Security Incident & Vulnerability Management Consultant - MUST HAVE MOD SC CLEARANCE - 6 months+

Security Incident & Vulnerability Management Consultant - MUST HAVE MOD SC CLEARANCE - Preston/London/Birmingham and remote - 6 months+/RATE: £585 per day inside IR35

One of our Blue Chip Clients is urgently looking for a Security Incident & Vulnerability Management Consultant.

Please find some details below:

CONTRACTOR MUST BE MOD SC CLEARED AND BE A SOLE UK NATIONAL

1. The candidates MOD SC must have been actively used within the last 12 months

1. The candidate must have 3 months left on their SC clearance to allow time for interview, offer and transfer of clearance

Location: Hybrid - 30% office (Preston, London or Birmingham), 70% home

MUST BE PAYE THROUGH UMBRELLA

Role Description:

Security Incident & Vulnerability Management Consultant
(Operational Integrator/SIAM - Transition Role)

UK Sole National ONLY
Security Clearance required

Role Summary
The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment.
The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence.
The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover.
This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.

Key Responsibilities
Governance & Process Alignment
Review and align existing supplier processes for:
o High-severity incident management (S3/S4)
o Vulnerability management, across suppliers from existing processes
Ensure processes are:
o Consistent across suppliers
o Aligned to client policy and regulatory requirements
Establish and govern:
o Incident severity classification and escalation thresholds
o Vulnerability prioritisation approaches (eg CVSS, KEV, EPSS)
o Exception and risk acceptance processes
Supplier Coordination (SIAM Model)
Coordinate multiple suppliers to ensure consistent handling of incidents and vulnerabilities
Act as the integration point across suppliers, aligning outputs without redesigning underlying processes into a common model
Identify and manage gaps in process maturity, coverage, data quality and Compliance with standards
Incident Management (S3/S4 Focus)
Govern the life cycle of high-severity incidents, including escalation, coordination, communication and reporting
Ensure suppliers:
o Detect and escalate incidents appropriately
o Meet defined escalation and communication expectations
o Maintain structured incident records
Define and agree the required level of visibility from SOC outputs, without requiring direct tooling access
Vulnerability Management (SOC-led)
Oversee the vulnerability life cycle from identification through to closure
Ensure vulnerabilities are:
o Prioritised consistently using agreed Client approaches
o Tracked through remediation or formal risk acceptance
Validate, track and monitor:
o Remediation timelines and SLA adherence
o Handling of high risk vulnerabilities, exceptions and waivers
Identify risks relating to:
o Incomplete asset coverage
o Obsolescent, Legacy or non-patchable systems
Evidence & Assurance
Define and align evidence requirements for both:
o Incident management (event, escalation, response, closure)
o Vulnerability management (identify, track, remediate, validate)
Ensure outputs are:
o Consistent across suppliers
o Traceable to risks and controls
o Audit ready
Provide assurance that both domains align with ISMS and control requirements
Reporting & Transition Support
Support domain-specific reporting for:
o Major incidents (S3/S4)
o Vulnerability risk and remediation status
Support governance forums with clear, evidence-based reporting
Establish a transition baseline that enables a clean handover of processes to BAU without redesign

Key Skills & Experience
Essential
Experience in security incident management, vulnerability management, or cyber governance roles
Strong understanding of:
o Incident management life cycle (detect, respond, recover)
o Vulnerability life cycle (identify, prioritise, remediate, validate)
Experience working in multi-supplier or SIAM environments
Ability to interpret outputs from SOC and vulnerability tooling without direct ownership

Desirable
Familiarity with NIST CSF, NCSC or UK Government security guidance
Experience in Defence sector or highly regulated environments
Exposure to audit, assurance or ISMS processes
ITIL alignment

Key Deliverables
Standardised and aligned incident and vulnerability management processes
Consistent supplier reporting and life cycle governance
Evidence models supporting audit and assurance
Established transition baseline for BAU handover

Please send CV for full details and immediate interviews. We are a preferred supplier to the client.