At a Glance
- Tasks: Monitor and manage external security risks to protect vital assets.
- Company: Join BAE Systems, a leader in cyber security and innovation.
- Benefits: Competitive salary, flexible working, and support for personal wellbeing.
- Other info: Inclusive workplace with diverse perspectives and excellent career growth.
- Why this job: Make a real impact in cyber security while protecting those who serve.
- Qualifications: Strong analytical skills and a background in cyber security required.
The predicted salary is between 60000 - 80000 £ per year.
Job Location: Preston or Frimley – Hybrid- 2 days a month onsite. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.
Circa £45,000 depending on skills and experience.
Join BAE Systems and you’ll be part of something bigger. As a valued member of our global colleague network, you’ll bring your unique skills and perspectives to help pioneer progress and protect what matters most. You will help support and maintain the Global Attack Surface Management service, to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance.
- Monitor and maintain visibility of the organisation’s external attack surface, identifying unknown, unmanaged, or misconfigured internet‑facing assets before they can be exploited.
- Triage, analyse, and validate external security exposures and vulnerabilities, helping prioritise risk based on exploitability and potential business impact.
- Work closely with Threat Intelligence, Vulnerability Management, and Cyber Operations teams to coordinate remediation across networks, applications, cloud, and SaaS environments.
- Support Continuous Threat Exposure Management (CTEM) initiatives, contributing to real‑time tracking and reduction of external security risk.
- Good technical background in cyber security, with in‑depth knowledge of computer networks, operating systems, and how internet‑facing systems are exposed, discovered, and targeted.
- Clear understanding of external risk drivers, such as publicly accessible services, web applications, APIs, SaaS platforms, cloud misconfigurations, Shadow IT, and legacy or forgotten assets.
- Strong analytical capability, comfortable working with large and complex datasets from EASM and scanning tools to identify patterns, prioritise risk, and support data‑driven decision making.
- Ability to articulate external security risk clearly, translating technical findings into meaningful insights, conclusions, and recommendations for operational and stakeholder audiences.
Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and services we create across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability.
You’ll be recognised for your contribution and enjoy rewards tailored to what’s most important to you and your family – support for your financial and personal wellbeing, as well as a balanced lifestyle.
We’re committed to building an inclusive workplace where everyone feels valued and supported. We know that a diversity of backgrounds, perspectives and experiences strengthens our teams and is vital to the work we do.