Una empresa del Tenth Revolution Group

Ref.: 878347522_1727944889

Pen Test Lead (SC Cleared) - GBP400 - inside IR35 - 3 days onsite

England

Descripción del puesto

Pen Test Lead (SC Cleared) - GBP400 - inside IR35 - 3 days onsite

878347522_1727944889

Penetration Testing Lead (SC Cleared) - £400 - Inside IR35 - 2 days onsite



We are seeking an experienced Penetration Testing Lead for a 6-month contract based in Horley, Surrey. The role requires a skilled professional with SC clearance to work onsite for 2 days per week, leading a comprehensive penetration testing lifecycle.



Key Responsibilities:

* Lead the CybersecurityOT & IT annual penetration testing lifecyclefor our client.
* Deliver a defined volume of penetration tests across applications, infrastructure, websites, APIs, O365, Azure, AWS, and OT environments.
* Identify and prioritizeOT & IT assets, services, and systems, building on the current tieringsystem.
* Plan and schedule all penetration test engagements, ensuring regular testing based on tiering.
* Collaborate with product group owners and internal stakeholders to avoid duplication of testing efforts.



Additional Responsibilities:

* Manage supplier engagements and relationships for annual penetration testing.
* Handle onboardingand offboardingof 3rd party supplier resources, ensuring they have the necessary access and privileges.
* Maintain strong relationships with operational gas business owners and manage sign-offs for regulated operational sites.
* Develop and own policies and procedures around penetration testing, adhering to best practices and NCSCguidelines.
* Review 3rdparty pen test reports, brief internal stakeholders, and track remediation tasks.
* Build secure Power BI dashboards for weekly reporting and update the CMDBwith relevant vulnerabilities.



Essential Skills:

* Proven experience in leading penetration testing projects.
* Strong understanding of OT, IT, cloud environments (Azure, AWS), and vulnerability management.
* Current SC clearance.
* Ability to collaborate with cybersecurity and IT teams to enhance security protocols.