Coordinate with third party providers in order to deliver technical security control assessments, including penetration testing, vulnerability scanning, application security scanning and firewall reviews.
Management of the penetration test process, including threat modelling, scoping of tests, and working with relevant internal and external stakeholders to schedule tests.
Working proactively with internal and external stakeholders to remediate discovered vulnerabilities and communicating these back in non-technical business language.
Tracking remediation of identified vulnerabilities.
Management of third party security testing providers measuring performance against agreed KPIs
Proactively monitor any new threats or vulnerabilities, ensure that these are assessed and reported using the relevant processes.
Producing all required Management information and reporting.
Providing support to the wider information security team as required.
Skills and experience required:
The successful candidate must have the following skills/experience:
Experience in planning, coordinating and ensuring the successful and safe completion of penetration tests within an enterprise environment.
Experience in working with a third party testing provider, and managing the supplier relationship.
Experience in working collaboratively with technical and non-technical stakeholders to gain buy in to vulnerability remediation.
Knowledge of Infrastructure Security; Server (Linux, Windows), Network and End-user.
Knowledge of Application Security, secure design and development, common vulnerabilities (OWASP).
Management of automated security testing tools, SASTs / DASTS,
Driving efficiency and automation of Security Testing.
Knowledge of frameworks and regulations such as ISMS 27001, PCI, GDPR, ICOFOR.
Experience with Security Testing / Vulnerability management.
- Jobs in South East
- Category: Management Jobs
- Career level: ---
- Salary: £400 - £600 per day
- Job type: Contract