Job Specifications
LSEG is seeking a deeply technical, hands-on Infrastructure Vulnerability Management Engineer who is passionate about safeguarding complex environments and tackling challenging problems at scale. You will be responsible for identifying, analysing, and driving remediation of infrastructure vulnerabilities across our diverse estate.
Combining a hacker’s mindset with an engineer’s discipline, you’ll understand how vulnerabilities are exploited, how to detect and mitigate them, and how to design scalable, sustainable fixes. You will work closely with application, infrastructure, and governance teams to enhance our overall security posture and continuously improve our vulnerability management programme.
Who You Are
You are a curious and motivated problem-solver who thrives on technical depth and continuous learning. You enjoy delving into vulnerabilities, understanding how they function, and finding the most effective and scalable solutions. You take pride in making a measurable impact on real-world security, not just scanning and reporting.
You are collaborative, data-driven, and pragmatic, able to balance security rigour with engineering realities. Above all, you bring intellectual curiosity and drive to learn and adapt in an ever-evolving landscape.
Key Responsibilities
Core Capabilities & Remediation
Perform in-depth technical analysis and validation of infrastructure vulnerabilities, assessing risk, exploitability, and the potential business impact.
Develop, document, and deliver technical remediation guidance and solutions to enable application and infrastructure teams to remediate efficiently and consistently.
Collaborate with engineering and platform teams to vulnerability mitigation into systemic solutions like infrastructure as code (IaC) and automation pipelines.
Analysis, Consultation & Coordination
Analyse and review vulnerability findings from tools that identify infrastructure vulnerabilities; verify accuracy, identify and validate false positives, and identify systemic patterns.
Act as a trusted consultant to application and infrastructure teams by explaining findings, prioritising fixes, and supporting technical remediation plans.
Coordinate remediation activities across multiple teams, ensuring timely closure of high-risk vulnerabilities.
Manage and track the remediation backlog, maintaining focus on risk reduction and measurable progress.
Governance, Metrics & Continuous Improvement
Report on vulnerability metrics and remediation status, collaborating closely with the Vulnerability Management Governance function.
Review and approve exceptions or false-positive requests, balancing risk tolerance with operational realities.
Perform root cause analysis on recurring or systemic vulnerability issues, driving long-term prevention strategies.
Tune and optimise identification tools (e.g., Qualys) to enhance accuracy, signal-to-noise ratio, and detection coverage.
Required Skills & Experience
Strong technical background in systems and infrastructure (Linux/Windows servers, networking, virtualisation, cloud platforms).
Deep understanding of infrastructure vulnerabilities, their root causes, exploitation techniques, and mitigation strategies.
Hands-on experience with vulnerability management tools such as Qualys or similar platforms
Familiarity with patch management, secure configuration standards (CIS, NIST, ISO 27001), and change management processes.
Ability to develop scripts or automation (Python, PowerShell, Bash) to support data analysis and remediation workflows.
Strong analytical mindset: able to interpret scan data, prioritise based on risk, and communicate actionable insights to both technical and non-technical audiences.
Proven experience collaborating in cross-functional environments with security, DevOps, and infrastructure teams.
Career Stage:
Manager
London Stock Exchange Group (LSEG) Information:
Join us and be part of a team that values innovation, quality, and continuous improvement. If you're ready to take your career to the next level and make a significant impact, we'd love to hear from you.
LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.
Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.
Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce.
We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, s