Operational Technology Risk Manager

We have an opportunity working on behalf of UK Facilities Management, the Operational Technology (OT) Risk Manager will act as the deployed local security leader and expert in all elements of security for General Infrastructure Management Systems (GIMS) policy.

Circa £60,000 depending on experience

3-4 days per week on-site due to workload classification and frequent travel to all sites across the UK

British Citizen or a Dual UK national with British citizenship/Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

• Company Bonus: Bonus of up to 21% of base salary

• Pension: maximum total (employer and employee) contribution of up to 14%

• Flexible working: We welcome applicants who are looking for flexible working arrangements

• Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments

• Facilities: Fantastic site facilities including subsidised meals, free car parking and much more…

• Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more.

The main focus is the creation, execution and maintenance of a framework to identify and address risks associated with the devices which support MBDA’s Building and Infrastructure across the UK. This will also include input into the wider group structures as and when required. The OT Risk Manager will act as the point of contact for all new, existing and legacy GIMS installations, providing advice, guidance and direction to address the multiple security risks associated with them. This includes liaising with cross business teams outside of FM, such as Cyber and InfoSec, IM and Product Cyber. The OT Risk Manager will oversee all change management activities related to the connectivity and digital interfaces of the relevant infrastructure, ensuring all change remains appropriate and complaint with policy; ensuring an evidenced position is constantly maintained by MBDA UK of continued compliance with all relevant standards which may be subject no-notice audits by MBDA Group, MOD and other customers. They will deliver technical security consultancy to the business including architecture and solution suitability to meet a complex suite of business requirements. They will create and update ISO 27001 compliant policies to specifically address the GIMS policy ensuring that all policies, processes, procedures and technical infrastructure remains compliant with MBDA UKs wider ISO 27001 ISMS as well as other certifications as appropriate.

The OT Risk Manager will be a critical leader in any new infrastructure projects within MBDA UK and for reducing cyber risk to the business as part of a wider team. The OT Risk Manager will also coordinate all technical security testing within their allocated area of operations, as well as maintaining upward reporting to MBDA UK FM Director, UK Security Director and UK CISO on results and remediation progressions. They will proactively coordinate with the Principle Cyber and Information Security Advisor for all required assurance activity and evidence based reporting. They will work with FM and wider business stakeholders to create a network of Asset Owners and formally document the asset registers for their areas of operation.

• CISSP, InfoSec/Cyber Degree or equivalent (Essential)

• Experience or relevant certifications in network security or industrial control system hardening (Essential)

• Knowledge of security surrounding systems enabling critical services within business (ICS/SCADA/BMS/BEMS)

• Comfortable with establishing and maintaining relationships with national security authorities, internal stakeholders and industry partners.

• Expert in security concepts for IT network architectures, applications, cloud services and hardening of operating systems withinICS and SCADA context.

• Ability to present risk balanced security solutions to complex problems and provide clear advice directly to key stakeholders at all levels

• Experience of managing and developing inexperienced IT/FM Engineers to maintain security

• Experience of system accreditation processes and documentation.

• Experience of security risk management

• Knowledge of business IT processes and associated approval systems

• Expert knowledge of modern hacking Tactics, Techniques and Procedures including impacts affecting GIMS/ICS/SCADA.

MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.

We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more…

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.

Follow us on LinkedIn (MBDA), X (@MBDA_UK), Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.