Vulnerability Management Architect

Vulnerability Management Architect 5 Month Contract Hybrid - travel to Bracknell and London, Pimlico as and when required Our Retail client is seeking a Vulnerability Management Architect to join their team on a 5-month contract basis. As a Vulnerability Management Architect, you will play a crucial role in modernising the company's vulnerability management capabilities, ensuring they can support a fast-moving business and stand as a strong pillar within their zero-trust framework. Accountabilities: Explore and document our baseline vulnerability management architecture Capture our vulnerability management requirements and usage scenarios, captured as a set of patterns that a future solution will need to support Build out and evaluate the drivers and benefits for change Provide market assessment as appropriate, partnering with our procurement teams as needed Provide a validated and recommended strategy solution architecture for our vulnerability management services (i.e. this is all about explaining how the elements of the solution will work together, vendor agnostic) Compile vendor solution options to address the above (with cost, transition, benefit high level analysis) Complete high-level design for the deployment in a future year Scope and supporting costing of future project work for the future implementation of the proposed architecture Understand and gain alignment with related architecture strategies (including device management and platform strategies) Collaboratively working with other solution and enterprise architects to drive secure solutions (across people, process and technology) Experience Required: Expert-level knowledge and experience with technical deployments of exposure / vulnerability management systems for large enterprises, across a diverse technology stack (IaaS/PaaS/SaaS/physical/mainframe/hybrid-cloud) and delivery lifecycles (Project/COTS applications, DevOps) Expertise with Qualys and other vulnerability and exposure management technologies Expertise in the full vulnerability management lifecycle Vendor and market analysis and engagement Ability to translate technical information into Risks, Threats, and Vulnerabilities for both a technical and non-technical audience Cloud based security (AWS/GCP), with a specialism in vulnerability management Self-starter, able to work in technical detail and motivate a diverse group of stakeholders to build sponsorship for significant and impactful change Desired: Establishing observability platforms Capabilities adjacent to exposure/vulnerability management capabilities (ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.

Location: London, South East England, GB

Posted Date: 7/8/2025