Head of Security Testing and Vulnerability Management

The Head of Security Testing and Vulnerability Management will lead the enterprise-wide strategy and execution for security testing vulnerability assessment and remediation programs. This role ensures the organisation maintains a robust security posture by proactively identifying, assessing and mitigating vulnerabilities across infrastructure, applications and cloud environments.

• Define and implement a global security testing and vulnerability management strategy aligned with enterprise risk objectives.
• Establish governance frameworks, KPIs and reporting mechanisms for security testing and vulnerability management.

• Oversee penetration testing, red teaming and application security testing programs.
• Manage vulnerability scanning prioritisation and remediation workflows across all technology stacks.
• Ensure timely patching and mitigation of critical vulnerabilities in collaboration with IT engineering teams and wider business units.

• Align vulnerability management practices with regulatory requirements (e.g. ISO 27001, NIST, CIS).
• Provide executive level reporting on risk exposure and remediation progress.

• Drive automation and integration of vulnerability management tools into CI / CD pipelines.
• Stay ahead of emerging threats and testing methodologies to enhance security resilience.

• Build and lead a team of security testing and vulnerability management professionals.
• Foster a culture of accountability, collaboration and continuous learning.

• Proven experience in leading global security testing and vulnerability management programs.
• Strong knowledge of penetration testing, vulnerability scanning tools (e.g. Qualys, Microsoft Defender, Vulnerability Management) and secure development practices.
• Expertise in integration with risk management frameworks.
• Excellent team leadership, stakeholder management and communication skills.Ability to operate in a complex multi-regional environment with diverse technology landscapes.

• CISSP, OSCP or equivalent certifications.
• Experience with cloud security (Azure) and DevSecOps practices.
• Background in large‑scale enterprise environments.

• Opportunity to shape global security strategy in a high‑impact leadership role.
• Work with cutting‑edge technologies and a world‑class cyber security team.
• Competitive compensation and benefits package.

Please note that the majority of our roles are hybrid working three days a week in our office.

We are not able to offer visa sponsorship or help with relocation support for this role. Please make sure you have the right to work in the country where this role is located before applying.

You will be joining our technology team right in the middle of our tech revolution. We're undergoing the largest technology transformation Kantar has ever seen, investing in new AI and cloud technologies. By modernising all our tech systems we can respond to our clients’ needs faster and more efficiently and keep Kantar as a market leader for insights.

We shape the brands of tomorrow by better understanding people everywhere. By understanding people we can understand what drives their decisions, actions and aspirations on a global scale. And if we combine the expertise of our people with the latest AI technology, we can really help brands discover amazing insights.

And because we know people, we like to make sure our own people are looked after. Equality of opportunity for everyone is our highest priority and we support our colleagues to work the way that works for them. We encourage applications from all backgrounds and sections of society. Even if you feel like you’re not an exact match, we’d love to receive your application and talk to you about this job or others at Kantar.

At Kantar the diversity of our employees provides a richer environment for our employees and broader depth and breadth of thinking for our clients. Kantar is committed to inclusion and diversity; therefore we welcome applications from all sections of society and do not discriminate based on age, race, religion, gender, pregnancy, sexual orientation, gender identity, disability, marital status or any other legally protected characteristics.

PRIVACY DISCLOSURE: By applying to this opportunity you consent to the personal data you provide to us to be processed and retained by The Kantar Group Limited (Kantar). Your details will be kept on our Internal ATS (Applicant Tracking System) for as long as is necessary for the purposes of recruitment may include your details being shared with the hiring manager.

#LI-CS1

Country: United Kingdom

Employment Type: Full‑Time

Vacancy: 1