Attack Surface Management Manager

Experian is seeking a Manager of Attack Surface Management (ASM) to play a pivotal role in enhancing our cybersecurity strategy. This position involves leading the Continuous Threat Exposure Management (CTEM) program and fostering business engagement across global teams. The role is based in the UK with a hybrid work arrangement, requiring 40% in-office presence, and reports to the Information Security Director for Cloud and Attack Surface Management.

The primary responsibilities include managing the CTEM service delivery by defining and maintaining processes, integrating services with enterprise systems, and ensuring the provision of reliable security insights to inform risk reduction strategies. Additionally, the role involves leading the Business Engagement Team to establish trusted partnerships with regional infrastructure and application teams, aligning vulnerability management strategies with organizational priorities.

Candidates should possess expert experience in Attack Surface Management, particularly in vulnerability remediation and mitigation across various platforms such as web applications, APIs, mobile devices, IoT, cloud infrastructure, and network appliances. Management experience in an enterprise-level cybersecurity function is essential, along with proficiency in risk-based vulnerability management models and familiarity with tools like Qualys, Rapid7, or Tanium. Knowledge of frameworks such as ISO/IEC 27001, NIST, and MITRE ATT&CK is also required.

The compensation package includes a competitive salary and discretionary bonus plan. Core benefits encompass pension contributions, Bupa healthcare, a sharesave scheme, and more. Employees are entitled to 25 days of annual leave, 8 bank holidays, and 3 volunteering days, with the option to purchase additional leave.