Senior Security Tester, Purple Team (Poland, India, Malaysia)

Job Description

Purple Team is a function designed to enhance the Bank’s ability to respond to cyber threats as well as bridge between the attack and defence teams. We continuously leverage cyber threat intelligence to conduct adversary emulations and collaborate with defence teams, to maximize their respective and combined effectiveness. We are passionate about our work, we have various and different adversary simulations experience, we are focused on the needs of our stakeholders.

The Purple Team Senior Security Tester is a permanent role that requires knowledge and experience in offensive cyber security testing and defensive cyber security procedures and analytics.

Key Responsibilities

• Contribution in planning, execution and evaluation of Purple Team exercises (emulation of Tactics, Techniques and Procedures).
• Review and challenge red and blue teams’ metrics and reports.
• Contribution to Purple Team methodology and tooling development.
• Supporting the definition, implementation and maintenance of collaboration and information sharing framework between technical ‘red’ (offence) and ‘blue’ (defence) teams.
• Working across the Bank and in collaboration with the red and blue teams, business and technology to design and implement best practices including adherence to Bank’s policies and standards for proactively ensuring new products and services are rolled out in a vulnerability free manner.
• Review and challenge the quality assurance process that provide assurance over the quality of third parties engaged by the organisation occasionally for regulatory purposes.
• Provides existing infrastructure and application teams detailed solutions or mitigation steps for vulnerabilities found.
• Ensure that all the risk management controls (team, project and infrastructure level) are in place and effective to ensure testing is conducted in a controlled manner, any business impact is kept within risk appetite.
• Ensure testing is conducted in line with the Bank policies and Purple Team operating procedure, agreed project rules of engagement and scope of project;
• Provide relevant planning documents (long term program, project backlog and project level documentation) information flows and protocols are in place documenting Purple Team activities.
• Engaging closely with cyber threat intelligence throughout the testing cycle.
• Keeping oversight on stress test issue management.
• Maximizing of Blue team’s learning experience.
• Supporting and providing oversight (e.g. as White Team) for offensive testing (e.g. if other functions/business run it).
• Develop and maintain an expert knowledge within the team of technology and industry trends in relation to business requirements and direction to the Group.
• Continuous development and conducting research on new attack techniques.
  
  

Skills and Experience

• In-depth, hands-on working knowledge in security penetration testing, red or purple teaming, technologies and operational experience in a global environment. At least 1+ year experience in Purple Teaming (breach & attack simulations) OR 2+ years’ experience in Red Teaming OR 4+ years’ experience in one of the areas: web, infrastructure and mobile application security testing.
• Deep knowledge of threat and vulnerability landscape including malware, emerging threats, attacks and vulnerability management.
• Hands on experience and deep understanding of security penetration testing and Red Team processes, technologies and industry frameworks (eg. MITRE ATT&CK, CBEST).
• Deep understanding of scenario-based testing based on threat actor behaviours described by Tactics, Techniques and Procedures (TTPs).
• Hands on experience of leveraging specific TTPs to conduct security testing.
• Web/Mobile applications, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing, scanning.
• Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
• Experience in working with cross-border teams, preferably in the Financial Services industry.
• Fundamental skills of Task prioritization, Time management, Customer focus.
• Detailed oriented, Strong deductive reasoning, critical thinking and problem-solving skills.
• Ability to work in a fast-paced team environment.
• Excellent oral/written communication skills for articulating thoughts clearly with stakeholders ranging from engineers to senior business management.
• Possess some familiarity with languages such as C /C# / C++, and one/or more of the scripting languages, e.g. Python, PowerShell or shell scripting;
• Self-starting, organized, proactive, and requiring minimal management oversight is nice to have.
• Proven ability to manage diverse stakeholder expectations is nice to have.
• Certification: OSCP, OSCE, GPEN, CREST is preferred.
  
  

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.