UK Chief Information Security Officer (CISO)

MBDA
Bolton
9 months ago
Applications closed

Related Jobs

View all jobs

Identity and Access Management Analyst

Information Security Manager - ISO27001

Interim Chief Operating Officer

Head of Technology

GCP Governance Manager

Test and Testability

UK Chief Information Security Officer (CISO)

We are currently looking for a UK Chief Information Security Officer (CISO) to plan, lead and deliver MBDA UK’s Cyber Security strategy, aligned to MBDA’s vision, mission and values, through the formulation of both UK and Group level policies, solutions and controls!

Salary: up to £100,000 depending on experience

Dynamic (hybrid) working: 2 to 3 days per week on-site, due to workload classification

Security Clearance: British Citizen (DV will be crucial for this role – either you already hold this at application stage or we will apply for DV at offer stage).

This role may have restrictions and/or limitations relating to nationality and/or rights to work. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

What we can offer you:

  1. Company Bonus:Bonus of up to 35.5% of base salary
  2. Pension:maximum total (employer and employee) contribution of up to 14%
  3. Private Medical Insurance
  4. Car Allowance:£510 per month allowance
  5. Flexible working:We welcome applicants who are looking for flexible working arrangements
  6. Enhanced parental leave:offers up to 26 weeks for maternity, adoption and shared parental leave - enhancements are available for paternity leave, neonatal leave and fertility testing and treatments
  7. Facilities:Fantastic site facilities including subsidised meals, free car parking and much more…

The opportunity:

Recognising the business risks involved and the increasingly broad and sophisticated threat landscape, the UK CISO is responsible for the protection and compliance of all MBDA information systems, assets and data, along with any managed service providers, against national Government and international security regulations, laws, and relevant frameworks.

The UK CISO, working with their product counterpart, the Head of Product Cyber Security Office, is responsible for all Cyber and Information Security relationships with the MOD and UK Intelligence Communities, such as the NCSC, in relation to corporate capability. The UK CISO is responsible for disaster recovery, incident and breach response for cyber and information data and assets including liaison with external agencies.

The UK CISO is the primary Cyber and Information Security / Assurance advisor to the Group Head of Security / Company Directors.

What we're looking for from you:

  1. Extensive experience of Secure by Design, system accreditation/assurance and the approvals process for government encryption / protection.
  2. Working knowledge of ISO 27001 and 27701, Cyber Essentials Plus and NIST/CMMC frameworks.
  3. Established external networks including MOD, government, UK Intelligence community relationships.
  4. Detailed knowledge of NCSC, HMG and MoD policies for classified information systems.
  5. International cyber and InfoSec knowledge and implementation.
  6. Knowledge of the available HMG approved IT security products and their application.
  7. Understanding of IT network architectures, application security, firewall configuration and OS hardening.
  8. Understanding of business processes and emerging priorities.
  9. Experience of enterprise information systems within a defence context and associated mitigations, postures, controls, risks and governance.
  10. Expert communications and ‘soft skills’ to articulate security solutions to complex problems and provide clear advice directly to key customers at all levels.
  11. CISSP, CISM, GIAC certifications.
  12. Experience of Cyber Security and IT outsourcing contracts and their management.
  13. Meaningful and relevant experience in the Cyber and Information / Assurance Security Industry / MOD /UKIC.
  14. Experience of using intelligence reporting to drive organisational risk reduction.
  15. Experience working in or with the UK Intelligence Community and or relevant MOD Cyber and Security related functions.
  16. Executive level leadership and management experience.
  17. Broad comprehensive security knowledge and experience in protective security, security operations and personnel security.
  18. Public, group speaking and engagement experience.

Our company:MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.

We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more…

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.

Follow us on LinkedIn (MBDA), X (@MBDA_UK), Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.

About the company

MBDA is a European multinational developer and manufacturer of missiles.

#J-18808-Ljbffr

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Write a Cyber Security Job Ad That Attracts the Right People

Cyber security is now a board-level priority for organisations across the UK. From financial services and healthcare to critical infrastructure, SaaS platforms and the public sector, demand for skilled cyber security professionals continues to grow. Yet despite this demand, many employers struggle to attract the right candidates. Cyber security job adverts often generate large volumes of applications, but few are a genuine match. Meanwhile, experienced security engineers, analysts and architects quietly ignore adverts that feel vague, unrealistic or disconnected from real security work. In most cases, the problem is not a lack of talent — it is the quality of the job advert. Cyber security professionals are trained to assess risk, spot weaknesses and question assumptions. A poorly written job ad signals organisational immaturity and weak security culture. A well-written one signals seriousness, competence and trust. This guide explains how to write a cyber security job ad that attracts the right people, improves applicant quality and positions your organisation as a credible security employer.

Education Jobs

Maths for Cyber Security Jobs: The Only Topics You Actually Need (& How to Learn Them)

If you are applying for cyber security jobs in the UK it can feel like “real security people” must be brilliant at maths. The reality is simpler: most roles do not need degree-level pure maths. What they do need is confidence with a small set of practical topics that show up repeatedly in day-to-day work across SOC, incident response, cloud security, AppSec, threat detection, IAM & security engineering. This guide strips the maths down to what actually helps you get hired. It includes a 6-week learning plan plus portfolio projects you can publish to prove the skills. You will focus on: Number systems & bitwise thinking (binary, hex, bytes, XOR) Modular arithmetic basics (enough to understand how modern crypto “works”) Probability & statistics for detection, triage & risk Discrete maths for logic, sets, graphs & complexity Security maths habits: estimation, false positive control & evidence-led reporting You will not waste time on heavy theory that rarely appears in junior or mid-level cyber security roles.

Jobs

Neurodiversity in Cyber Security Careers: Turning Different Thinking into a Superpower

Cyber security is all about thinking like an attacker, spotting unusual patterns, protecting systems & responding calmly when everything looks like it’s on fire. It’s a discipline built on curiosity, persistence & noticing things other people miss. That’s exactly why it can be such a good fit for many neurodivergent people. If you live with ADHD, autism or dyslexia, you may have been told your brain is “too distracted”, “too literal” or “too disorganised” for a security role. In reality, the traits that can make traditional office work tough often line up beautifully with cyber security work – from hyperfocus in incident response to meticulous analysis in threat hunting. This guide is written for cyber security job seekers in the UK. We’ll look at: What neurodiversity means in a cyber context How ADHD, autism & dyslexia strengths map to different security roles Practical workplace adjustments you can ask for under UK law How to talk about neurodivergence during applications & interviews By the end, you’ll have a clearer sense of where you might thrive in cyber security – & how to turn “different thinking” into a genuine superpower.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.