Pentester/Red Team Lead

My client, an Investment Bank based in London, are looking for a Pentester/Red Team lead to join their growing team.

About the Pentester/Red Team Lead role:

My client is searching for an individual with experience in managing the red team and penetration testing program as well as assist in the wider operations of the IT Security team. The individual must be well versed in infrastructure and application penetration testing to lead the program in the EMEA region.

The role will involve designing, planning, management and execution of various assurance exercises such as web application and infrastructure penetration testing, red teaming, and vulnerability management. Producing reports and metrics to represent the activities will be involved in the role.

Additionally, you will collaborate with the global IT Security team, Security Operations Centre, and wider penetration testing team to deliver technical testing. Working with the broader business, you will be the trusted subject matter expert to translate technical terms and advise on security issues or concerns.

My client is looking for someone keen to continue to manage, mature and develop the penetration testing program performed. You will be joining and IT Security team, which consists of some junior staff to which you will be the technical lead providing mentoring, guidance, and leadership.

As a technical lead, you will be a point of escalation for the Security Operations Centre and the wider team to support them with security incidents and technical/vulnerability knowledge.

Responsibilities:

The role will cover a diverse range of areas for the team, including:

• Lead the penetration testing and red team program in Europe working with our testing providers to maintain test coverage of our core infrastructure and applications
• Support global security and IT executives in developing and reporting on core metrics and KPIs of testing
• Continuously develop and mature the program in line with industry best practice and the evolving threat landscape
• Maintain a deep understanding of the latest vulnerabilities, how they impact my client and its core systems and applications, how they can be treated and be able to communicate these findings to a wider technical/non-technical audience
• Be a security SME, advising the business and operational security team on a range of advanced threats and attack patterns including real time major incident response support
• Oversee, advice and own the rapid remediation of test results and findings, working with core internal SME’s and vendors to plug security gaps as and when they are identified

In this position, they are looking for the following skills and experience:

• Essential experience with managing application and infrastructure penetration testing including red teaming
• Essential experience with red teaming from inception to completion and risk management
• Essential experience with security best practices and frameworks (OSSTMM, OWASP, NIST)
• Experience in an operational data security/security analysis role
• Self-motivated and able to thrive in a distributed, fast-paced, and autonomous environment.
• Translation of technical terms and knowledge to a wide range of stakeholders both technical and non-technical to articulate actual business risk
• Collaborative attitude with a strong disposition to learn new skills and emerging technologies
• Comfortable with project management techniques
• Demonstrable, inquisitive nature with the ability to pursue lines of inquiry independently
• Excellent written and verbal communication skills for coordinating across teams.

If the above is of interest please apply to this Advertisement or call me on 0207 5098040 to find out more.