CareerAddict

External Attack Surface Management Analyst

CV-Library

Posted on Jul 1, 2026 by CV-Library
Sandhurst, Berkshire, United Kingdom
Other
Immediate Start
Annual Salary
Full-Time
Job Title: External Attack Surface Management Analyst

Job Location: Preston or Frimley – Hybrid-2 days a month onsite. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.

Salary: Circa £45,000 depending on skills and experience

Who we are:

Join BAE Systems and you’ll be part of something bigger. As a valued member of our global colleague network, you’ll bring your unique skills and perspectives to help pioneer progress and protect what matters most. You’ll be trusted to play your part in delivering the advanced, technology-led defence, aerospace and security solutions of tomorrow – shaping a safer future, for all of us.

Role Description:

Working within Cyber Operations, you will help safeguard BAE Systems against evolving cyber threats by supporting and enhancing the External Attack Surface Management (EASM) capability across people, process, and technology. You will contribute to an intelligence-led approach to cyber operations, ensuring external assets are identified, assessed, and continuously tested. The role supports detection assurance by identifying shadow IT and unmanaged exposures, providing confidence to leadership that security controls and monitoring capabilities are effective and aligned to organisational security standards.

Core Duties:

Proactively discover, track, and maintain visibility of external attack surface assets, including unknown and shadow IT exposures

Investigate and validate externally visible exposures, assessing real-world risk, attacker relevance, and exploitability

Monitor changes in external exposure, identifying new assets, regressions, and emerging risks across the estate

Collaborate with Threat Intelligence and Cyber Operations to align exposure findings with attacker activity and remediation priorities

Produce clear, actionable reporting on external exposures, trends, and security posture to support risk reduction and decision-making

Essential Skills:

Good understanding of external reconnaissance techniques, OSINT, and how attackers identify and profile internet-facing assets

Proven experience in attack surface discovery, asset enumeration, and identifying unknown or shadow IT exposures

Good investigative mindset with the ability to analyse incomplete or ambiguous external data and determine genuine security risk

Ability to assess and distinguish between observed external artefacts, misconfigurations, and true exploitable exposures from an attacker’s perspective

Experience working with internet-facing protocols and data sources (e.g. DNS, HTTP, TLS, certificate transparency, scanning datasets) to identify patterns, relationships, and anomalies

The Cyber Operations team:

Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and services we create across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability.

Why BAE Systems?

Here you’ll build a career with purpose and limitless possibilities. With lifelong learning and meaningful work – this is a place where you can grow your career with confidence and be empowered to be your best. You’ll be recognised for your contribution and enjoy rewards tailored to what’s most important to you and your family – support for your financial and personal wellbeing, as well as a balanced lifestyle. In an environment embracing sustainable ways of working and with a strong sense of shared purpose, our supportive culture is a place you can feel you belong and proud of the difference you make.

A place where everyone can thrive:

We’re committed to building an inclusive workplace where everyone feels valued and supported. We know that a diversity of backgrounds, perspectives and experiences strengthens our teams and is vital to the work we do.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.

Closing Date: 14th July 2026

We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.

#LI-SH1

#LI-Hybrid

Reference: 225309566

https://jobs.careeraddict.com/post/113494783
CV-Library

External Attack Surface Management Analyst

CV-Library

Posted on Jul 1, 2026 by CV-Library

Print
Sandhurst, Berkshire, United Kingdom
Other
Immediate Start
Annual Salary
Full-Time
Job Title: External Attack Surface Management Analyst

Job Location: Preston or Frimley – Hybrid-2 days a month onsite. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.

Salary: Circa £45,000 depending on skills and experience

Who we are:

Join BAE Systems and you’ll be part of something bigger. As a valued member of our global colleague network, you’ll bring your unique skills and perspectives to help pioneer progress and protect what matters most. You’ll be trusted to play your part in delivering the advanced, technology-led defence, aerospace and security solutions of tomorrow – shaping a safer future, for all of us.

Role Description:

Working within Cyber Operations, you will help safeguard BAE Systems against evolving cyber threats by supporting and enhancing the External Attack Surface Management (EASM) capability across people, process, and technology. You will contribute to an intelligence-led approach to cyber operations, ensuring external assets are identified, assessed, and continuously tested. The role supports detection assurance by identifying shadow IT and unmanaged exposures, providing confidence to leadership that security controls and monitoring capabilities are effective and aligned to organisational security standards.

Core Duties:

Proactively discover, track, and maintain visibility of external attack surface assets, including unknown and shadow IT exposures

Investigate and validate externally visible exposures, assessing real-world risk, attacker relevance, and exploitability

Monitor changes in external exposure, identifying new assets, regressions, and emerging risks across the estate

Collaborate with Threat Intelligence and Cyber Operations to align exposure findings with attacker activity and remediation priorities

Produce clear, actionable reporting on external exposures, trends, and security posture to support risk reduction and decision-making

Essential Skills:

Good understanding of external reconnaissance techniques, OSINT, and how attackers identify and profile internet-facing assets

Proven experience in attack surface discovery, asset enumeration, and identifying unknown or shadow IT exposures

Good investigative mindset with the ability to analyse incomplete or ambiguous external data and determine genuine security risk

Ability to assess and distinguish between observed external artefacts, misconfigurations, and true exploitable exposures from an attacker’s perspective

Experience working with internet-facing protocols and data sources (e.g. DNS, HTTP, TLS, certificate transparency, scanning datasets) to identify patterns, relationships, and anomalies

The Cyber Operations team:

Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and services we create across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability.

Why BAE Systems?

Here you’ll build a career with purpose and limitless possibilities. With lifelong learning and meaningful work – this is a place where you can grow your career with confidence and be empowered to be your best. You’ll be recognised for your contribution and enjoy rewards tailored to what’s most important to you and your family – support for your financial and personal wellbeing, as well as a balanced lifestyle. In an environment embracing sustainable ways of working and with a strong sense of shared purpose, our supportive culture is a place you can feel you belong and proud of the difference you make.

A place where everyone can thrive:

We’re committed to building an inclusive workplace where everyone feels valued and supported. We know that a diversity of backgrounds, perspectives and experiences strengthens our teams and is vital to the work we do.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.

Closing Date: 14th July 2026

We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.

#LI-SH1

#LI-Hybrid
Print

Reference: 225309566

Share this job:
CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test

Similar Jobs

External Attack Surface Management Analyst

Farnborough, Hampshire, United Kingdom

External Attack Surface Management Analyst

Farnham, Surrey, United Kingdom

External Attack Surface Management Analyst

Hook, Hampshire, Hampshire, United Kingdom

External Attack Surface Management Analyst

Guildford, Surrey, United Kingdom