Job Description:
Head of Cyber Threat Exposure
Permanent
London / Staines / Manchester (Hybrid Working)
We make health happen.
At Bupa, we are at the forefront of an exhilarating digital transformation journey, driven by our ambition to become the world's most customer-centric healthcare provider. Our mission is simple yet profound: to help people live longer, happier, healthier lives, and to make a better world.
As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination of vulnerability management and offensive security services across all technology in Bupa.
How you’ll help us make health happen
1. Lead a team of technical security experts to drive a continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats.
2. End to end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming.
3. Provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and remediate vulnerabilities and threat exposures
4. Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and penetration testing requirements.
5. Act as Bupa’s subject matter expert on vulnerability impact and risk, providing guidance on root cause and managing the full lifecycle of reported vulnerabilities through to closure.
6. Collaborate with their counterparts in other Bupa Markets to share knowledge, ideas, innovation, and areas for improvement.
7. Stay abreast of emerging cybersecurity industry thought leadership, external industry colleagues, threats, vulnerabilities, and attack techniques.
What you’ll bring
8. Solid experience in cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing.
9. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE / CVSS, and NIST SP 800-53.
10. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap, Claire, and OpenSCAP).
11. Extensive experience with Red Teaming, Purple Teaming and Attack Automation.
12. Familiarity with industry regulations and compliance standards related to cybersecurity, such as NIST CSF, SOC2, PCI DSS, and ISO 27001.
13. A relevant professional qualification in Cyber and Information Security (e.g., OCSP, CISM, CISSP, CEH)
14. Experience of vulnerability management and security testing in cloud environments (such as Azure, GCP and/or AWS) including containers, containerised applications, and infrastructure e.g., Kubernetes.
15. Excellent analytical and problem-solving skills, with the ability to analyse complex technical issues and recommend effective solutions.
16. Strong communication skills, with the ability to convey technical concepts and findings to non-technical stakeholders and senior management.
17. Ability to take decisive action where time is critical factor and maintain a high degree of confidentiality, even under pressure.
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.
18. Joining Bupa in this role you will receive the following benefits and more:
19. 25 days holiday, increasing through length of service, with option to buy or sell
20. Bupa health insurance as a benefit in kind
21. An enhanced pension plan and life insurance
22. Annual performance-based bonus
23. Onsite gyms or local discounts where no onsite gym available
24. Various other benefits and online discounts
Why Bupa
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring, and responsible in everything we do.