Senior Information and Cyber Security Testing Manager Senior Information and Cyber Security Testing  …

Standard Chartered Bank
in Warsaw, Mazowieckie, Poland
Permanent, Full time
Be the first to apply
Competitive
Standard Chartered Bank
in Warsaw, Mazowieckie, Poland
Permanent, Full time
Be the first to apply
Competitive
Standard Chartered Bank
Senior Information and Cyber Security Testing Manager
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.

THE ROLE RESPONSIBILITIES

• Managing the third-party suppliers for stress testing, red team exercise, vulnerability assessments and penetration tests
• Design and implement the Information and Cyber Security (ICS) testing methodology and ensure that the ICS testing deliveries meet the quality standards set out in the methodology
• Develop knowledge base of technical and operational controls for ICS tress testing and red team exercise
• Support the Global Head of Information and Cyber Security Assurance and Testing to plan and deliver regulatory driven Cyber Stress Testing activities.
• Support the Global Head of Information and Cyber Security Assurance and Testing to plan, execute and evaluating red team exercises, penetration tests and vulnerability assessments
• Maintain strong stakeholder engagement with internal and external stakeholders to ensure successful delivery of each exercise
• Lead the ICS testing team in Poland

OUR IDEAL CANDIDATE

• Highly proficient in conducting penetration tests and full-scale red team exercises in various environments using automated and manual methods
• Expert knowledge of major operating systems and infrastructure components
• Expert knowledge of security technologies such as firewalls, IDS/IPS, EDR, proxies and DLP
• Ability to perform security threat analysis and threat modelling
• Ability to provide detailed solutions to identified security issues
• Good communication, writing and presentation skills.
• Ability to work effectively with a variety of stakeholders' interests within the enterprise
• Ability to lead the team to achieve successful deliveries. Ability to mentor and develop team members.

• Familiarity with Security Testing methodologies such as PTES, OWASP-TG etc.
• Experience in the financial or other regulated industry
• Experience with risk frameworks by NIST, ISO, etc.
• Experience in utilising the MITRE ATT&CK framework
• Reverse engineering and exploit development experience is preferred
• Operational knowledge of security distributions such as BackBox, PenToo, Kali, CAINE, etc. is preferred
• Certification: OSxx, CREST, GIAC, ISC2 is preferred
Close
Loading...