Security Incident & Vulnerability Consultant CGEMJP00342904

Detailed Description From Employer:

Role Title: Security Incident & Vulnerability Management Consultant

Duration: contract to run until 30/11/2026

Location: Preston. Hybrid 2 days per week onsite

Rate: up to £600 p/d Umbrella inside IR35

Clearance required: Must Be MOD SC Cleared And Be A Sole UK National.

SC must have been actively used within the last 12 months and must have 3 months left on the clearance

Role purpose / summary

The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment.

The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence.

The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover.

This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.

Key Responsibilities

Governance & Process Alignment

Review and align existing supplier processes for:

• High-severity incident management (S3/S4)
• Vulnerability management, across suppliers from existing processes

Ensure processes are:

• Consistent across suppliers
• Aligned to client policy and regulatory requirements

Establish and govern:

• Incident severity classification and escalation thresholds
• Vulnerability prioritisation approaches (e.g. CVSS, KEV, EPSS)
• Exception and risk acceptance processes

Supplier Coordination (SIAM Model)

• Coordinate multiple suppliers to ensure consistent handling of incidents and vulnerabilities
• Act as the integration point across suppliers, aligning outputs without redesigning underlying processes into a common model
• Identify and manage gaps in process maturity, coverage, data quality and Compliance with standards
• Incident Management (S3/S4 Focus)
• Govern the lifecycle of high-severity incidents, including escalation, coordination, communication and reporting
• Ensure suppliers:
• Detect and escalate incidents appropriately
• Meet defined escalation and communication expectations
• Maintain structured incident records
• Define and agree the required level of visibility from SOC outputs, without requiring direct tooling access

Vulnerability Management (SOC-led)

• Oversee the vulnerability lifecycle from identification through to closure
• Ensure vulnerabilities are:
• Prioritised consistently using agreed Client approaches
• Tracked through remediation or formal risk acceptance
• Validate, track and monitor:
• Remediation timelines and SLA adherence
• Handling of high risk vulnerabilities, exceptions and waivers
• Identify risks relating to:
• Incomplete asset coverage
• Obsolescent, legacy or non-patchable systems

Evidence & Assurance

• Define and align evidence requirements for both:
• Incident management (event, escalation, response, closure)
• Vulnerability management (identify, track, remediate, validate)
• Ensure outputs are:
• Consistent across suppliers
• Traceable to risks and controls
• Audit ready
• Provide assurance that both domains align with ISMS and control requirements

Reporting & Transition Support

• Support domain-specific reporting for:
• Major incidents (S3/S4)
• Vulnerability risk and remediation status
• Support governance forums with clear, evidence-based reporting
• Establish a transition baseline that enables a clean handover of processes to BAU without redesign

Key Skills & Experience

Essential

• Experience in security incident management, vulnerability management, or cyber governance roles
• Strong understanding of:
• Incident management lifecycle (detect, respond, recover)
• Vulnerability lifecycle (identify, prioritise, remediate, validate)
• Experience working in multi-supplier or SIAM environments
• Ability to interpret outputs from SOC and vulnerability tooling without direct ownership

Desirable

• Familiarity with NIST CSF, NCSC or UK Government security guidance
• Experience in Defence sector or highly regulated environments
• Exposure to audit, assurance or ISMS processes
• ITIL alignment

Key Deliverables

• Standardised and aligned incident and vulnerability management processes
• Consistent supplier reporting and lifecycle governance
• Evidence models supporting audit and assurance
• Established transition baseline for BAU handover

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.