Head of Security Testing – Vulnerability Management at Kantar | Hybrid Hired

About the role

Head of Security Testing and Vulnerability Management at Kantar leading enterprise-wide strategy for security testing and vulnerability assessment. Ensuring robust security posture across all technology environments.

Responsibilities

Lead the enterprise-wide strategy and execution for security testing, vulnerability assessment, and remediation programs.
Ensure the organisation maintains a robust security posture by proactively identifying, assessing, and mitigating vulnerabilities across infrastructure, applications, and cloud environments.
Define and implement a global security testing and vulnerability management strategy aligned with enterprise risk objectives.
Establish governance frameworks, KPIs, and reporting mechanisms for security testing and vulnerability management.
Oversee penetration testing, red teaming, and application security testing programs.
Manage vulnerability scanning, prioritisation, and remediation workflows across all technology stacks.
Ensure timely patching and mitigation of critical vulnerabilities in collaboration with IT, engineering teams and wider business units.
Align vulnerability management practices with regulatory requirements (e.g., ISO 27001, NIST, CIS).
Provide executive level reporting on risk exposure and remediation progress.
Drive automation and integration of vulnerability management tools into CI/CD pipelines.
Stay ahead of emerging threats and testing methodologies to enhance security resilience.
Build and lead a team of security testing and vulnerability management professionals.
Foster a culture of accountability, collaboration, and continuous learning.

Requirements

Proven experience in leading global security testing and vulnerability management programs.
Strong knowledge of penetration testing, vulnerability scanning tools (e.g., Qualys, Microsoft Defender Vulnerability Management, etc), and secure development practices.
Expertise in integration with risk management frameworks.
Excellent team leadership, stakeholder management, and communication skills.
Ability to operate in a complex, multi-regional environment with diverse technology landscapes.
Preferred Qualifications: CISSP, OSCP, or equivalent certifications.
Experience with cloud security (Azure) and DevSecOps practices.
Background in large-scale enterprise environments.

Benefits

Opportunity to shape global security strategy in a high-impact leadership role.
Work with cutting-edge technologies and a world-class cyber security team.
Competitive compensation and benefits package.

Similar roles

Browse all Security Engineer jobs

23 minutes ago

OP

Senior Sales, Security Engineer

Optiv

Senior Security Advisor designing advanced security solutions for Optiv’s clients. Driving sales and building relationships in a competitive cyber security landscape.

Hybrid Role

San Diego United States Security Engineer

$200,000 - $250,000 per year

1 hour ago

PI

Personnel Security Specialist – Intake Lead

Protection Strategies Incorporated

Personnel Security Specialist leading intake operations at PSI. Focused on case coordination, quality assurance, and team training for security suitability tasks.

Onsite Role

Springfield United States Security Engineer

1 hour ago

BR

Security Coordinator

BronxWorks

Security Coordinator overseeing supervision and training of security personnel for BronxWorks' homeless services programs. Ensuring compliance, safety, and coordination with social services directors in Bronx area.

Onsite Role

Bronx United States Security Engineer

$0 - $75,064 per year

2 hours ago

I(

Security Officer

Integrated Pharma Solutions (IPS)

Part - Time Security Officer safeguarding personnel and property at Kaman Air Vehicles. Providing access control, monitoring systems, and responding to incidents in Bloomfield, CT.

Onsite Role

Bloomfield United States Security Engineer

$19 - $23 per hour

3 hours ago

GS

Security Officer

Gaumard Scientific

Security Officer responsible for maintaining a safe environment for clients and employees. Enforcing policies and responding to emergencies at the client's site.

Onsite Role

Miami United States Security Engineer

5 hours ago

DE

Senior Security Advisor

Desjardins

Senior Security Advisor enhancing security measures to align with corporate objectives at Desjardins. Leading development of strategic initiatives and overseeing best practices in security.

Hybrid Role

Montréal Canada Security Engineer

5 hours ago

WO

Controls Professional – Digital Security

Workday

Controls Professional assessing internal control frameworks at Barclays, improving control effectiveness and managing risks to ensure compliance with regulations.

Onsite Role

London United Kingdom Security Engineer

6 hours ago

WF

Senior Information Security Engineer – Cyber Threat Fusion Center

Wells Fargo

Senior Information Security Engineer at Wells Fargo investigating insider threats and strengthening cybersecurity measures. Conducting advanced investigations and collaborating with cyber teams to mitigate risks.

Onsite Role

Charlotte United States Security Engineer

7 hours ago

TE

Staff Product Manager – Enterprise Security

Tenable

Staff Product Manager overseeing enterprise security product strategy for Tenable. Collaborating with various teams to deliver customer - focused solutions and product features.

Hybrid Role

United States Security Engineer

$163,000 - $217,667 per year

7 hours ago

GT

Program Security Representative – III

General Dynamics Information Technology

Program Security Representative providing multi - discipline security support for Special Access Programs. Ensuring compliance, developing policies, and conducting security assessments in a military context.

Onsite Role

Bedford United States Security Engineer

$135,150 - $182,850 per year