Posted: Posted 13 days ago

Application Security Lead (Pen Testing)

Salford Quays, Manchester

As an Application Security Lead, you will run the security testing function and grow the offensive testing capabilities for the business. You will use your deep technical skills and experience to proactively test critical controls and provide valuable improvements towards existing People, Process & Technology. You will be technically proficient and comfortable testing both Web Application technologies and Infrastructure, scoping exercises and writing clear concise reports. 


Leveraging your expertise and knowledge, you will be expected to manage other members of the Application Security Team, manage workloads. You will be a good communicator with the ability to manage stakeholder expectations and competing work priorities working alongside our technical security, operations and risk and compliance teams. 

Key Responsibilities:

  • Own and evolve the pen testing service for TalkTalk key stakeholders.
  • Coordinating and running targeted pen tests. Identifying, prioritising and documenting remediation options for infrastructure and application vulnerabilities.
  • Code reviews, code profiling, load and scalability testing for applications, infrastructure and cloud.
  • Deep understanding of testing methodologies and attack vectors and championing technical knowledge sharing across the security team and wider business.
  • Drive cross-functional learning and development when it comes to testing across the security teams.
  • Support business projects in the form of offering a leading security testing service, including detailed scoping and reporting.
  • Support design activities to ensure solutions are compliant with relevant security policies, principles and standards.
  • Team management.
  • Resource planning & demand management.

Experience and Qualifications

  • 4+ years of in-depth hands-on security testing different technologies within the Web Application, Infrastructure and Cloud space.
  • A recognised qualification relating to Penetration Testing – CREST, Tiger Scheme, SANS, OSCP/OSCE
  • Scripting/Coding experience

As a recognised Top 50 Inclusive Employer in the UK, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.

We’re also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.

Does this job look right for you? Want to work your way?

Similar Jobs