Director, Penetration Testing

About The Position

Requirements

• Extensive experience in cybersecurity with a minimum of 5 years conducting hands on penetration testing.
• Ability to scope and execute end-to-end penetration testing from planning through to exploitation and reporting.
• Proven ability to lead, design, build and operate a pen testing capability or program.
• Experience managing third party penetration test providers and assuring quality of delivery.
• Experience working in structured risk-driven environments (financial sector or other highly regulated industries preferred).
• Excellent communication skills for reporting and stakeholder engagement.
• Experience leading or mentoring others and ability to scale a function over time.
• Certifications in offensive security and pen testing (e.g. OSCP, GIAC).
• Bachelor's or Master's degree in Cyber Security, Information Technology, or a related field.

Responsibilities

• Own the end-to-end delivery of penetration testing across the organization’s technology estates.
• Establish and maintain penetration testing standards, methodologies and quality benchmarks.
• Define testing scope, priorities and coverage aligned to system criticality and risk.
• Track remediation progress and validate closure of findings.
• Own the selection, implementation and management of penetration test tooling and platforms.
• Define internal testing methodologies, playbooks, tooling and reporting standards.
• Conduct hands-on penetration testing across applications, APIs, infrastructure and cloud environments.
• Own third party penetration test engagements, including rules of engagement, vendor selection and onboarding.
• Track and report on third party vendor performance and outcomes.
• Define and maintain KPIs/KRIs to measure penetration testing effectiveness, including severity and trend analysis, time to remediation and recurring control weaknesses.
• Deliver structured reporting for senior stakeholders.
• Line management of the Penetration Test Coordinator.

Benefits

• Holiday - UK/Asia: 25 holiday days and 3 ‘life days’ (in addition to bank holidays). US: 23 holiday days.
• 2 paid volunteer days so that you can actively support causes within your community that are important to you.
• Generous parental leave policies to ensure you can enjoy valuable time with your family.
• Parental transition coaching programmes and support services.
• Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others.
• Employee Networks (including our Women’s Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about inclusivity.
• Hybrid working to promote a healthy work/life balance, enabling employees to work collaboratively in the office when needed and work from home when they don’t.
• Active support of flexible working for all employees where possible.
• Monthly ‘Heads Down Days’ with no meetings across the whole company.
• Generous non-contributory pension provision for UK/Asia employees, and 401K match from CLS for US employees.
• Private medical insurance and dental coverage.
• Social events that give you opportunities to meet new people and broaden your network across the organisation.
• Annual flu vaccinations.
• Discounts and savings and cashback across a wide range of categories including health and retail for UK employees.
• Discounted Gym membership – Complete Body Gym Discount/Sweat equity program for US employees.
• All employees have access to Discover – our comprehensive learning platform with 1000+ courses from LinkedIn Learning.
• Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.