Job Description:

Head of Cyber Threat Exposure

Permanent

London / Staines / Manchester (Hybrid Working)

Full time

We make health happen.

At Bupa, we’re passionate about technology. With colleagues, customers, patients and residents in mind you’ll have the opportunity to work on innovative projects and make a real impact on their lives.

As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination of vulnerability management and offensive security services across all technology in Bupa.

How you’ll help us make health happen

Lead a team of technical security experts to drive a continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats.

End to end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming.

Provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and remediate vulnerabilities and threat exposures

Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and penetration testing requirements.

Act as Bupa’s subject matter expert on vulnerability impact and risk, providing guidance on root cause and managing the full lifecycle of reported vulnerabilities through to closure.

Collaborate with their counterparts in other Bupa Markets to share knowledge, ideas, innovation, and areas for improvement.

Stay abreast of emerging cybersecurity industry thought leadership, external industry colleagues, threats, vulnerabilities, and attack techniques.

What you’ll bring

Solid experience in cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing.

Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE / CVSS, and NIST SP 800-53.

Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap, Claire, and OpenSCAP).

Extensive experience with Red Teaming, Purple Teaming and Attack Automation.

Familiarity with industry regulations and compliance standards related to cybersecurity, such as NIST CSF, SOC2, PCI DSS, and ISO 27001.

A relevant professional qualification in Cyber and Information Security (e.g., OCSP, CISM, CISSP, CEH)

Experience of vulnerability management and security testing in cloud environments (such as Azure, GCP and/or AWS) including containers, containerised applications, and infrastructure e.g., Kubernetes.

Excellent analytical and problem-solving skills, with the ability to analyse complex technical issues and recommend effective solutions.

Strong communication skills, with the ability to convey technical concepts and findings to non-technical stakeholders and senior management.

Ability to take decisive action where time is critical factor and maintain a high degree of confidentiality, even under pressure.

Benefits

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.

Joining Bupa in this role you will receive the following benefits and more:

25 days holiday, increasing through length of service, with option to buy or sell

Bupa health insurance as a benefit in kind

An enhanced pension plan and life insurance

Annual performance-based bonus

Onsite gyms or local discounts where no onsite gym available

Various other benefits and online discounts

Why Bupa?

We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.

We encourage our people to “Be you at Bupa”, we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That’s why we especially encourage applications from people with diverse backgrounds and experiences.

As a Disability Confident employer, we offer a guaranteed interview for every disabled applicant who meets the minimum criteria for the job. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.

Time Type:

Full time

Job Area:

IT

Locations:

Angel Court, London, Bupa Place