Cyber Security Programme Lead
Posted Today by Vallum Associates
Negotiable
Inside
Remote
United Kingdom
Summary: The Cyber Security Programme Lead will oversee the Vulnerability Management Improvement Programme, providing operational leadership and stabilizing the vulnerability team within a high-pressure environment. This role involves collaborating with various teams to enhance the organization's vulnerability management capabilities and ensuring effective communication between technical and business stakeholders. The position requires hands-on execution of processes and strategic oversight to drive long-term solutions in cyber security. The role is remote with occasional travel and classified as inside IR35.
Key Responsibilities:
- Act as the operational lead for the Vulnerability Management Improvement Programme.
- Stabilize the vulnerability team by providing direction and support.
- Conduct assessments of current vulnerability management processes to identify inefficiencies.
- Engage in hands-on execution, including writing presentations and defining operational processes.
- Manage stakeholder expectations and translate technical data into actionable insights.
- Oversee the execution of distinct vulnerability workstreams with Project Managers.
Key Skills:
- Extensive experience in Cyber Security or Vulnerability Management leadership.
- Ability to balance strategic oversight with hands-on process writing and data analysis.
- Resilience in high-pressure, fast-paced environments undergoing transformation.
- Strong understanding of the vulnerability lifecycle and reporting tools.
- Proactive change management skills to build accountability within the team.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Cyber Security Programme Lead - Inside IR35 - Energy Sector Remote based with some adhoc travel every 4 - 6 weeks Inside IR35 via Umbrella Ideally will have experience in Vulnerability Management or Threat Management projects/programmes The Cyber Services team support business units by providing cyber services and platforms to enable our clients businesses to focus on their core missions. The Cyber Services team enable the clients UK business units through the available, efficient, and effective provision of services, including architecture, monitoring & response, and security technologies. The Cyber Security Programme Lead will report to Senior Cyber Security Leadership and works closely alongside the Senior Manager - Cyber Threat.
· The Cyber Security Programme Lead will act as an operational extension of the leadership team, stepping in to take the immediate load off current management. You'll work with and lead a team of experienced vulnerability analysts, SMEs, and Project Managers, engaging across technology teams and business units to reduce risk to the organisation and stabilise the current operational environment.
· The Cyber Security Programme Lead will work in collaboration with the resolver groups, audit teams and maturity programmes to push the capability of the vulnerability programme. This role is an important part of the wider Cyber Services function, helping to advance our vulnerability management capability out of a "firefighting" state and into a mature, sustainable operation.
Cyber Security Programme Lead - What’s my role?
· Operational Leadership: Act as the hands-on operational lead for the Vulnerability Management Improvement Programme, taking direct ownership of the team's day-to-day deliverables and strategic realignment.
· Team Stabilisation: Step into a high-pressure environment to stabilise the vulnerability team, providing clear direction, structure, and support to analysts and subject matter experts.
· Process Optimisation: Conduct a rapid assessment of current vulnerability management processes to identify inefficiencies, bottlenecks, and inefficient practices. Hands-on Execution: Operate as a "doer" as well as a leader. You will not just be theorising; you will be actively writing management presentations, drafting new operational processes, and defining clear operating models.
· Stakeholder Management: Act as the primary buffer and interface between the vulnerability team and the wider business, managing expectations and translating technical vulnerability data into actionable business intelligence.
· Programme Delivery: Oversee the successful execution of distinct vulnerability workstreams, working alongside dedicated Project Managers to implement strategic, long-term solutions.
What do I need to be great at this role?
· Proven Cyber Security or Vulnerability Management Leadership: Extensive experience as a dedicated Cyber Security/Vulnerability Management Leader, ideally with a track record of turning around, maturing, or rescuing underperforming security functions.
· Strategic & Tactical Balance: Ability to operate at a senior management level while remaining highly hands-on with process writing, presentation building, and data analysis.
· Resilience: Comfort operating in a high-pressure, fast-paced environment that is currently undergoing significant transformation and stabilization.
· Deep Technical Context: Strong understanding of the end-to-end vulnerability lifecycle, reporting tools (e.g., Tenable), and how to effectively guide IT resolver groups on remediation and patching prioritisation.
· Change Management: A proactive driver of change who can challenge the status quo, overcome apathy, and build a culture of accountability and resilience within the team.