External Attack Surface Management Analyst

Job Title: External Attack Surface Management Analyst

Job Location: Preston or Frimley – Hybrid-2 days a month onsite. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.

Salary: Circa £45,000 depending on skills and experience

Who we are:

Join BAE Systems and you’ll be part of something bigger. As a valued member of our global colleague network, you’ll bring your unique skills and perspectives to help pioneer progress and protect what matters most. You’ll be trusted to play your part in delivering the advanced, technology-led defence, aerospace and security solutions of tomorrow – shaping a safer future, for all of us.

Role Description:

Working within Cyber Operations, you will help safeguard BAE Systems against evolving cyber threats by supporting and enhancing the External Attack Surface Management (EASM) capability across people, process, and technology. You will contribute to an intelligence-led approach to cyber operations, ensuring external assets are identified, assessed, and continuously tested. The role supports detection assurance by identifying shadow IT and unmanaged exposures, providing confidence to leadership that security controls and monitoring capabilities are effective and aligned to organisational security standards.

Core Duties:

• Proactively discover, track, and maintain visibility of external attack surface assets, including unknown and shadow IT exposures
• Investigate and validate externally visible exposures, assessing real-world risk, attacker relevance, and exploitability
• Monitor changes in external exposure, identifying new assets, regressions, and emerging risks across the estate
• Collaborate with Threat Intelligence and Cyber Operations to align exposure findings with attacker activity and remediation priorities
• Produce clear, actionable reporting on external exposures, trends, and security posture to support risk reduction and decision-making

Essential Skills:

• Good understanding of external reconnaissance techniques, OSINT, and how attackers identify and profile internet-facing assets
• Proven experience in attack surface discovery, asset enumeration, and identifying unknown or shadow IT exposures
• Good investigative mindset with the ability to analyse incomplete or ambiguous external data and determine genuine security risk
• Ability to assess and distinguish between observed external artefacts, misconfigurations, and true exploitable exposures from an attacker’s perspective
• Experience working with internet-facing protocols and data sources (e.g. DNS, HTTP, TLS, certificate transparency, scanning datasets) to identify patterns, relationships, and anomalies

The Cyber Operations team:

Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and services we create across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability.

Why BAE Systems?

Here you’ll build a career with purpose and limitless possibilities. With lifelong learning and meaningful work – this is a place where you can grow your career with confidence and be empowered to be your best. You’ll be recognised for your contribution and enjoy rewards tailored to what’s most important to you and your family – support for your financial and personal wellbeing, as well as a balanced lifestyle. In an environment embracing sustainable ways of working and with a strong sense of shared purpose, our supportive culture is a place you can feel you belong and proud of the difference you make.

A place where everyone can thrive:

We’re committed to building an inclusive workplace where everyone feels valued and supported. We know that a diversity of backgrounds, perspectives and experiences strengthens our teams and is vital to the work we do.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.

Closing Date: 14th July 2026

We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.

#LI-SH1