Tandem Bank
Senior Penetration Tester
Tandem Bank, Durham, North Carolina, United States, 27703
Job Title:
Senior Penetration TesterWorking Pattern:
Monday to Friday, 36.25 hours per weekSalary:
£80,000-£90,000 + up to 20% bonusLocation:
Flexible – Embrace fully remote or hybrid work from any of our vibrant UK offices in London, Cardiff, Durham, Manchester, or Blackpool.
At Tandem, we're not just a bank; we're a movement for positive change. If you're an ambitious and dedicated Senior Penetration Tester ready to make an impact, we've got a space with your name on it!
The primary responsibility of the Senior Penetration Tester is to lead and execute comprehensive penetration testing activities across various digital platforms and environments. This role will encompass testing web applications, APIs, mobile applications, network infrastructure, and cloud platforms (AWS and Azure). Additionally, the role will involve contributing to the overall security strategy, particularly focusing on offensive and defensive security operations, threat intelligence and modelling.
The successful candidate will play a critical role in improving Tandem Bank's security posture, working collaboratively with Security Operations to identify, mitigate, and remediate vulnerabilities, and assist in refining security protocols and best practices.
Key Responsibilities:
Conduct penetration tests on web applications, APIs, and mobile applications (Android & iOS).
Perform infrastructure security assessments of network environments and cloud platforms (AWS & Azure).
Review Firewall and Switch rules and ACLs.
Lead in Red Team exercises to assess defensive measures and identify security weaknesses.
Execute social engineering campaigns, including complex phishing simulations and physical security tests.
Collaborate with internal teams to define remediation strategies for identified vulnerabilities.
Support forensic investigations and contribute to incident response activities.
Stay updated on the latest security trends, vulnerabilities, and penetration testing methodologies.
Contribute to the development of security processes, procedures, and best practices to strengthen the security posture of Tandem Bank.
Prepare detailed reports for both technical teams and executive stakeholders, articulating vulnerabilities and recommended remediation.
Required Experience:
Extensive experience in penetration testing across:
Web Application & API Testing.
Mobile Application Security Testing (Android & iOS).
Network Infrastructure Testing.
Cloud Security Testing (AWS & Azure).
Proven track record in leading Red Team engagements.
Strong knowledge of social engineering tactics and experience in executing complex phishing and physical assessments.
Experience with Digital Forensics and Threat Intelligence integration.
Ability to collaborate effectively with cross-functional teams and stakeholders.
Strong understanding of attack vectors, threat landscapes, and security best practices.
Desirable Certifications:
OSCP (Offensive Security Certified Professional).
OSCE (Offensive Security Certified Expert).
CREST CRT (Certified Registered Tester).
Desired Qualities:
Strong analytical and problem-solving skills.
Excellent verbal and written communication abilities, particularly in conveying complex technical findings to non-technical stakeholders.
A passion for cybersecurity and continuous learning.
Ready to make your mark?
Apply now and let's pave the way to a greener world, together. Our approach to DE&I is reflected in our hiring process so please let us know if you require any reasonable adjustments.
Sourcing Model
Recruitment at Tandem works primarily on a direct sourcing model and does not accept resumes from recruitment agencies which are not on the preferred supplier list. We are not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.
Please be aware that background checking (including credit and criminal records checks) form part of our recruitment process. We will adhere to our duties under the Rehabilitation of Offenders Act 1974.
#J-18808-Ljbffr
Senior Penetration TesterWorking Pattern:
Monday to Friday, 36.25 hours per weekSalary:
£80,000-£90,000 + up to 20% bonusLocation:
Flexible – Embrace fully remote or hybrid work from any of our vibrant UK offices in London, Cardiff, Durham, Manchester, or Blackpool.
At Tandem, we're not just a bank; we're a movement for positive change. If you're an ambitious and dedicated Senior Penetration Tester ready to make an impact, we've got a space with your name on it!
The primary responsibility of the Senior Penetration Tester is to lead and execute comprehensive penetration testing activities across various digital platforms and environments. This role will encompass testing web applications, APIs, mobile applications, network infrastructure, and cloud platforms (AWS and Azure). Additionally, the role will involve contributing to the overall security strategy, particularly focusing on offensive and defensive security operations, threat intelligence and modelling.
The successful candidate will play a critical role in improving Tandem Bank's security posture, working collaboratively with Security Operations to identify, mitigate, and remediate vulnerabilities, and assist in refining security protocols and best practices.
Key Responsibilities:
Conduct penetration tests on web applications, APIs, and mobile applications (Android & iOS).
Perform infrastructure security assessments of network environments and cloud platforms (AWS & Azure).
Review Firewall and Switch rules and ACLs.
Lead in Red Team exercises to assess defensive measures and identify security weaknesses.
Execute social engineering campaigns, including complex phishing simulations and physical security tests.
Collaborate with internal teams to define remediation strategies for identified vulnerabilities.
Support forensic investigations and contribute to incident response activities.
Stay updated on the latest security trends, vulnerabilities, and penetration testing methodologies.
Contribute to the development of security processes, procedures, and best practices to strengthen the security posture of Tandem Bank.
Prepare detailed reports for both technical teams and executive stakeholders, articulating vulnerabilities and recommended remediation.
Required Experience:
Extensive experience in penetration testing across:
Web Application & API Testing.
Mobile Application Security Testing (Android & iOS).
Network Infrastructure Testing.
Cloud Security Testing (AWS & Azure).
Proven track record in leading Red Team engagements.
Strong knowledge of social engineering tactics and experience in executing complex phishing and physical assessments.
Experience with Digital Forensics and Threat Intelligence integration.
Ability to collaborate effectively with cross-functional teams and stakeholders.
Strong understanding of attack vectors, threat landscapes, and security best practices.
Desirable Certifications:
OSCP (Offensive Security Certified Professional).
OSCE (Offensive Security Certified Expert).
CREST CRT (Certified Registered Tester).
Desired Qualities:
Strong analytical and problem-solving skills.
Excellent verbal and written communication abilities, particularly in conveying complex technical findings to non-technical stakeholders.
A passion for cybersecurity and continuous learning.
Ready to make your mark?
Apply now and let's pave the way to a greener world, together. Our approach to DE&I is reflected in our hiring process so please let us know if you require any reasonable adjustments.
Sourcing Model
Recruitment at Tandem works primarily on a direct sourcing model and does not accept resumes from recruitment agencies which are not on the preferred supplier list. We are not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.
Please be aware that background checking (including credit and criminal records checks) form part of our recruitment process. We will adhere to our duties under the Rehabilitation of Offenders Act 1974.
#J-18808-Ljbffr