Job Title: Resilience Vulnerability Management Lead
Contract Length: 10 months (initial)
Location: Sheffield Hybrid
Sector: Financial Services
IR35 Status: Inside IR35

Overview

We are working with a leading financial services organisation to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This role is critical to supporting the organisations Operational Resilience and Vulnerability Management objectives, ensuring Important Business Services (IBS) are resilient, well-governed, and compliant with internal standards and regulatory expectations.

You will work in a hybrid model from Sheffield, collaborating closely with IT Service Owners, Service Sustainability Leads, and senior stakeholders across technology and the business.

Key ResponsibilitiesResilience Assessment (TRVA)

• Lead resilience assessments (TRVA) for multiple IBS applications across front-office and back-office environments
• Ensure alignment with internal operational resilience standards
• Review architecture documents and application artefacts, leveraging data from enterprise platforms
• Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings
• Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities
• Drive timely sign-off of assessments by all required stakeholders
• Consolidate findings into clear, comprehensive reports with actionable remediation recommendations
• Raise identified vulnerabilities in line with governance requirements
• Contribute to executive-level summaries and participate in stakeholder presentations

Vulnerability Management

• Manage the end-to-end vulnerability lifecycle, including:

  • Creation and approval
  • Tolerance assessments
  • Progress tracking and reporting
  • Remediation and closure governance
  • Closure pack preparation, QA, approval, and final closure

• Conduct control reviews outside standard assessments and raise vulnerabilities where required

• Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans

• Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details

• Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date

• Support other Lines of Business with tolerance assessments for MSS-owned applications

• Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes

• Ensure remediation actions are accurately reflected in golden source systems

• Prepare high-quality closure packs with supporting evidence

• Produce Risk & Control Management Meeting packs and stakeholder reports

• Represent the team in governance forums when required

• Contribute inputs to consolidated CIB-level reporting

• Participate in vulnerability portal feature testing, providing feedback and backlog requirements

• Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums

Qualifications & Experience

• Bachelors degree in IT, Computer Science, or a related discipline (or equivalent professional experience)

• Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution

• Strong understanding of:

  • Operational resilience frameworks
  • Vulnerability lifecycle management
  • Regulatory and governance requirements

• Demonstrated ability to manage complex assessments across multiple applications and stakeholders

Key Capabilities

• Strong analytical and problem-solving skills
• Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences
• High attention to detail and strong commitment to quality
• Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment
• Confident stakeholder manager with experience driving cross-functional outcomes

Whats on Offer

• Competitive inside IR35 day rate
• Long initial contract (10 months) with potential extension
• Hybrid working model in Sheffield
• Opportunity to play a key role in strengthening operational resilience within a major financial services organisation

If you are an experienced Resilience or Vulnerability Management Lead looking for your next contract role, wed be keen to hear from you.