We are partnering with a major UK energy organisation to find an experienced Cyber Threat Intelligence & Vulnerability Management Lead. This high-impact leadership role will oversee all aspects of cyber threat intelligence and vulnerability management across the Group, helping protect critical infrastructure and enabling strategic security initiatives.

About the Role:
This position offers a unique opportunity to influence the development of security capabilities within one of the UK’s largest energy firms. You’ll lead the technical evolution of threat intelligence and vulnerability strategies, directly supporting senior leadership and contributing to the Group’s security maturity programme.
As a subject matter expert, you will mentor and manage a specialist team, lead engagements with law enforcement and government bodies, and define group-wide technical controls. The role plays a key part in aligning the organisation with emerging threats, regulatory requirements, and global best practices.

Key Responsibilities:

• Lead Cyber Threat Intelligence and Vulnerability Management strategies
• Guide the rollout of technical controls, policies, and threat intelligence platforms
• Manage and develop a specialist team (including Analysts and Specialists)
• Represent cyber intelligence at leadership and sector-wide working groups
• Define and maintain technical controls, SOC processes, and architectural frameworks
• Liaise with external agencies including law enforcement and NGOs
• Own cyber threat documentation, technical reporting, and toolkit implementation

Ideal Candidate:

• Proven leadership in threat intelligence and vulnerability management
• Strong knowledge of threat actor TTPs, IoCs, and threat hunting methodologies
• Familiarity with TIPs, security frameworks (NIST, ISO), and OT/ICS environments
• Excellent stakeholder engagement skills across corporate and operational domains
• Ability to communicate technical controls to senior leadership
• Experience influencing security culture and behaviour within large organisations

Desirable:

• Experience in energy, critical infrastructure, or highly regulated sectors
• Relevant certifications (e.g., CISSP, GCTI, GIAC, OSCP, or similar)
• Strong understanding of legal and regulatory requirements in the UK