Senior Penetration Tester
About the Role
The Vulnerability Testing team is part of Vulnerability Management within the National Grid's global Security Team. We support the Security Team's operations by identifying vulnerabilities and security issues via penetration testing assessments. We also identify real-world threats posing a genuine risk to National Grid via adversary emulation engagements; replicating behaviours of threat actors, assessed by Government and commercial intelligence providers. Your discoveries will enable National Grid to proactively adjust its defensive posture.
We are seeking an individual to take on a Senior Penetration Tester role with a core skill set of infrastructure testing. You will carry out penetration testing across a range of environments including infrastructure and web applications, covering National Grid's global business. In addition, you will lead in performing adversary emulation exercises based on Cyber Threat Intelligence and strategic objectives.
As part of the role, you will mentor junior members of the team and act as the SME for infrastructure assessments.
- Ideally we would like 3 - 5 years of experience Penetration Testing infrastructure and Active Directory environments.
- Experience of using Open Source and COTS tools for penetration testing which could include Nmap, Nessus, Metasploit, Kali Linux, Burp Suite Pro, PoshC2 and similar
- OSINT and social engineering engagement experience
- Adversary emulation experience
- Experience in common scripting languages such as Python, Ruby, LUA, PowerShell or BASH
- A good understanding of the OSI stack and the various protocols from layer 1 - 7 including SNMP, HTTP, VPN, 802.11.
- Good appreciation of other security roles such as Incident Response, Threat Intelligence, Vulnerability and Patch management, Risk, Audit, Security Awareness, and Security Architecture
- A good understanding of Cloud based architectures including Azure and AWS
- Excellent communication skills with the ability to communicate at a technical and business user level
- High reporting standards
- Strong attention to detail able to review and QA work of Peers
- Experience of working with the MITRE ATT&CK framework
You will also ideally have a formal certification in one of the following:
- Experience in web application testing
- Able to work in both waterfall and agile software delivery projects
- Good understanding of Industrial control systems including SCADA
- Good understanding of the Energy industry
- Computer Science, Mathematics, Engineering or Security related degree (or higher)
- Good understanding of automation of penetration testing activities.
- SANS GXPN
- CHECK Team Member
- CREST CERTIFIED Tester
- Other formal technical certifications i.e. Cisco, Microsoft, ISC2, CISS
National Grid touches the lives of almost everyone in the UK, with an energy network that stretches across the Atlantic. We're an international team, and our work underpins the lives of millions of people. Feet forwards, head up, and eyes bright, we're working hard to create value for people today - and shape the future of energy tomorrow.
In the UK, we don't generate or sell energy - we join the dots to get energy from A to B. From making a cup of tea in the morning, to keeping the lights on in hospitals, our electricity network puts power in the hands of people. Without it, the world as we know it would grind to a halt.
The world of energy is changing beyond recognition. Working at National Grid, you won't just be touching the lives of almost everyone in the UK - you'll be shaping the way we use and consume energy for generations to come.
Our values and principles
At National Grid, through listening to what our customers need, every day we do the right thing and find a better way.
As a National Grid employee, you'll treat our customers as a priority, taking time to listen and work with them to help give them the best experience we possibly can. You'll need to be proactive and flexible in your approach and continually look for ways to exceed their expectations - sometimes in unexpected and helpful ways. You'll provide accessible information when our customers need it and make things simple by using your expertise to guide them. Above all, you'll follow through on your promises to deliver value, drive efficiency and give them a great customer experience.
We offer inclusion and diversity training for everyone here at National Grid, with a view to building an inclusive working environment and developing all our employees. Training opportunities range from unconscious bias and reverse mentoring to targeted training initiatives which are tailored to support our diverse and innovative work force.
What You'll Get
A competitive salary dependent on capability
As well as your base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.
More InformationThis advert closes on 14th April at 11:59PM
We encourage candidates to submit their applications as early as possible and not to wait until the published closing date. National Grid's recruitment periods can and may vary. We reserve the right to remove this advert or close it to further applications at any point during the recruitment process.
At National Grid, we work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.
Our goal is to drive, develop and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives and business need. We are committed to building a workforce so we can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.
This job was originally posted as www.cwjobs.co.uk/job/92300996