Head of Security Testing and Vulnerability Management

Role:
Head of Security Testing & Vulnerability ManagementLocation:
Leeds (Hybrid 2/3 split)Salary: £75,000 - £85,000Summary:

The Head of Security Testing and Vulnerability Management is responsible for defining and delivering the organisation's global approach to security testing and vulnerability management.

This role ensures vulnerabilities across infrastructure, applications, and cloud platforms are proactively identified, prioritised, and remediated, supporting a strong and measurable security posture across the enterprise. The position operates in a complex, multi-regional environment and works closely with technology, engineering, and business stakeholders.Key Responsibilities:

• Define and lead the global security testing and vulnerability management strategy aligned to enterprise risk objectives.
• Establish governance, metrics, and reporting for security testing and remediation activities.
• Oversee penetration testing, red teaming, and application security testing programmes.
• Manage vulnerability scanning, prioritisation, and remediation processes across on-prem, cloud, and application environments.
• Partner with IT, engineering, and business teams to ensure timely patching and mitigation of critical risks.
• Integrate vulnerability management tools and automation into CI/CD and operational workflows.
• Monitor emerging threats, attack techniques, and testing methodologies to continuously improve security effectiveness.
• Align vulnerability management practices with recognised standards and frameworks (e.g. ISO 27001, NIST, CIS).
• Provide clear, executive-level reporting on security risk exposure and remediation progress.
• Build, lead, and develop a high-performing security testing and vulnerability management team.
• Promote a culture of accountability, collaboration, and continuous improvement across security and technology functions.

Skills:

• Demonstrated experience leading enterprise-scale security testing and vulnerability management functions.
• Strong technical knowledge of penetration testing, vulnerability assessment, and remediation practices.
• Hands-on experience with vulnerability management and testing tools (e.g. Qualys, Microsoft Defender Vulnerability Management or similar).
• Experience integrating vulnerability management with broader risk and governance frameworks.
• Proven leadership, stakeholder engagement, and communication skills at senior levels.
• Ability to operate effectively across multiple regions and diverse technology environments.
• Relevant security certifications (e.g. CISSP, OSCP, or equivalent).
• Experience with cloud security, particularly Azure, and Dev Sec Ops  practices.
• Background working in large, complex enterprise organisations.

Role:
Head of Security Testing & Vulnerability ManagementLocation:
Leeds (Hybrid 2/3 split)Salary: £75,000 - £85,000

Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.