Cyber Security Consultant - Incident and Vulnerability Management

The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment. The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence. The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover. This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.

Key Responsibilities

Governance & Process Alignment

Review and align existing supplier processes for: o High-severity incident management (S3/S4) o Vulnerability management, across suppliers from existing processes

Ensure processes are o Consistent across suppliers o Aligned to client policy and regulatory requirements Establish and govern: o Incident severity classification and escalation thresholds o Vulnerability prioritisation approaches (eg CVSS, KEV, EPSS) o Exception and risk acceptance processes

Supplier Coordination (SIAM Model) Coordinate multiple suppliers to ensure consistent handling of incidents and vulnerabilities Act as the integration point across suppliers, aligning outputs without redesigning underlying processes into a common model Identify and manage gaps in process maturity, coverage, data quality and Compliance with standards Incident Management (S3/S4 Focus) Govern the life cycle of high-severity incidents, including escalation, coordination, communication and reporting Ensure suppliers: o Detect and escalate incidents appropriately o Meet defined escalation and communication expectations o Maintain structured incident records Define and agree the required level of visibility from SOC outputs, without requiring direct tooling access

Vulnerability Management (SOC-led) Oversee the vulnerability life cycle from identification through to closure Ensure vulnerabilities are: o Prioritised consistently using agreed Client approaches o Tracked through remediation or formal risk acceptance

Validate, track and monitor o Remediation timelines and SLA adherence o Handling of high risk vulnerabilities, exceptions and waivers Identify risks relating to: o Incomplete asset coverage o Obsolescent, Legacy or non-patchable systems

Evidence & Assurance Define and align evidence requirements for both: o Incident management (event, escalation, response, closure) o Vulnerability management (identify, track, remediate, validate)

Ensure outputs are: o Consistent across suppliers o Traceable to risks and controls o Audit ready Provide assurance that both domains align with ISMS and control requirements

Reporting & Transition Support Support domain-specific reporting for: o Major incidents (S3/S4) o Vulnerability risk and remediation status Support governance forums with clear, evidence-based reporting Establish a transition baseline that enables a clean handover of processes to BAU without redesign

Essential Experience in security incident management, vulnerability management, or cyber governance roles Strong understanding of: o Incident management life cycle (detect, respond, recover) o Vulnerability life cycle (identify, prioritise, remediate, validate) Experience working in multi-supplier or SIAM environments Ability to interpret outputs from SOC and vulnerability tooling without direct ownership

Desirable Familiarity with NIST CSF, NCSC or UK Government security guidance Experience in Defence sector or highly regulated environments Exposure to audit, assurance or ISMS processes ITIL alignment

Key Deliverables Standardised and aligned incident and vulnerability management processes Consistent supplier reporting and life cycle governance Evidence models supporting audit and assurance Established transition baseline for BAU handover

Preston/London/Birmingham (Hybrid) - £599 per through FCSA Umbrella Contract Posted by: eTeam Workforce Limited Posted: Friday, 29 May 2026 We are a Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you.