Threat and Vulnerability Manager

We're Kingfisher, a team of over 74,000 passionate people bringing the Kingfisher brands - B&Q, Screwfix, Brico Depot, Castorama, and Koçtaş - to life. Our ambition is to become the leading home improvement company in the world and grow the largest community of home improvers worldwide. That's where you come in.

We welcome colleagues from all walks of life and treat everyone equally, regardless of age, gender, marital status, ethnicity, religion, disability, gender identity, sexual orientation or any other protected characteristic.

We offer flexible working arrangements, with a mix of remote and office time in London, Southampton, and Yeovil. Please speak with us about how we can best support you.

Overview

We have a brand new opportunity for a dedicated Threat and Vulnerability Manager to join our growing Security Operations team. This senior, pivotal role leads efforts to protect and improve Kingfisher's global technology estate by managing and reducing vulnerability risk. Your work ensures our systems remain resilient against evolving threats, minimizing risks of business disruption, reputational damage, and consumer impact from unpatched, mis configured, or poorly maintained systems.

This role is based at our Head Office in Paddington, with an expectation of 12 days in the office per month.

Responsibilities

• Manage Kingfisher's global vulnerability posture from identification through remediation.
• Own and optimise vulnerability management tools and processes to maximise effectiveness.
• Drive remediation efforts with internal and external teams to improve security across endpoints, servers, networks, and applications.
• Produce clear metrics and KPIs to track vulnerability risk and remediation progress.
• Chair vulnerability management forums and provide leadership across the global community.
• Monitor emerging threats and proactively lead improvements to vulnerability management capabilities.
• Support threat modelling activities to anticipate and mitigate potential risks.

Qualifications

• Proven experience in an enterprise wide vulnerability management role in a complex, global environment.
• Professional security certification (e.g., CISSP, CCSP) or equivalent technical credentials.
• Strong knowledge of vulnerability management, threat modelling, and international security standards.
• Working knowledge of compliance requirements (e.g., GDPR, PCI DSS, UK Data Protection Act).
• Good understanding of common vulnerabilities and remediation practices across Windows, Linux, and web applications.

Our Behaviours

• Be Customer Focused - constantly improving our customers' experience.
• Be Human - acting with humanity and care; doing the right thing.
• Be Curious - thrive on learning, thinking beyond the obvious; building and sharing new ideas.
• Be Agile - working with trust, pace and agility; having courage to be creative, "done is better than perfect," aiming for 80/20.
• Be Inclusive - acting inclusively in diverse teams; embracing allyship and self awareness.
• Be Accountable - championing the plan to deliver results and growth; owning actions and understanding the Kingfisher plan.

At Kingfisher, we value the perspectives that any new team members bring, and we want to hear from you. We encourage you to apply even if you do not meet 100 % of the requirements.

In return, we offer an inclusive environment where what you can achieve is limited only by your imagination. We encourage new ideas, actively support experimentation, and strive to build an environment where everyone can be their best self.

What We Offer Private Health Care

Opportunity to receive up to family level cover with AXA. Join within three months of starting or at annual renewal in April. (Benefit in Kind tax applies.)

Kingfisher Pension Scheme

Immediate eligibility through auto enrolment. Contribute 8 % to receive a max 14 % from the Company.

25 Days' Holiday

25 days per annum plus bank holidays as stated in your contract (pro rated for part time colleagues).

Staff Discount

20 % discount at B&Q and Screwfix. Eligible after 3 months service.

Kingfisher Share Incentive Plan (SIP)

Share ownership in a tax efficient way. Save between £10 to £150 per month. Join at any time once three months service is reached.

Life Assurance

4 Salary plus benefit equal to the value of your Retirement Account (if an active member of KPS MP) or 1 Salary if not active member.

Bonus

Competitive bonus scheme that aligns to the work level of the role.

Kingfisher Share Save

Save with the option to buy Kingfisher plc shares at the end of a 3 or 5 year period. Offered annually. Three months service is required at the annual invitation date (normally in October).

Training & Development

There are many ways to grow, learn, and develop at Kingfisher-at whatever pace suits you.

Application Process Step 1: Application

Send in your application via our Kingfisher Careers website.

Step 2: Review

A member of the Talent Acquisition team will review your application and let you know if you have progressed to the next stage.

Step 3: Interview 1

You'll have a telephone interview/one to one conversation with a recruiter.

Step 4: Interview 2

As you progress, you'll be invited to attend a face to face or virtual interview.

Step 5: Feedback

Your recruiter will provide feedback and, if successful, the details of your job offer.

Interested? Great-apply now and help us power the possible.