Vulnerability and Compliance Manager

About the job

An opportunity has arisen for a role in the MBDA Cyber Security Operations Centre (SOC). This role can be as hands on or off as you see fit to achieve the service mission

Job Title: Vulnerability and Compliance Manager

Salary:  Circa £65,000 dependent on experience

Location: Stevenage

Dynamic (hybrid) working: 2-3 days per week on-site due to workload classification

Security Clearance: British Citizen or a Dual UK national with British citizenship

Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

The opportunity:

Reporting to the UK Head of Cyber Security Services, you will support the Information Management (IM) SOC to defend against cyber threats and vulnerabilities by ensuring the IM environments are following best practice and remain compliant by proactively managing identified vulnerabilities that could be exploited.

Provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. This is a key position in driving the cyber essentials plus assessment and remediation phases, including scoping and planning.

We are a traversal function that cover all areas of IM and the business which will require international collaboration across MBDA Group.

• Report and track remediation activities affecting all Infrastructure and applications within the IM estate.
• First line management of vulnerability analysts.
• Manage compliance and due diligence led activities and audits, including regulatory updates within IM, including CE+ and ISO27001 assessments.
• Collaborate with teams and stakeholders to create both tactical and strategic plans as it relates to vulnerability management or accreditation compliance.
• Champion security best practice within technology and be regarded as the ‘go-to' individual for vulnerability management.
• Provide security and remediation advice across the business at a technical level.
• Proactive identification and communication of external themes and threats.
• Advise technical and non-technical audiences on appropriate prioritisation of patch deployment and remediation activities.
• Manage vulnerability remediation by suppliers and teams through re-test & closure.
• Help drive security maturity in vulnerability management and security in general across the entire business, through positive engagement, teaching, and leadership.
• Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling.
• Manage the remediation plan of vulnerabilities discovered during penetration tests and IT health checks.
• Provide vulnerability assessment scan guidance and process oversight.

What we're looking for from you:

• Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC)
• Experience of managing vulnerabilities (planning and remediation)
• A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans
• Experience or knowledge of risk management frameworks (e.g. CIS, NIST)
• Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP).
• An in depth understanding of cyber security technologies and applicable security controls, Tenable.IO and Tenable.SC experience is desirable
• A good understanding of information security principles and best-practices
• Ability to carry out risk assessments
• Supplier engagement and collaboration experience

Interested? Click Apply Now!

Our company:

MBDA is a leading defence organisation.  We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.

What we can offer you:

• Company Bonus: Bonus of up to 21% of base salary
• Pension: maximum total (employer and employee) contribution of up to 14%
• Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave. Enhancements are available for paternity leave, neonatal leave and fertility testing and treatments.
• Facilities: Fantastic site facilities including subsidised meals, free car parking and much more…
• Training and Development: Excellent career progression, training and career development opportunities

Our Business:

We respect new perspectives and experiences, and we value our collaborative ways of working. We are committed to growing and supporting diversity in our workforce and ensuring everyone has an equal opportunity to reach their potential.   MBDA is proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity and more…

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements.

Follow us on LinkedIn (MBDA), X (@MBDA_UK), Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.