Classified Networks Vulnerability and Protective Monitoring Liaison Officer in Manchester

Location(s): UK, Europe & Africa – Manchester, UK. (Fully onsite due to the secure nature of the role)

What You’ll Be Doing:

• Security Incident response and reporting, including Security Vulnerability and Protective Monitoring incidents across the Enterprise Classified estate.
• Security alert review for networks and solutions, effectively prioritise and escalate incidents from Splunk, SOC tools and other threat intelligence sources.
• Co-authoring playbooks/rules, vulnerability scanning configuration, and incident response of alerts/reports (primarily via Splunk and other SOC tools).
• Classified network auditing and compliance review.
• Responding to Information Security and IT incidents for Enterprise networks.
• Vulnerability management (patching, COTS & OS) assessments.
• Assist with any security tasks as deemed appropriate by the Chief Security Officer or Head of Information Security.
• Promote and ensure BAE Systems Behaviours.

Knowledge of industry security regulations, e.g., ISO27001 and ISO9001.

Your Skills And Experiences:

• Experience monitoring, triaging, analysing and investigating alerts, log data and network traffic using tools such as Splunk, SOAR and/or Tanium.
• Significant experience with UK Government Security frameworks/regulations, such as Cabinet Office Security Policy Framework, Joint Service Publication 440/441/490, Information Assurance Standards.
• Approved security products and build standards.
• Working knowledge and experience in developing and reporting performance and risk metrics (KPIs/KRIs, status reporting and dashboards for senior management).
• Experience leading and performing data security, data privacy discussions, reviews and IT/security audits.
• Data security or security architecture and engineering experience.
• Demonstrated ability to work within matrixed resources in a team environment; strong organisational, time management and diplomacy skills.
• Independent tasking and project completion with little supervision is essential.
• Excellent analytical and problem-solving skills and interpersonal skills to interact with users, team members and senior management.
• Progressive experience with increasing responsibilities within Information Security, e.g., Cyber SecOps, Security Architecture & Engineering, Data Security/Forensic Analysis.
• Ability to respond to Information Security incidents in a timely, professional, and structured manner, providing clear updates throughout the incident lifecycle.
• Strong communication skills, capable of liaising effectively with internal teams, stakeholders and third-party suppliers during security events.
• Understanding of the MITRE ATT&CK framework, including identifying and mapping relevant adversary tactics and techniques.
• Willingness to continuously learn, develop and improve both new and existing skillsets within the Information Security domain.

Desirable Qualifications:

• Experience with UK affecting security certifications/regulations, e.g., ISO27001, NIST SP800-53, Cyber Essentials Plus.
• Experience using security toolsets for vulnerability scanning (Tanium), protective monitoring (Splunk, other SIEM tools), email security, cryptography, identity and access management, end-user behavioural analysis, statistical anomaly detection, and security log collection, collation and analysis.
• Prior experience administering and maintaining Splunk Enterprise and SOAR infrastructure.
• Demonstrable Linux proficiency, including Bash scripting for system administration, automation and operational tasks.
• Excellent communication and MS Office skills.
• Good understanding of networking, subnetting and basic network segregation.
• Desirable certifications such as CompTIA Network+ or Security+ or equivalent.
• Ability to obtain Developed Vetting National Security Clearance.

Benefits:

• Competitive pension scheme, employee share plans and a range of flexible discounted health, wellbeing & lifestyle benefits, including a green car scheme, private health plans and shopping discounts.
• May also be eligible for an annual incentive.

This role focuses on operational security support to our classified networks, providing technical expertise, guidance, strategic vision, and best practice frameworks for IT Services within the organisation.

Why BAE Systems?

Make a real difference in an inclusive culture that values diversity, rewards integrity and merit, and empowers you to fulfil your potential. We welcome people from all backgrounds and provide reasonable adjustments for any disability or health condition. Many roles at BAE Systems are subject to security and export control restrictions. Applicants must achieve at least Baseline Personnel Security Standard and, for some roles, higher levels of National Security Vetting requiring 5 to 10 years of continuous UK residency.