BAE Systems
Vulnerability Management Analyst – Leeds – National Security West
How you stack up
Upload your CV to see how well it fits this job role
?%
Vulnerability Management Analyst – Leeds – National Security West
Location(s): UK, Europe & Africa : UK : Leeds
BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.
Job Title: Vulnerability Management Analyst
Requisition ID: 123051
Location: Leeds – onsite
Grade: GG09-GG10
Referral Bonus: £5,000
We are looking for a talented and enthusiastic individual with a blend of technical and client-facing skills to join our dedicated client Security Operations Centre (SOC) as a vulnerability management analyst. This role will play an important part in supporting our client with identifying and assessing key vulnerabilities and working with stakeholders to complete remediation. This will also include assisting with the running of vulnerability remediation campaigns and reporting of the results. As the SME for vulnerabilities in the team, you will work closely with threat intelligence colleagues providing context and supporting other analysts in the SOC.
The customer is committed for the SOC to be a benchmark of best practice and excellence.
BAE Systems staff are based in multiple locations, but with the day to day operations based from our Leeds office (due to the need for customer network access available at this location).
This role requires a minimum of DV clearance.
This role reports to the Cyber Threat Intelligence and Vulnerability Lead.
The Role
Reasons to use Rodeo
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
It searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Core Duties
Monitor, investigate and report potential cyber threats and key vulnerabilities. Analyse and interpret vulnerability report results, prioritise findings using risk-based prioritisation methodology and provide actionable recommendations for remediation. Operate vulnerability scanning and configuration scanning tools, like AWS Inspector and Microsoft Defender. Collaborate with a range of stakeholders and teams to address key vulnerabilities across the client’s estate. Ensure all relevant 0-Day, critical and high vulnerabilities sourced from internal tooling and open source feeds are tracked in a vulnerability register, and draft an alert and warning notice on an ADHOC basis when approved by the Cyber Threat Intelligence and Vulnerability Lead. Assist in defining, creating and implementing various SOPs (Standard Operating Procedures) and SOMs (Service Operating Models). Use asset risk information, vulnerability ratings, and threat information to communicate the risk and remediation. Production of regular vulnerability reports to accurately articulate the landscape and progress.
Requirements
Technical
1+ years’ experience in vulnerability management with an additional 1+ in related cyber roles. Hands-on experience with vulnerability assessments, management, and remediation strategies. Understanding of cloud concepts and environments (AWS, Azure) and their unique vulnerabilities. Detailed understanding of Windows, Linux/Unix, and OS vulnerabilities. Ability to perform risk analysis and prioritise. A strong understanding of current and emerging threats. Experience in technical incident response and management.
Get help with your application
Your very own career expert that helps elevate your application to the next level.
Non-Technical
Project management skills to help deliver vulnerability programs. Bachelor’s Degree in Cybersecurity, Computer Science or equivalent experience in a SOC/ /Vulnerability Management field. Excellent written and verbal communication skills with the ability to communicate the risk, potential impact and importance of detailed technical information to non-technical and senior stakeholders. Team player and adept at working in a multi-disciplinary and diverse team. Self-motivated and motivates others, keeping morale and performance high.
Life at BAE Systems Digital Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.
By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location