CYBER SECURITY COMPLIANCE MANAGER

We are looking for a Cyber Security Compliance Manager (CSCM) to lead regulatory compliance in MBDA!

Salary: up to circa £75,000 depending on experience

Dynamic (hybrid) working: typically, 2 days per week on-site, due to workload classification

Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team. Security clearance is an essential requirement for this role (which our Personnel Security team will process), DV might be a requirement once in the role and depending on business requirements.

What we can offer you:

• Company Bonus: Bonus of up to 21% of base salary
• Pension: maximum total (employer and employee) contribution of up to 14%
• Flexible working: We welcome applicants who are looking for flexible working arrangements
• Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave - enhancements are available for paternity leave, neonatal leave and fertility testing and treatments
• Facilities: Fantastic site facilities including subsidised meals, free car parking and much more…

The opportunity:

Working on behalf of the UK CISO, a leader in regulatory compliance passionate about the execution and delivery of ISO27001, IT health checks, penetration testing and Cyber essentials compliance, with the flexibility to play a pivotal role in leading and consulting on cyber security engagements, across other cyber operations and initiatives. This is a key role ensuring alignment with both MBDA and customer security regulations and standards. As the CSCM you will manage and maintain ISO 27001 documentation and ISMS as other certifications as appropriate. You will be a critical leader in driving any remedial actions, presenting on internal lessons learned post incident, business continuity and disaster recovery within Cyber and InfoSec, identifying areas of improvement for controls, policies and procedures and inspiring change through engagements with relevant cyber security customers across MBDA UK. You will manage all remedial activity post testing. Report upwardly key performance indicators at regular intervals up to and including MBDA Directors. Proactively coordinate with the Principle Cyber and Information Security Advisor for all required secure by design and other assurance activities. Work to support the CISO and DCISO to create a network of Information Asset Owners and formally documenting risk and Information Asset Registers within your area of responsibility.

What we're looking for from you:

• Regulatory compliance knowledge, and deep understanding of regulatory frameworks and certifications such as GDPR, NIST, JSP, ISO27k series, SOC2 and NCSC CAF and certification such as Cyber Essentials and ISO27001, IT Health checks and penetration tests and Cyber essentials and Cyber essentials plus.
• Good understanding of classified government data and risk management, along with government legislation knowledge; ability to interpret security policies and how they might impact business operations.
• Hands on audit experience and in identifying and mitigating security risks in line with compliance requirements, and a deep understanding of the control standards needed to meet cyber certification and frameworks.
• A good understanding and experience of modern cyber-attack techniques, software and network security architectures and design principles, cloud services, operations, AI implementation and control and cryptography practices.
• Strong Dynamic Leadership experience managing assurance priorities and cyber engagements.
• An ability to build rapport and manage relationships with internal and external collaborators, national technical authorities and industry partners, and be a leader with outstanding influence and negotiation skills to manage customers, and drive initiatives that foster cyber certification as a business enabler.
• With clear industry standard qualification and experience are a must, such as ISC2 CISSP, ISACA CISM, CISA and CRISC, with additional audit capabilities and qualifications such as QICA, ISO Auditor or cyber essentials assessor however dispensation may be given for passion, commitment and enthusiasm with a proven working knowledge of certification, assurance and audit in the Cyber industry.

Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given. MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more… We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.