Penetration Testing Lead


Premium Job From LA International Computer Consultants Ltd

Recruiter

LA International Computer Consultants Ltd

Listed on

18th April 2023

Location

Cheshire

Salary/Rate

£500 - £600

Type

Contract

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

Responsible for leading, managing, delivering and performing simulated cyber-attacks across IT and OT (Technical simulation and table top where required) inclusive of metrics provision and maturity assessment.

* Lead and manage the Information Technology Health Checks (ITHC) for the Enterprise, and the testing methodologies utilised.

* Manage the creation and delivery of a schedule for ITHC activities.

* Responsible for managing, delivering and performing offensive activities, both operationally and tactically to address capability / technology / process shortfalls within Cyber Security Operations.

* Responsible and applies advanced policies, practices, concepts and principles for Cyber Security and Information Assurance within the Purple and Red teaming approach, aligned to the Mitre Att&ck framework.

* Leading and supporting the development of the training needs analysis for the Cyber Security Operations team, allowing attacks to be further understood, enhancing protection, detection, and analysis methods.

* Responsible for managing and delivering outcomes into the risk-based assurance programme as identified within internal / external teams.

* Liaise and support proactive intelligence measures in the OT environments, against current / future threats.

* Substitute for the Digital Forensics and Configuration Manager when required.

* Manage relationships and deliver communication with internal and external stakeholders when required.

* Represent CS&IA at site working groups and external groups as required.

* To keep up-to-date CS&IA best practices, government standard and site processes.

* Lead, and develop a team of Cyber Security Subject Matter Experts (CSOC resources) in the field of adversary emulation.

* Lead, manage and develop Red team activities when required.

* Lead and manage the vendor communications for enhancements to protection / detection capabilities.

Deliverables:

* Conduct technical simulated cyber-attacks across the enterprise with CISO approval (scope approved, and methods assured by Head of Cyber Security Operations and Information Assurance Operations and the Digital Forensics Capability Manager).

* Conduct table top simulated cyber-attacks across the enterprise (IT / OT) with CISO approval (scope approved, and methods assured by Head of Cyber Security Operations and Information Assurance Operations and the Digital Forensics Capability Manager).

* Will Deputise for the CSOC Manager and undertake appropriate accountabilities as required.

* Review approve ITHC scope

* Review, and provide recommendations into the Enterprise as to Cyber Security controls and the

architecture.

* Review, and provide recommendations for Logging, Auditing and implementation of protection / detection rules when required.

To thrive in the role:

* University degree or previous experience in Cyber Security or Information Assurance.

Digital Forensics experience

* Demonstrates an excellent knowledge of penetration testing skills at infrastructure and application layers and keeps knowledge up to date

* Knowledge of IT / OT systems, architectures, common vulnerabilities, attack methods (Mitre attack)

* Excellent written and verbal communication skills

* DV clearance + NPPV (or ability to obtain)

You may also have:

* A good understanding of ONR Syaps

* Experience of working within a nuclear environment.

* OSCP Certification

* GPEN (Penetration Tester).

* Vulnerability analysis experience.

* SANS training experience including GWAPT and GPEN

Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: