Cyber Threat Intelligence & Vulnerability Management Lead

Be among the first 25 applicants

This range is provided by SR2 | Socially Responsible Recruitment | Certified B Corporation. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Direct message the job poster from SR2 | Socially Responsible Recruitment | Certified B Corporation

Are you ready to take the lead in defending the UK’s critical energy infrastructure from cyber threats? We’re seeking an experienced Cyber Threat Intelligence & Vulnerability Management Lead to join our client's dynamic Cyber Security team. This is your chance to make a real impact—shaping and leading the threat intelligence and vulnerability management strategy for one of the UK’s essential energy companies.

If you’re passionate about security, thrive on staying ahead of emerging threats, and have a solid background in OT/ICS environments, we want to hear from you.

• Lead cyber threat intelligence and vulnerability management functions across IT and OT environments.
• Monitor and analyze threats specific to industrial control systems and operational technology, including ransomware and nation-state actors.
• Develop actionable intelligence and provide early warnings to security operations and risk teams.
• Coordinate vulnerability scanning, prioritization, and remediation efforts across critical infrastructure.
• Collaborate with engineering, IT, and operations teams to ensure system safety and security coexist.
• Represent the organization in threat sharing forums such as NCSC, CiSP, and energy sector ISACs.

• 5+ years of experience in cyber threat intelligence, vulnerability management, or related security disciplines.
• Strong understanding of ICS/SCADA systems, PLC networks, and their role in the energy sector.
• Familiarity with tools like Tenable, Qualys, Rapid7 and platforms such as MISP, ThreatConnect, or Recorded Future.
• Experience working in or securing OT environments, with a focus on safety and uptime.
• Knowledge of frameworks like MITRE ATT&CK, Cyber Kill Chain, and NIS2/CAF compliance.
• Effective communicator capable of translating technical findings into business risks.

• Certifications such as GCTI, GRID, CISSP, or CRISC.
• Experience leading security teams or managing third-party security partners.
• Proactive, analytical mindset with the ability to perform under pressure.

The benefits offered are exceptional. Reach out to learn about the Pension and Bonus schemes.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Other
• Industry: Utilities