Pen Test Lead

Our client, a leader in the Defence & Security sector, seeks experienced Pen Test Leads for contract positions managing annual penetration tests in various UK locations.

• Manage the complete lifecycle of annual penetration tests for OT & IT environments.
• Deliver and oversee penetration tests across various platforms including Application, Infrastructure, Websites, APIs, O365, Azure, AWS, and OT environments.
• Identify and prioritise assets, services, and systems for pen testing based on the current tiering system.
• Plan and schedule testing engagements ensuring weekly, monthly, and annual tests are conducted.
• Engage with internal stakeholders and product group owners to avoid duplicated efforts.
• Manage third-party supplier relationships and onboarding/offboarding procedures.
• Update and secure relevant vulnerability data in the SGN CMDB.
• Provide regular reports on remediation activities and testing progress to stakeholders.

• Strong understanding of OT & IT asset profiles, technology, and security best practices.
• Excellent report writing and communication skills to document findings and advise on security improvements.
• Previous technical cybersecurity experience is essential.
• In-depth knowledge of network protocols, cryptography, and security vulnerabilities.
• OSCP certification is preferred.
• Experience in penetration testing or Red Team roles is advantageous.
• SC and CREST certifications are preferable.
• Proficiency with penetration testing tools and methodologies.
• Understanding of OWASP and API vulnerabilities.
• Strong stakeholder engagement and relationship management skills.

If you have a keen eye for cybersecurity and are looking to make an impact in defence and security, please apply now to join our client's team and lead their penetration testing efforts.