ABOUT THE JOB
This role exists to provide support to the Offensive Security functions testing streams to ensure they deliver the expected outcomes for the group and enable Group Security to meet it’s objectives.
YOUR JOB RESPONSIBILITIES
- Define and maintain a program of work to deliver penetration testing to the group – across new, changed, and existing systems.
- Define scope of penetration testing objectives and define and drive plans to deliver on that scope.
- Provide direction and consultation to the Group ’s asset and service teams on penetration testing or other security testing requirements.
- Collaborate in the development of reporting to assist the Group in understanding it’s control effectiveness & vulnerability exposure.
- Ability to define scopes across penetration testing activities.
- Coordination of penetration test delivery in line with the SLAs outlined by Offensive Security.
- Design and implementation of process uplifts that drive efficiency improvements.
- Successful coordination and delivery of the Offensive Security testing program.
- Reporting clarity and completeness.
YOUR SKILLS & EXPERIENCE
Essential capabilities (core)
- 10+ years experience in project/program or operational delivery
- Excellent verbal and written communication skills
- Methodical, analytical approach with outstanding attention to detail
- Proven ability to work both autonomously and within a team environment (at times with little guidance), build strong relationships and maintain rapport with internal stakeholders and 3rd party service providers.
Other capabilities (technical)
- Experience in Enterprise security roles preferable
- Understanding and experience in coordinating technical teams prior.
- Understanding of common security standards frameworks, such as NIST, and common security / risk principles.
Qualification Requirements
- Undergraduate (minimum) in Computer Science or similar technical area
- Project delivery certification (e.g. Agile scrum, Prince 2)
- Desirable, not required; Security certifications such as CISSP or CISM