To keep our client and their customers safe by operating a comprehensive security testing programme, covering key systems on a regular schedule and after major changes. Coordinating this internationally and at scale is a big undertaking and we are looking for a talented and enthusiastic technical security specialist to lead and develop our central services in this space. The work requires technical expertise, initiative, great people skills, and attention to detail.
In this role, you will lead on all aspects of the Penetration Testing Governance service operation and development. You will be working with colleagues across the global security community and the external partners to ensure delivery of an appropriate level of technical testing in terms of coverage and quality in a cost-effective way. You will have an opportunity to actively influence the direction of the team, explore innovative ways to deliver technical assurance, and build your skills and professional network along the way.
Duties & Responsibilities
- Leading on developing the central pentest service, finding opportunities to innovate and improve.
- Maintaining a central view of all pentests taking place and their outcomes.
- Providing technical expertise and supporting international Chief Information Security Office colleagues with scoping tests and interpreting results.
- Managing the global preferred supplier list to ensure that our penetration testing partners provide good value for money, deliver work to an appropriate quality, and provide appropriate coverage of skills and regional presence.
- Collating existing leading practice documentation and developing central standards, methodologies, and guidance.
- Maintaining the infrastructure and automation tools for pentest related data and reporting.
Key performance indicators
- Delivery of key operational responsibilities.
- Measurable improvement in effectiveness of penetration testing processes.
- Positive feedback from key internal partners.
Skills & Experience required
- Understanding of the penetration testing value proposition, test engagement lifecycle, types of penetration tests and their operational requirements
- Experience with leading operational security delivery and projects.
- Experience managing relationships with IT and business partners and vendors.
- Broad technical understanding of security controls and the ability to evaluate residual exposure to complex attack scenarios in specific control environments.
- Ability to deliver to a schedule, prioritise conflicting tasks, and service occasional time-critical requests as required.
- Excellent written and verbal communication skills, including technical communication.
- Awareness of the latest cyber security trends and developments.
- Experience with delivering and managing penetration tests a plus.
Recognised technical security certifications and academic degrees desirable, but not essential (Information Security MSc, CREST, SANS, Offensive Security certifications).
What will you get for this role?
- Competitive salary depending on skills, experience and qualifications.
- Generous defined contribution pension scheme.
- Annual performance related bonus and pay review.
- Minimum holiday allowance of 29 Days holiday allowance plus bank holidays and the option to buy/sell up to 5 additional days.
- Up to 40% discount for some company products plus discounts for Friends and Family. (Some exclusions apply).
- Excellent range of flexible benefits to include a matching share save scheme.
If this opportunity is of interest, click apply.