Senior Vulnerability Manager
Job Description
Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.
Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.
Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.
About the role
The Senior Vulnerability Manager position is critical to protecting Haleon’s corporate assets and managing its day-to-day operational cyber security defenses. It involves the identification, assessment, prioritization and remediation of security vulnerabilities across systems, networks and applications. It requires close collaboration with IT, security and business teams to reduce risk exposure and strengthen the organization’s overall security posture.
Role Responsibilities
Oversee regular vulnerability scanning using industry tools (e.g., Tenable, Qualys, Rapid7).
Identify, priorities, report and communicate security vulnerabilities to IT teams responsible for remediation.
Determine vulnerability applicability based on the actual impact (risk, exploitability and business impact) on the organization and provide actionable remediation guidance.
Build and leverage relationships to influence IT Teams to patch their vulnerabilities and increase their vulnerability awareness and adoption.
Automate the vulnerability management processes to create efficiencies.
Consolidate all vulnerabilities identified by various security tools into an orchestration platform.
Partner with internal security teams (Threat Intel, Forensics, Incident Response, GRC, etc.) regarding ways to detect or block exploitation.
Monitor threat intelligence sources to identify emerging vulnerabilities and risks.
Validate remediation efforts through re-scanning and testing.
Maintain asset inventory alignment to ensure comprehensive coverage of vulnerability scans.
Develop and maintain vulnerability management policies, standards, and procedures.
Gain knowledge of vulnerability management industry standards, best practices & processes and apply them within the company.
Why you?
Basic Qualifications:
5+ in cybersecurity, with some experience of leading vulnerability management activity.
Master’s degree in computer science, Cyber Security or related field (or equivalent experience).
12 – 16 years’ experience working in a vulnerability management role.
Proven experience in vulnerability management, security operations or risk management.
Hands-on experience with vulnerability scanning tools.
Understanding of common vulnerabilities and exposures, CVSS scoring, remediation techniques, the Open Web Application Security Project and vulnerability management maturity models.
Understanding of Threat and Risk driven Vulnerability Management.
Preferred Qualifications:
Experience of scanning virtual machines, on-premises servers, workstations (Mac and Windows Laptops, VDIs etc.) and network devices.
Ability to interact with internal customers including information technology and business stakeholders.
Ability to lead during a zero-day or emergency vulnerabilities by orchestrating team and customer to address such events.
Excellent communication (both verbal and written) to translate technical issues into a non-technical language to the customer.
Ability to influence without authority.
Ability to work within a team environment, sharing workload and responsibility.
CISSP, GCIA, GCDA, GSOC, GCIH.
Job Posting End Date
2026-06-26
Equal Opportunities
Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.
During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees.
The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.
Adjustment or Accommodations Request
If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence.
Note to candidates
The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.