Location(s): UK, Europe & Africa : UK : Manchester || UK, Europe & Africa : UK : Gloucester 

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Vulnerability and Protective Monitoring Liaison Officer (Operations - Classified) 

Gloucester or Manchester based

Please note this role requires going through Enhanced DV clearance, so you must hold British Nationality and have lived in the UK for at least the last 10 years with no breaks

Role summary

This role is primarily focused on the operational security support to our classified networks, role is responsible for providing technical expertise and guidance, including strategic vision, whilst also part of the team providing best practice and frameworks for IT Services within the organisation.

As a Classified Cyber Security Vulnerability and Protective Monitoring Liaison Officer, you will be focused on the Operational Security team’s responsibilities to support Classified Enterprise networks, primarily through Vulnerability and Protective Monitoring analysis, incident response and compliance. 

You will have broad demonstrable knowledge and extensive technical experience across technologies / tools within the classified arena.
 

Please note that due to the secure nature of the role this is a fully onsite position, with the primary site being our Gloucester site or our new Manchester offices

What you'll be doing

• Security Incident response and reporting, including Security Vulnerability and Protective Monitoring incidents across the Enterprise Classified estate.
• Security alert review for networks and solutions, effectively prioritise and escalate incidents, from Splunk, and SOC tools, as well as acting on other threat intelligence.
• The role supports the co-authoring of playbook/rules, vulnerability scanning configuration, and Incident response of alerts/reports (primarily via Splunk and other SOC tools).   
• Classified network Auditing and Compliance review
• Vulnerability management (Patching, COTS & OS) assessments
• Assist with any security tasks as deemed appropriate by the Chief Security Officer or Head of Information Security
• Promote and ensure BAE Systems Behaviours
• Knowledge of industry security regulations, for example ISO27001 and ISO9001

What we’re looking for

Requirements:

• Significant experience of UK Government Security frameworks/regulations, such as:
  • Cabinet Office Security Policy Framework;
  • Joint Service Publication 440/441/490;
• Information Assurance Standards;
• Approved security products and build standards;
• Working knowledge and experience in developing and reporting performance and risk metrics (e.g., KPIs/KRIs – Status Reporting and Dashboard for senior management)
• Working knowledge and experience in leading and performing data security, data privacy discussions, reviews, and IT/security audits
• Data security or security architecture and engineering experience
• Previous security experience with cloud security environments
• Demonstrated ability to work within matrixed resources in a team environment. Possesses strong organisational, time management and diplomacy skills
• Independent tasking and project completion with little supervision is a must
• Excellent analytical and problem-solving skills as well as interpersonal skills to interact with users, team members and senior management
• Progressive experience with increasing responsibilities within Information Security Dept. (e.g., Cyber SecOps, Security Architecture & Engineering, and/or Data Security/Forensic Analysis)

Desirable Qualifications:

• Experience of UK affecting Security certifications/regulations, such as: ISO27001, NIST SP800-53 framework, Information Assurance Standards, Approved security products and build standards, Cyber Essentials Plus   
• Experience in the use of security toolsets used for vulnerability scanning (Tanium), protective monitoring (Splunk and other SEIM tools), email security, cryptography,  identity and access management, end user behavioural analysis, statistical anomaly detection, security log collection, collation and analysis.
• Excellent communications & MS Office skills;
• Desirable certifications include recognised security qualification such as CompTIA Network and Security + or equivalent.
• Ability to obtain Developed Vetting National Security Clearance;

Life at BAE Systems Digital Intelligence 

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.

By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.

Division overview: Functions

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and the business could not operate without all the dedicated work of our Functions teams. From Finance & Operations through Communications & Marketing, to HR and Site Operations and more, our Functions teams enable our divisions to implement ground-breaking digital transformations and crucial defence software.

As part of Functions, you will be supporting and partnering with our global business from the backline, being a strategic advisor within your specialist area, and ensuring the business runs smoothly and efficiently. We all have a role to play in defending our clients; and this is yours.