| London Jobs |
| Manchester Jobs |
| Liverpool Jobs |
| Nottingham Jobs |
| Birmingham Jobs |
| Cambridge Jobs |
| Glasgow Jobs |
| Bristol Jobs |
| Wales Jobs |
| London Jobs |
| Manchester Jobs |
| Liverpool Jobs |
| Nottingham Jobs |
| Birmingham Jobs |
| Cambridge Jobs |
| Glasgow Jobs |
| Bristol Jobs |
| Wales Jobs |
| Oil & Gas Jobs |
| Banking Jobs |
| Construction Jobs |
| Top Management Jobs |
| IT - Software Jobs |
| Medical Healthcare Jobs |
| Purchase / Logistics Jobs |
| Sales |
| Ajax Jobs |
| Designing Jobs |
| ASP .NET Jobs |
| Java Jobs |
| MySQL Jobs |
| Sap hr Jobs |
| Software Testing Jobs |
| Html Jobs |
| Job Location | Wilmslow |
| Education | Not Mentioned |
| Salary | Salary negotiable |
| Industry | Not Mentioned |
| Functional Area | Not Mentioned |
| Job Type | Permanent, full-time |
At Royal London we want to attract the best talent to help us achieve our vision of becoming the most trusted and recommended financial company in the UK. We are the largest mutual life, pensions and Investment Company in the UK.We are currently looking to recruit a Senior Cyber Specialist - Penetration Testing to join our Group Technology & Change team on a permanent basis in our Edinburgh or Wilmslow Office.The role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. Additionally, the role will be responsible for cyber-attack countermeasures and techniques with a focus on security testing to ensure risk mitigation controls deployed to prevent cyber events are working effectively.Key Accountabilities•Minimise and control the damage resulting from cybersecurity incidents•Ensuring that the appropriate incident management and response controls are in place•Operating as required in order to enable the identification, protection, detection, response and recovery of RLG information assets.Skills and Experience•Experience managing security events are investigated and tracked to remediation within agreed SLA’s•Support the process, procedure, tools, measures and metrics to ensure identification and remediation of operational deficiencies•Experience substitute for the Head of Department where necessary, communicating the RLG threat level to senior management, translating technical security risks into business problems•Experience of threat intelligence searching, using both trusted commercial sources and open source intelligence information of threat activity•Management of escalation for emerging cyber threats demanding swift action•Operate threat intelligence tooling, keeping configurations current to detect emerging threats•Proactive threat analysis of information received to identify potential threats to RLG, and disseminate the results of the analysis to prevent those threats from materialising•MI reporting of the effectiveness of RLG security controls, assuring they are operating within the expected guidelines and risk decisions are threat driven.•Maintain a threat dashboard for communicating the threat level within RLG•Incident management, providing security resources with threat intelligence to support the remediation activity.Essential Criteria•Ability to mentor and support a team of Cyber Security professionals•Demonstrable hands-on experience and accreditation in the fields of incident response countermeasures, security penetration testing.•Pentesting experience and familiarity with Pentesting tools e.g. KALI Digital forensic investigations experience an advantage•Technical security qualifications e.g. CISSP, SSCP, GIAC - GEVA, OSCP, CEH or equivalent•Knowledge of perimeter and host security intrusion techniques, including threat hunting for evidence of this activity•Knowledge and hands-on experience of security information and event management (SIEM) tools from industry leaders•Familiar with IPS, WAF, DLP, Identity & Data Management and Network Security technologies•Familiar with vulnerability management and application security technologies•Familiar with audit event collection and reporting toolsetsDesirable Criteria•Previous experience of working within a regulated environment, ideally within the financial services industry•OSCP qualification is highly advantageous•Experience working within a Pentesting company previously is highly advantageous•Digital forensic investigations experience is advantageous•Experience of working with external threat intelligence bodies such as NCSCWhat we offer•Weve always been proud to reward employees by offering a number of benefits such as Pensions and Protection, Performance and role-related benefits, Lifestyle and Wellbeing•Our People Promise is something we live up to every day. We know we can rely on you, and you can expect plenty from us in return.•Glassdoor have again ranked as among the best places to work in the UKOur culture is welcoming, friendly, flexible and we aim to make you always feel included. We are an equal opportunities employer which means we believe in embracing difference as it makes us collectively stronger. Our diverse people bring us different skills - whatever their educational background, disability, gender, age, sexual orientation, race, religion or belief.We also welcome applications from individuals who have taken an extended career break or those who are transitioning from different sectors. To support this we are always open to discussing flexible working to give you the freedom to be your best. It’s what makes Royal London a great place to work.The first pillar of our People Promise is designed to make sure you work somewhere inclusive. We want to live up to this promise; it’s good for our people and good for our customers too, because our workforce should reflect our communities