Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage vulnerability assessments and enhance security operations for critical infrastructure.
- Company: Join BAE Systems, a leader in cyber defence with a collaborative culture.
- Benefits: Enjoy hybrid working, competitive salary, and a ÂŁ5,000 referral bonus.
- Why this job: Make a real impact in protecting nations and critical systems from cyber threats.
- Qualifications: Experience in SOC teams and knowledge of vulnerability management tools required.
- Other info: Diverse and inclusive workplace with excellent career development opportunities.
The predicted salary is between 36000 - 60000 ÂŁ per year.
Location(s): UK, Europe & Africa: UK: London || UK, Europe & Africa: UK: Leeds
BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.
We offer a range of hybrid and flexible working arrangements—please speak to your recruiter about the options for this particular role.
Grade: GG10
Referral Bonus: ÂŁ5,000
SOC Vulnerability Analyst Role description
To undertake the day‑to‑day operation of (and incremental improvement of) a dedicated Security Operations Centre (SOC) to support the defence of a major UK CNI organisation. The networks protected are predominantly hosted in Azure cloud platforms, with many systems within these environments that must be protected. The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. These roles require a minimum of SC clearance. Due to timelines for the start of operations, it will not be possible to sponsor new clearances so candidates must have existing clearances.
Responsibilities
- Own and manage the Vulnerability Assessment platforms, configuring the toolset for appropriate analysis schedule (with assistance from the SOC Engineering team for underlying hosting/operational support), triage and management of output vulnerability data from both internal scanning and external attack surface management.
- Gather and maintain a set of VA requirements that define the threats that will be monitored and tracked.
- Undertake Vulnerability Management, managing the priorities related to the data from Vulnerability Assessment as well as collation and management of wider vulnerability exposure (zero days, environmental (business, operation etc) threats, architectural and legacy threats, etc) to advocate for responsible short and long‑term mitigations that may include patching, IT change and SIEM detection content requirements.
- Ensure the business is responsive to changing threat profiles and be the voice of operational vulnerability risk mitigation in the prioritisation of SOC resource effort, including reporting/dashboarding as necessary.
Requirements
- Working in a SOC team developing vulnerability insight for technical and non‑technical audiences.
- Experience of Microsoft Defender Vulnerability Management and Microsoft Defender External Attack Surface Management highly beneficial.
- Conducting threat assessments and defining threat intelligence requirements beneficial.
- Good knowledge of Windows and Linux operating systems and use of the command line.
- Good knowledge of core networking concepts and technologies e.g. TCP/IP.
- Some knowledge of malware behaviour and techniques employed by attackers to evade security controls.
- Client side consulting, including stakeholder engagement and the ability to communicate insights and concepts to others (including briefing skills and report writing).
- Able to understand and adapt to different cultures and hierarchical structures.
- Team player and adept at working in multi‑disciplinary and diverse teams.
- Proven analytical skills capable of solving new and complex technical problems.
- Excellent written and verbal communication skills with the ability to communicate the impact and importance of detailed technical information to non‑technical and senior audiences.
- Leading and managing small teams of highly skilled technical people.
- Managing and building relationships with customer and internal stakeholders.
- Self‑motivated and motivates others keeping morale and performance high.
Why BAE Systems
This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals.
We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
PLEASE NOTE: You're expected to have completed 12 months in role prior to applying for an advertised vacancy and you should also discuss the internal opportunity with your line manager to ensure sustained business continuity and to further support your career development. We know there may be individual circumstances that impact this, so please discuss this with your line manager or HR Business Partner (HRBP). If you don't feel you can talk to your line manager, you can contact your HRBP.
Should you be invited for interview, you will be giving consent for the Recruitment team to contact you and your line manager regarding your application for this opportunity. This vacancy is eligible for the UK Employee Referral Scheme. Amount: ÂŁ5,000.
Life at BAE Systems Digital Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well‑being.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
Division overview: Government
At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
Vulnerability Analyst employer: BAE Systems
Contact Detail:
BAE Systems Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Vulnerability Analyst
✨Tip Number 1
Network, network, network! Get out there and connect with professionals in the cybersecurity field. Attend meetups, webinars, or even online forums. The more people you know, the better your chances of hearing about job openings before they’re advertised.
✨Tip Number 2
Don’t just apply for jobs; engage with the companies you’re interested in. Follow them on social media, comment on their posts, and share relevant content. This shows your enthusiasm and can help you stand out when it comes to interviews.
✨Tip Number 3
Prepare for interviews by researching common vulnerability analyst scenarios and questions. Practice articulating your experience with tools like Microsoft Defender and your understanding of threat assessments. Confidence is key, so rehearse until you feel ready!
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, you’ll have access to all the latest job openings and updates directly from us at StudySmarter.
We think you need these skills to ace Vulnerability Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Vulnerability Analyst role. Highlight relevant experience, especially in SOC environments and vulnerability management tools like Microsoft Defender. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how your background makes you a great fit for our team. Keep it concise but impactful—show us your personality!
Showcase Your Communication Skills: Since you'll be communicating with both technical and non-technical audiences, make sure to demonstrate your ability to convey complex information clearly in your application. We love candidates who can bridge that gap!
Apply Through Our Website: Don't forget to apply through our website! It’s the best way to ensure your application gets to us directly. Plus, it shows you're serious about joining our team at BAE Systems Digital Intelligence.
How to prepare for a job interview at BAE Systems
✨Know Your Vulnerabilities
Before the interview, brush up on your knowledge of vulnerability assessment tools and techniques. Familiarise yourself with Microsoft Defender Vulnerability Management and External Attack Surface Management, as these are highly beneficial for the role. Being able to discuss specific examples of how you've used these tools will show your expertise.
✨Understand the Threat Landscape
Make sure you have a solid grasp of current cyber threats and vulnerabilities, especially those relevant to the UK CNI sector. Be prepared to discuss recent incidents or trends in cybersecurity that could impact the organisation. This will demonstrate your proactive approach and understanding of the industry.
✨Communicate Clearly
Since the role involves engaging with both technical and non-technical audiences, practice explaining complex concepts in simple terms. Prepare to showcase your communication skills by discussing how you've successfully conveyed technical information to stakeholders in the past.
✨Show Your Team Spirit
BAE Systems values collaboration, so be ready to share examples of how you've worked effectively in diverse teams. Highlight your ability to motivate others and maintain high morale, as well as any experience leading small teams. This will illustrate that you're not just a lone wolf but a team player who can contribute to a positive work environment.
