MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.Salary
: Circa £55,000 - £65,000
depending on experienceWhat we can offer you:
Dynamic (hybrid) working:
- Bonus of up to 21% of base salary
- Pension of maximum total (employer and employee) contribution of up to 14%
- Parental benefits including up to 26 weeks full pay for maternity, paternity, adoption, neonatal and shared parental leave
- Fantastic site facilities, including subsidised meals, free car parking and gym on site at Stevenage
- Excellent career progression and development opportunities
- We may be able to offer a relocation package for this role
We trust our people to agree, within their teams, where and when they can be most effective. Our Dynamic Working policy allows individuals flexibility around the hours they work and where they work. Typically for this role you will work 2-3 days per week on-site.The opportunity:
An opportunity has arisen for a role in the MBDA Security Operations Centre. You will support the IM SOC to defend against cyber threats and vulnerabilities by ensuring the IM environment is following best practice. You will also ensure it remains compliant by proactively managing identified vulnerabilities that could be exploited.
You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. This role has first line management responsibilities. This is a traversal function that covers all areas of IM and the business which will require international collaboration.What we're looking for from you:
What to expect:
- Familiarity with Infrastructure and web application scanning tools (e.g. Tenable or Qualys) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC)
- Demonstrable experience managing vulnerabilities (planning and remediation)
- Experience of first line management
- A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans
- Experience or knowledge of risk management frameworks (e.g CIS, NIST)
- Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP).
- An in depth understanding of cyber security technologies and applicable security controls
- A good understanding of information security principles and best-practices
- Ability to carry out risk assessments
- Effective supplier engagement and collaboration
- Report and track remediation activities affecting all Infrastructure and applications within the IM estate.
- First line management of vulnerability analysts.
- Support compliance and due diligence led activities and audits, including regulatory updates.
- Collaborate with teams and stakeholders to create both tactical and strategic plans as it relates to vulnerability management or accreditation compliance.
- Champion security best practice within technology and be regarded as the ‘go-to' individual for vulnerability management.
- Provide security and remediation advice to cross-business partners at a technical level.
- Proactive identification and communication of external themes and threats.
- Advise technical and non-technical audiences on appropriate prioritisation of patch deployment and remediation activities.
- Manage vulnerability remediation by suppliers and teams through re-test & closure.
- Help drive security maturity in vulnerability management and security in general across the entire business, through positive engagement and teaching.
- Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling.
- Manage the remediation plan of vulnerabilities discovered during penetration tests and IT health checks.
- Provide vulnerability assessment scan guidance and process oversight.
We respect new perspectives and experiences, and we value our collaborative ways of working. We are committed to growing and supporting diversity in our workforce and ensuring everyone has an equal opportunity to reach their potential. MBDA is proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity and more...
We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements.
Follow us on LinkedIn (MBDA), Twitter (@MBDAcareers), Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.Please Note
: MBDA UK Limited requires all employees to achieve the required medical and national security clearance for their role. Further restrictions and/or limitations relating to nationality and/or rights to work may also apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.
Due to the nature of our business, this particular vacancy requires the applicant as a minimum to be a British Citizen or a Dual UK national with British citizenship and capable of achieving the clearance levels mentioned above.