Job Specifications
This role may be located in one of the following locations; Blackpool, Leeds, Manchester, Newcastle-upon-Tyne, Sheffield.
Please find further information on the Corporate hub locations here.
Please note that for candidates requesting to work in Newcastle, this role will be based at Benton Park View from September 2025, and then at 1 Pilgrim Place in Newcastle city centre by the end of 2027.
Job Summary
Can you turn complex cyber risks into clear, actionable strategies that keep services safe and resilient?
Digital Security require an experienced Lead Cyber Security Vulnerability Manager. This is a leadership role with responsibility to:
Lead the development and implementation of the Departments vulnerability management strategy including people, process, and technology elements.
Ensure organisation-specific vulnerability management policies, procedures and guidelines are aligned with organisational objectives and risk appetite.
Drive prioritisation security vulnerabilities through a risk-based approach, to meet common organisational objectives such as security policy compliance, regulatory compliance, and industry best practice.
Collaborate with other Security and Operational teams, Lead with the development of mitigation strategies in order reduce the Departments exposure to the risks presented by unaddressed security vulnerabilities.
Lead a team of Vulnerability Analysts to manage capability and resource levels and develop their skills, knowledge, and capabilities.
Use expert knowledge to lead and inform the investigation of cyber security vulnerabilities (risks), develop, and agree remediation and prioritisation actions within agreed KPIs, across multiple Digital functions to protect DWP systems.
Contribute to the delivery of security awareness to meet the objectives set out in Government Cyber Security Strategy.
Please note this role requires you to pass Security Check clearance. For further information, please see 'Selection process details'.
Job Description
Lead with the development and implementation of the Departments vulnerability management strategy including people, process, and technology elements.
Ensure organisation-specific vulnerability management policies, procedures and guidelines are aligned with organisational objectives and risk appetite.
Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.
In collaboration with other Security and Operational teams, Lead with the development of mitigation strategies in order reduce the Departments exposure to the risks presented by unaddressed security vulnerabilities.
Lead a team of Vulnerability Analysts to manage capability and resource levels and develop their skills, knowledge, and capabilities.
Use expert knowledge to lead and inform the investigation of cyber security vulnerabilities (risks), develop, and agree remediation and prioritisation actions within agreed KPIs, across multiple Digital functions to protect DWP systems.
Contribute to the delivery of security awareness to meet the objectives set out in Government Cyber Security Strategy.
Establish interfaces and working processes with other teams within Security and operational teams which have a shared responsibility to deliver a mature vulnerability management programme.
Lead with the development and implementation of the Departments vulnerability management strategy including people, process, and technology elements.
Ensure organisation-specific vulnerability management policies, procedures and guidelines are aligned with organisational objectives and risk appetite.
Drive prioritisation of those vulnerabilities through a risk-based approach, to meet common organisational objectives such as regulatory compliance and audit functions.
In collaboration with other Security and Operational teams, Lead with the development of mitigation strategies in order reduce the Departments exposure to the risks presented by unaddressed security vulnerabilities.
Lead a team of Vulnerability Analysts to manage capability and resource levels and develop their skills, knowledge, and capabilities.
Use expert knowledge to lead and inform the investigation of cyber security vulnerabilities (risks), develop, and agree remediation and prioritisation actions within agreed KPIs, across multiple Digital functions to protect DWP systems.
Contribute to the delivery of security awareness to meet the objectives set out in Government Cyber Security Strategy.
Establish interfaces and working processes with other teams within Security and operational teams which have a shared responsibility to deliver a mature vulnerability management programme.
Person specification
When giving details in your CV you should highlight your experience in line with essential criteria below:
A broad platform knowledge and ability to conduct cybersecurity assessments from a multi-platform perspective.
Experience in a lea
About the Company
The Department for Work and Pensions (DWP) is the UK’s largest government department and is responsible for welfare, pensions and child maintenance policy. It administers the State Pension and a range of working age, disability and ill health benefits, serving around 20 million customers.
DWP is responsible for
• understanding and dealing with the causes of poverty rather than its symptoms
• encouraging people to work and making work pay
• encouraging disabled people and those with ill health to work and be independent
• pr...
Know more