You will join the biggest financial institution in the world.
In a rapidly changing technology landscape, security research and offensive security are important components in positioning the company to better protect itself and to manage risk more effectively. This is accomplished by analysing the most critical areas across the bank, simulating real-world attacks, performing regular penetration testing and innovating approaches to find vulnerabilities, that can materially drive a more thorough understanding of cybersecurity attacks and a proactive approach to enhance the security posture of the bank.
The Cybersecurity Research and Offensive Security (CROS) function is hiring the Head of Penetration Testing. The Penetration Testing function, reports directly to the Global Head of CROS, and conducts manual security testing on systems supporting services to the Bank.
The role holder will be responsible for managing the global Penetration Testing team and the delivery of projects, on a wide range of technologies, to ensure that the Bank is well positioned against a variety of Cybersecurity related attack scenarios. Additionally, the role holder will be responsible for managing stakeholders (including regulators) to clearly scope penetration testing engagements, define objectives and direct a delivery approach that scales and minimises operational risk.
Other key responsibilities for this position include:
- Manage the delivery of penetration tests across variety of technologies.
- Ensure quality delivery of world class penetration testing.
- Represent Cybersecurity function as technical penetration testing SME in internal and external discussions.
- Drive the maturity of the function by continuously improving quality of penetration testing services and removing inefficiencies, in line with wider Cybersecurity strategy.
- Drive and lead penetration tests and resulting deliverables, to aid in ensuring that the Bank operates within defined risk appetite.
- Ensure that the penetration testing deliverables are met on time.
- Ensure compliance with penetration testing internal audit and external regulators.
- Provide audit support where applicable, work with Cybersecurity Risk and Controls Strategy function to drive controls assessment, risk and compliance reporting and provide internal controls assurance.
- You will support growth and engage with a diverse set of stakeholders in order to achieve CROS objectives, including Business and Functions, Cybersecurity leads, Head of Cybersecurity functions, Control Owners and Regulators
- Managing a security function and delivering penetration test assessments.
- Team management, leadership and team building skills
- Experience leading highly sensitive projects
- Experience managing large volumes of penetration tests
- Experience dealing with penetration test regulatory requirements
- Experience on Mobile security testing
- Experience on Web application security testing
- Experience on Network/Infrastructure security testing
They can offer:
- Excellent and positive work environment
- A stable role with a consistent set of responsibilities
- Career development prospects within the multi-national leading financial organization
- Private health care and employees’ benefits
- sharing the costs of sports activities, sharing the costs of foreign language classes, sharing the costs of professional training & courses, life insurance, retirement pension plan
Note: Prepare your CV in English (PDF), fill in the form, and apply!
Please include in your CV the following clause necessary for the recruitment process:
“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Global Head of Penetration Testing on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”
.Dotcommunity jest zarejestrowana w Rejestrze agencji zatrudnienia (KRAZ) pod numerem 9904.