en

Services

The UK's leading employers trust us to deliver fast, efficient talent solutions that are tailored to their exact requirements. Browse our range of bespoke services and resources.

Read more
Jobs

Let our industry specialists listen to your aspirations and present your story to the most esteemed organisations in the UK, as we collaborate to write the next chapter of your successful career.

See all jobs
Candidates

Together, we’ll map out career-defining, life-changing pathways to achieve your career ambitions. Browse our range of services, advice, and resources.

Learn more
Services

The UK's leading employers trust us to deliver fast, efficient talent solutions that are tailored to their exact requirements. Browse our range of bespoke services and resources.

Read more
About Robert Walters UK

Since our establishment in 1985, our belief remains the same: Building strong relationships with people is vital in a successful partnership.

Learn more

Work for us

Our people are the difference. Hear stories from our people to learn more about a career at Robert Walters UK

Learn more

Penetration Tester (Outside IR35)

Save job

My client, a European Bank, based in London, are looking for a Penetration Tester to join their growing team on a 6 month contract.

About the Penetration Tester Role:

The IT Security consultant will need to analyse the identified vulnerabilities/anomalies, prioritise them, then work closely with internal teams and third party vendors to create remediation plans and facilitate their implementation. The remediation plan should cover both tactical urgent steps to address immediate risks as well as more tactical, long-term improvements required for Bank to improve its security posture.

My cient uses Qualys as the vulnerability scanning tool and the aim is to review it’s configuration, policy and deployment architecture, make recommendations on how we can better leverage our investment and implement those recommended improvements.

It is required that IT Security consultant works from Canary Wharf office 50% of the time.

Further Information:

  1. Objectives of the consulting services

The IT Security Consultant will have the following objectives:

  • Evidence active management of known vulnerabilities through effective remediation planning and regular reporting
  • Ensure that all identified risks are logged and communicated appropriately
  • Produce both tactical and strategic plan to address weaknesses
  • Contribute to Vulnerability Management process and operations improvements and their maturity

  1. Scope of Services

  • Risk assessment of known vulnerabilities taking into consideration severity, application criticality, system function
  • Develop prioritised remediation plan urgent items.
  • Develop prioritised strategic plan to address systematic gaps and weaknesses in Bank’s security posture
  • Work with application owners on remediation plan until final resolution
  • Validate and test resolved vulnerabilities.
  • Identify new vulnerabilities by using both automatic and human led assessments
  • Create and regularly produce management reporting with a set of meaningful KPIs
  • Maximise my client's investment into Qualys by expanding the use of the tool
  • Support Vulnerability related Change Requests
  • Lease with IT Risk and Operational Risk teams to ensure that all the risks are documented and communicated as appropriate

KNOWLEDGE / EXPERIENCE

  • Experience performing and leading Red Team/Purple team exercises across Networks, Linux and Windows environment
  • Experience conducting ethical hacking/pentest activities
  • A deep understanding of the tools, techniques, and procedures used by modern attackers.
  • Demonstrate continued awareness across the latest threat intelligence industry trend, threat landscape, and emerging technologies.
  • Demonstrable experience in running of vulnerability management process.
  • Deep understanding of vulnerabilities exploitation and business context.
  • Extensive understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2.
  • In-depth knowledge of drivers of cyber operations, cybersecurity terminology, methodologies including the MITRE framework and cyber threat intelligence frameworks.
  • Educated to honours degree level and/or a relevant and recognised IT Security accreditation.
  • Broad understanding of corporate IT infrastructures and technologies.
  • Demonstrable experience of successfully operating within a diverse, multinational and worldwide team.
  • Relevant experience in the Financial Services sector.
  • Ability to handle pressure and work to challenging deadlines.
  • Scope of services successfully transitioned and knowledge transfer complete.

TECHNICAL SKILLS

  • Experience operating vulnerability and compliance scanning tools such as Qualys, Tenable Nessus Security Center, Tripwire or similar
  • Demonstrable experience of conducting security assessments and threat identification, mitigation and remediation
  • Working knowledge of security risk oversight, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), EPSS and technical security vulnerability remediation/mitigation
  • Deep technical understanding of Cloud security, including configuration and best practices for storage, key management, IaaS, PaaS, DaaS and FWaaS, SaaS and applicable penetration testing scoping
  • Good technical knowledge of data encryption, data leakage controls, application integration, identity and access management, certificate management and database security
  • Ethical hacking or penetration testing background is advantageous

If the above is of interest please apply to this job advertisement or call me on 0207 509 8040 for more information.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates

Contract Type: CONTRACTOR

Specialism: Information Technology

Focus: Information Security

Industry: Banking

Salary: £500 - £540 per day

Workplace Type: Hybrid

Experience Level: Senior Management

Location: London

Job Reference: WW3GVN-A780301A

Date posted: 21 June 2024

Consultant: Darius Goodarzi

I'm Robert Walters Are you?

Come join our global team of creative thinkers, problem solvers and game changers. We offer accelerated career progression, a dynamic culture and expert training.