Job Details

BAT is evolving at pace into a global multi-category business. We are on a mission to decrease the health impact of our industry.
To achieve our ambition, we are looking for colleagues who are ready to Be The Change. Come, join us on this journey!

The Security Posture Leader is a critical role within BAT, ensuring that the organization maintains a strong and resilient security posture against cyber threats. The leader will be responsible for overseeing the vulnerability management, penetration testing, and attack surface management programs.

This role will have a significant and direct impact on BAT by:

• Reducing overall security risk exposure
• Continuously improving the effectiveness of the vulnerability management program
• Improving our ability to detect and respond to cyber threats and vulnerabilities
• Maintaining a strong and resilient security posture
• Ensuring compliance with all relevant security regulations and industry standard methodology
• Providing accurate and timely security assessments and reports

Your key responsibilities will include:

Vulnerability Management

• Lead the vulnerability management program, including scanning, assessment, and partnering with team members for remediation action
• Oversee vulnerability scanning tools, analyze results, prioritize critical vulnerabilities, and report on remediation progress
• Ensure compliance with relevant security standards and regulations (e.g., PCI DSS, NIST)

Penetration Testing

• Plan and complete penetration tests to identify security weaknesses and manage external testing provider relationships
• Analyze test results, prioritize findings, track remediation, and communicate recommendations to partners

Attack Surface & Security Metrics

• Identify, assess, and monitor BAT’s attack surface, including internet-facing assets and cloud services, developing strategies to minimize it
• Develop KPIs for vulnerability management, penetration testing, and attack surface management, and report on the organization’s security posture

Security Awareness

• Collaborate on security awareness programs to educate employees and promote a culture of security accountability across BAT

What are we looking for?

• 5+ years of relevant professional experience
• Advanced security certifications (e.g., SANS, CISSP, CISM, CISA, GIAC Penetration Tester, Offensive Security Certified Professional, CompTIA PenTest+)
• Experience with cloud security (e.g., AWS, Azure)
• Strong leadership skills to inspire and motivate the team
• In-depth understanding of cybersecurity concepts, including threat intelligence, vulnerability management, penetration testing, and attack surface management
• Experience with vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS) and attack surface management tools (e.g., Shodan, Censys)
• Experience with penetration testing methodologies and tools
• Strong analytical, problem-solving, and communication skills, with the ability to collaborate with both technical and non-technical partners
  

What we offer you?
•    We offer a market leading annual performance bonus (subject to eligibility)
•    Our range of benefits varies by country and includes diverse health plans, initiatives for work-life balance, transportation support, and a flexible holiday plan with additional incentives
•    Your journey with us isn't limited by boundaries; it's propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement, where your career progression isn't just a statement – it's a reality we're eager to build together. Seize the opportunity and own your development; your next chapter starts here.
•    You'll have access to online learning platforms and personalized growth programs to nurture your leadership skills
•    We prioritise continuous improvement within a transformative environment, preparing for ongoing changes

WHY JOIN BAT?
We’re one of the few companies named as a Global Top Employer by the Top Employers Institute – certified in offering excellent employee conditions.

Collaboration, inclusion and partnership underpin everything we do here at BAT. We are looking forward to enabling every individual to thrive, regardless of gender, sexual orientation, marital or civil partnership status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability, age, skills, experience, education, socio-economic and professional background, veteran status, perspectives and thinking styles. We know that embracing talent from all backgrounds is what makes us stronger and best prepared to meet our business goals.

We see the career breaks as opportunities not obstacles. Through The Global Returners program, we support professionals looking to restart their careers after an extended absence from the workforce (e.g. time out caring for family, parental leave, national service, sabbatical and/or starting an own venture).

Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award winning employee experience here.

If you require any reasonable adjustments or accommodations to help you perform at your best during the recruitment process, you are encouraged to notify us. We are fully committed to support you by making appropriate arrangements for you to demonstrate your full potential.