We are working with a leading global financial services organisation who have built an entirely new cyber security division, with full buy-in from the Board. In this role, you will collaborate with stakeholders and third-party providers to identify and assess risk relating to vulnerabilities affecting applications and infrastructures.

The role:

• Scoping of assessments (vulnerability scans, penetration tests) ensuring that they deliver value
• Coordinating the timely execution of the testing schedule
• Conducting pen testing activities under the oversight and guidance of our preferred supplier
• Reviewing, prioritising and helping to coordinating remediation of findings and issues Identifying opportunities to improve security in the lifecycle of applications and infrastructures.
• Work with wider teams to respond to newly identified critical vulnerabilities identifying vulnerable assets

Requirements:

• Keep up to date on threat actor approaches, methods. Making recommendations to detect and defend against these activities
• Track and prepare reporting on key metrics around penetration testing and vulnerability management
• Ethical hacking\penetration testing experience, or can demonstrate knowledge of and have a strong desire to develop themselves in this area

Certifications

• CEH, CREST or OCSP certification is preferred but is not essential
• Information Security and/or Information Technology industry certification (CISA, CISSP, CISM or equivalent) strongly preferred
• Member of Institute of Information Security Professionals (M.IISP) or have the qualification, skills and experience to become a member