The Senior Cyber Security Penetration Testing Engineer primary purpose will be to:
Implement, support, maintain and develop the Cyber Security Penetration Testing programme.
Provide hands-on penetration testing SME expertise to ensure successful delivery of Cyber Security Penetration testing workstreams.
Work closely with vendors, 3rd party penetration testing providers and customers to consult, define, scope and deliver penetration testing services.
What you'll be doing:
Working under the direction and guidance of the Senior Cyber Security Testing Engineer, lead, scope and deliver penetration testing services to the WPP business.
Work in collaboration with IT, Cyber Security and Group teams (such as Risk & Compliance & CSO) to design and deliver business aligned security penetration testing solutions.
Ensure accurate, pragmatic and timely technical Cyber Security penetration testing guidance is provided to stakeholders.
Develop and deliver Cyber Security testing artefacts including technical documentation, methodologies, process\procedures, requirements, test plans and reports.
Work closely with the Cyber Security Systems & Engineering Lead, Security Architects and Technology Operations Teams to ensure the correct operation, and optimal configuration of penetration testing toolsets.
Build and maintain knowledge and awareness of security penetration testing and vulnerability intelligence feeds (NCSC, CISA, SANS). Articulate vulnerability information into clearly defined business risk.
Support and contribute to the delivery of KPI, KRI and other requisite reporting to the Senior Cyber Security Testing Engineer and Cyber Security Systems & Engineering Lead.
Act as a penetration testing SME for projects and initiatives relevant to the role.
Working closely with WPP technology teams, build professional relationships to ensure participation between stakeholders and Cyber Security Operations.
Lead and direct third-party suppliers to ensure testing services are provided effectively, within project timescales and service level agreements.
What you'll need:
Qualification Requirements (Desirable)
Cyber Security certifications (i.e. CISA, CISSP, CISM) desirable but not essential.
Degree or equivalent (i.e. MBA) desirable but not essential.
Relevant technical certifications (CREST, GPEN, CEH).
Skills / Experience Requirements
Hands on technical background in cyber / information security.
Knowledge of securing network technologies, client, and server operating systems, security data, information, and intelligence.
Stakeholder management.
Able to take a pragmatic approach to Cyber Security by identifying, understanding and clearly articulating risk to stakeholders.
Experience of providing penetration testing expertise to Enterprise-wide Cyber Security Change programmes.
4 years plus in a similar role within a large, complex and technologically diverse organisation.
Must have in depth technical knowledge of security technologies including but not limited to:
Penetration testing tools and methodologies
SIEM solutions
Application components
Firewall Solutions
Cloud Security Centres
TCP-IP Networking
Internet Technologies
Cyber Threat Intelligence solutions
--
You must verify your mobile number to apply to this job.