This vacancy is now closed

Contract type
Full time

Iceland have a vacancy for a Vulnerability Manager within the Cyber Security team. This will be minimum 2 days on-site at our Deeside Head Office.

The Vulnerability Manager will take responsibility for identifying, understanding, managing, and communicating risks to the business as a result of software and infrastructure vulnerabilities. 

The successful candidate will work with owners of internally developed software, 3rd party software, and on-premise/cloud infrastructure to identify vulnerabilities within the Iceland environment.  They will then use their vulnerability management experience to provide a prioritised understanding of risks posed to the business by these vulnerabilities. 

The Vulnerability Manager will be given leeway to further evolve the vulnerability management process based upon their experience. 

Responsibility for continuous vulnerability scanning, and the management of periodic independent vulnerability assessments will be within the remit of the Vulnerability Manager. 

Providing assurance of effective and comprehensive patch management will also form part of this role. 



First and foremost, you need to be an “Iceland Person”.  We are agile and not bound by too much ‘red tape’ - decision chains are typically very short.  You will enjoy working in a fast-paced flexible business where everyone is passionate about making customers happy – regardless how far removed from the shop floor they are. 

You will be the kind of person who understands the value of direct real-time communication as a means of gaining buy-in and building relationships.  You will be structured and organised in your approach and will be able to effectively communicate complex technical topics to non-technical colleagues. 

Cyber Security will be an area that interests you both professionally and personally.  You will keep abreast of current trends, threats, and innovations through a variety of sources. 



The Vulnerability Manager we are looking for will have a number of years’ experience performing a similar role at other organisations.  Cyber Security qualifications and experience of other Cyber Security disciplines will be a bonus. 

You will have a track record of establishing and evolving Vulnerability Management processes – not just on the technical side, but also influencing culture change through communication and building relationships. 


  • An in-depth understanding of what security vulnerabilities are, how they are categorised, how they can be remediated, and what risks they pose is essential. 
  • The ability to be able to prioritise the remediation of vulnerabilities based on threat intelligence and business context is essential. 
  • You will be highly competent in producing meaningful reports and communicating to relevant stakeholders. 
  • Experience of working with Microsoft Defender and reputable SAST, SCA, and CSPM tools is highly desirable.   
  • You will be completely comfortable with Microsoft’s productivity tools for documentation, presentation, and data analysis. 
  • A high degree of understanding in patch management and security configuration management is required. 
  • Experience of performing and/or managing penetration testing is advantageous. 



  • Flexible working
  • 25 days holiday, plus 8 days bank holiday
  • 15% store discount, 30% club individual restaurant discount
  • Highly subsidised restaurant onsite with our own Michelin Star Chef!
  • Subsidised Costa onsite
  • Discounted gym membership
  • Enhanced maternity/paternity leave
  • Online discounts at over 150 retailers and cashback on shopping, holidays, insurance and more!

Sunday Times Top 25 big companies to work for - 2020