×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security IT Consultant

Attack Surface Management Manager

Remote / Online - Candidates ideally in
Nottingham, Nottinghamshire, NG1, England, UK
Listing for: Experian
Remote/Work from Home position
Listed on 2025-12-15
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, IT Consultant
Job Description & How to Apply Below

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to achieve their financial goals and help them save time and money.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at

Job Description

Experian Global Security Office is looking for a new Manager of Attack Surface Management (ASM) to play a crucial role in our cybersecurity strategy. You will guide the success of the Continuous Threat Exposure Management (CTEM) program and build business engagement across global teams. You will ensure CTEM delivers reliable, applicable insights by defining and maintaining processes, integrating services with enterprise systems.

Equally critical is leading the Business Engagement Team to establish trusted partnerships with regional infrastructure and application partners, aligning vulnerability management strategies with priorities. Through technical leadership and strategic influence, you will strengthen Experian's security posture and reduce risk across its global attack surface. This is a UK based remote position reporting to the Information Security Director for Cloud and Attack Surface Management.

Primary

Focus
  • Lead CTEM Service Delivery:
    Manage processes for the Continuous Threat Exposure Management (CTEM) service and its provider. Ensure integration with Experian systems, delivering reliable, applicable security insights that inform risk reduction across the enterprise.
  • Business Engagement:
    Manage the Business Engagement Team and Service, providing expertise and strategic direction. Cultivate partnerships with regional infrastructure and application teams to ensure the vulnerability management strategy is understood, agreed upon, and implemented.
Other Responsibilities
  • Maintain risk stratification model to guide vulnerability prioritisation based on threat and asset criticality; identify vulnerability prioritisation and asset coverage trends, escalating to senior leadership when vulnerability trends are not improving over time.
  • Help with response to cybersecurity incidents or threat‑informed actions, ensuring accurate identification of applicable internal and external risks.
  • Guide team members' daily project and operational activities.
  • Contribute to security and technology strategic planning to mature our programmes.
  • Work with Risk & Compliance teams on SOC 2, PCI DSS, HIPAA, and other audits.
  • Research and recommend policy and procedures as they relate to Attack Surface Management.
Qualifications
  • Expert experience supporting Attack Surface Management in vulnerability, remediation, and mitigation as it applies to the following: common web applications, APIs, misconfigurations, hosts, mobile, Internet of Things, endpoints, infrastructure, cloud, network appliance, OS, firmware and software supply‑chain.
  • Management experience in an enterprise‑level cybersecurity function.
  • Experience engaging and presenting security topics at senior levels in an enterprise organization.
  • Experience managing Risk‑Based Vulnerability Management models.
  • In‑depth knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as Qualys, Rapid7, Tanium, Axonius, Armis, or other.
  • Experience applying the following models to an enterprise security program: CMMI, ISO/IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model.
  • Experience developing security reports, trends, and metrics analysis.
  • Experience with the application of some of the following frameworks - SANS, NIST 800‑61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR or similar.
  • Experience with cloud security practices.
  • Experience with business and technical requirements analysis, business…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search