • Holistic wellbeing support
  • Support for creating an ideal work/life blend
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy