Correla are looking for a Vulnerability Management Lead to join our Security Operations team.
Salary: circa £53,000 (advertised salary achievable for a candidate fulfilling all role criteria)
Job Type: Permanent
About us
In March 2021, Correla was created, as an independently owned business to bring in private investment to fuel innovation in the centre of the energy market and beyond.
Correla is derived from correlation, because we’re all about exploring and enhancing relationships between data, people, and processes. Our SaaS products and Managed Service solutions combine to power industry innovation, simplify an increasingly complex market, and deliver cost and operational efficiencies.
Our goal is to support industry transformation, to move to a net-zero future and to positively impact the end-consumer.
About the Role
- Own and administer the vulnerability management platform, ensuring full and accurate scan coverage across infrastructure, applications, and cloud environments.
- Maintain and continually improve vulnerability management policies, processes, SLAs, and reporting standards in alignment with industry and regulatory expectations.
- Plan, execute, and validate vulnerability scans, analysing results to confirm accuracy, assess impact, and prioritise remediation.
- Provide regular reporting and dashboards to technical and leadership stakeholders, highlighting trends, key risks, and remediation progress.
- Coordinate remediation efforts with internal teams and third-party suppliers, managing timelines, supporting escalation of high-risk issues, and ensuring alignment with security policies.
- Drive continual enhancement of VM operations, including automation, ITSM/reporting integration, vendor/tooling management, and contribution to wider security awareness initiatives.
About You
- Deep understanding of vulnerability management concepts, scanning methodologies, and remediation coordination.
- Proven experience managing enterprise vulnerability tools and interpreting complex scan data into actionable insights.
- Strong knowledge of security frameworks such as NIST, ISO 27001, and CIS Controls.
- Excellent stakeholder management and communication skills, able to translate technical findings into business context.
- Experience working with third-party suppliers and managed service providers to align patching and remediation activities with internal policy.
- Strong analytical, organisational, and reporting abilities with attention to detail.
- Familiarity with automation tools and scripting for process efficiency (e.g., PowerShell, Python, or API integrations).
- Relevant certifications (Security+, CySA+, CVE/CVSS knowledge, or equivalent experience) desirable.
What we offer
- Locate for your day
- Uncapped annual leave
- 6-12% Pension Contribution
- Private Healthcare
- 26 weeks’ full pay equal parent leave
- Wellbeing Services
- And more!
At Correla, we are committed to working towards being a more diverse and inclusive workplace where our people can truly be themselves. We recognise the benefits of having talented people from a range of backgrounds and cultures who bring different perspectives, life experiences and diversity of thinking.
Our aim is to attract and retain the very best diverse talent to help create an exciting, innovative, and successful business that enables us to deliver an exceptional experience for our customers. We would therefore like to encourage applications from people with varied skillsets and experience and from different backgrounds and sectors to help shape our future.
Correla is an Equal Opportunities Employer. We believe in equality of opportunity regardless of race or racial group, ancestry, place of origin, ethnicity, sex, sexual orientation, gender identity, gender expression, gender re-assignment, age, record of offences, marital/civil partnership status, family status, pregnancy, maternity and paternity, religion/belief or disability. We promise that your opportunity for employment with us depends solely on your qualifications and relevant experience.