Vulnerability and Compliance Manager

Employer
MBDA
Location
Stevenage
Salary
Competitive
Closing date
23 Oct 2022

Job Details

MBDA Missile Systems - Together. For the future of defence.
Salary: Up to £62,000 dependent on experience + bonus + benefits

Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working.
The opportunity:
An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited.

You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation.

You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs.

The Role
  • Report and track remediation activities affecting all Infrastructure and applications within the IM estate.
  • First line management of vulnerability analysts.
  • Support compliance and due diligence led activities and audits, including regulatory updates.
  • Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level.
  • Champion security best practice within technology and be regarded as the ‘go-to' individual for security vulnerability management.
  • Advise technical and non-technical audiences on appropriate prioritisation of patch deployment.
  • Manage vulnerability remediation by suppliers and teams through re-test & closure.
  • Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching.
  • Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling.
  • Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks.
  • Provide vulnerability assessment scan guidance and process oversight.
What we're looking for from you:
  • Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC)
  • Managing vulnerabilities 2+ years (planning and remediation)
  • 2+ years of first line management
  • A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans
  • Experience or knowledge of risk management frameworks (e.g CIS, NIST)
  • Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP).
  • An in depth understanding of cyber security technologies and applicable security controls
  • A good understanding of information security principles and best-practices
  • Ability to carry out risk assessments
  • Supplier engagement and collaboration
What to expect:
We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities.

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements.

Follow us on LinkedIn (MBDA), Twitter (@MBDAcareers), Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.

Please Note: MBDA UK requires all employees to achieve appropriate clearances.

Company

MBDA, a world leader in missiles and missile systems, is a multi-national group with 10,000 employees working across France, the United Kingdom, Italy, Germany, Spain and the United States. It has three major aeronautical and defence shareholders - Airbus Group (37.5%), BAE Systems (37.5%) and Finmeccanica (25%) - and is the first truly integrated European defence company. In 2013, the Group recorded a turnover of 2.8 billion euros, produced about 3,000 missiles and added 4 billion euros of new orders to the order book which now stands at 10.8 billion euros. MBDA works with over 90 armed forces worldwide.

MBDA was created in December 2001, after the merger of the main missile producers in France, Italy and the UK. Each of these companies contributed the experience gained from fifty years of technological and operational success. The restructuring of the industry in Europe was completed with the acquisition of the German subsidiary EADS/LFK in March 2006. This further enriched MBDA’s range of technologies and products, consolidating the Group’s world-leading position in the industry.

MBDA is the only Group capable of designing and producing missiles and missile systems to meet the whole range of current and future operational requirements for the three armed forces (army, navy, air force). Overall, the Group offers a range of 45 products in service and another 15 in development.

The Group has demonstrated its ability to bring together the best skills across the whole of Europe and as a result has been chosen to lead a series of strategic multi-national programmes. These include the six-nation Meteor air superiority weapon, the Franco-British conventionally armed cruise missile, Storm Shadow/SCALP, and a family of air defence systems based on the Aster missile for France and Italy (for ground and naval based air defence) and for the UK (naval air defence for the Royal Navy’s Type 45 destroyers).

The mastery of cutting-edge technologies is not only an advantage for MBDA in successfully developing and producing new products. It is also a means of guaranteeing customers that innovations can be made to existing products during their life span in order to meet constantly changing specifications arising from increasingly complex engagement scenarios. It is precisely this combination which makes MBDA the defence sector partner of choice in many countries around the world.

MBDA Careers

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert

Similar jobs