Lead Penetration Tester

FNZ (Uk) Ltd
London
1 month ago
Applications closed

Related Jobs

View all jobs

Senior Cyber Security Consultant

Lead Software Security Engineer

Lead Security Engineer - Chase UK

Lead Security Engineer (Cloud Security & Compliance)

Cloud Lead Security Engineer - Greenfield Project

Application Lead Security Engineer - Greenfield Project

Role Description
At FNZ, our purpose is to make wealth management more accessible, bringing easier, fairer and more inclusive solutions to people worldwide. Here in the Global Cyber & Information Security team, we are on a mission to embed cyber resilience across FNZ, protecting the platforms that support investment solutions for over 20 million people.
We are looking for a lead Penetration Tester, reporting within the Cyber Resilience and Operations function. You will be responsible for the creation and oversight of a new penetration security testing service that will provide greater coverage of security testing of our infrastructure, applications, mobile devices, cloud platforms and endpoints that support regulatory, client and threat led requirements. The service will use a mix of internal resource and 3rd parties.
You will be qualified as a penetration testing expert and will have security subject matter expertise, knowledge of the cybersecurity landscape, knowledge and experience following a variety of industry recognised information security frameworks, experience in interpreting and implementing client and regulatory requirements, coupled with an ability to communicate effectively to stakeholders of all levels.
You will also have proven oversight and development of a small team of penetration testers and use of 3rd party testing services.

Specific Role Responsibilities

  1. Offer global vulnerability assessment and penetration testing services, detecting system weaknesses and making recommendations for mitigation.
  2. Design and perform penetration tests to simulate cyber-attacks with integration of threat and incidents into penetration testing priorities.
  3. Documentation of findings including detailed reports on test results.
  4. Develop and engineer penetration testing services, including automation scripts.
  5. Train colleagues on penetration testing techniques; providing oversight of penetration testing results.
  6. Maintain security testing operating procedures.
  7. Support in delivery of initiatives to mature security controls, services and processes.
  8. Support in the delivery of the Information Security strategy.
  9. Support in the creation and delivery of security reporting and MI.
  10. Support in the development and delivery of consistent global services that enable delivery of the business goals.

Experience requiredPrimary requirements

  1. Proven technical knowledge of web applications, applications and infrastructure components e.g. cloud platforms, mobile devices, networks and infrastructure endpoints.
  2. Deep Exploit and Vulnerability Knowledge beyond automated approaches.
  3. Scripting and coding skills.
  4. Strong operating system understanding and understanding of network protocols.
  5. Proven line management.
  6. Good knowledge of the practical implementation of information security and risk frameworks such as NIST CSF, ISO27001, NIST 800-53 and COBIT and good knowledge of auditing frameworks such as ISAE3402 and SOC2.
  7. Experience in developing and managing formal security documents.
  8. Proven ability to manage internal stakeholders through a journey of improving information security maturity.
  9. Good ability to communicate information security and risk concepts to stakeholders at all levels.
  10. Professional penetration testing security qualifications such as CEH (v12) - Certified Ethical Hacker course.

About FNZ Culture

Our culture is what drives us. It's at the heart of who we are and everything we do. It's what inspires, excites and moves us forward. Our ambition is to create a culture for growth, one that opens up limitless opportunities for our employees, customers and the wider world. At FNZ we know that great impact is only possible with great teamwork. That’s why we value the strength and diversity of thought in our global team. The FNZ Way is the cornerstone of what we do. It is comprised of four values that set the standard for how everyone at FNZ interacts with each other, with our customers, and with all our diverse stakeholders around the world.

  1. Customer obsessed for the long-term.
  2. Think big and make an impact.
  3. Act now and own it all the way.
  4. Challenge, commit and win together.

Read more about The FNZ Way and our values: www.fnz.com/culture

Opportunities

  1. Right from day one, you will work alongside exceptional, multicultural teams - experts in their respective fields - who will inspire and challenge you to make your greatest impact.
  2. Be part of a highly successful, rapidly growing, global business that is leading the delivery of financial services via cloud computing and partners with some of the world’s largest companies.
  3. Working in a flexible and agile way that meets the needs of the business and personal circumstances.
  4. Remuneration, significant financial rewards and career advancement is based on individual contribution and business impact rather than tenure or seniority.
  5. We provide global career opportunities for our best employees at any of our offices in the UK, EU, US, Canada, South Africa and APAC.

Commitment to Equal Opportunities

At FNZ, we recognise that diversity, equity and inclusion are important factors contributing to our success. We embrace the unique perspective and capabilities of our current and future employees, which will help us continue to drive innovation and achieve our business goals. Recruitment decisions at FNZ are made in a non-discriminatory manner without regard to gender, ethnicity/race, faith, age, nationality, gender identity, sexual orientation, marital status, socio-economic background, disability or military veteran status where all applicants and employees are valued and respected.

In addition, we want to ensure accessibility needs are well supported, if you require specific support please advise us.

About FNZ

FNZ is committed to opening up wealth so that everyone, everywhere can invest in their future on their terms. We know the foundation to do that already exists in the wealth management industry, but complexity holds firms back. We created wealth’s growth platform to help. We provide a global, end-to-end wealth management platform that integrates modern technology with business and investment operations. All in a regulated financial institution. We partner with over 650 financial institutions and 12,000 wealth managers, with US$1.5 trillion in assets under administration (AUA). Together with our customers, we help over 20 million people from all wealth segments to invest in their future.

#J-18808-Ljbffr

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

Jobs Careers

Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market. If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats. To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd. If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

Jobs

Negotiating Your Cybersecurity Job Offer: Equity, Bonuses & Perks Explained

How to Secure Compensation That Reflects Your Value in the UK’s High-Stakes Cybersecurity Sector Introduction As cyber threats grow more sophisticated and frequent, cybersecurity professionals have never been more in demand. From thwarting ransomware attacks to architecting secure cloud infrastructures, mid‑senior cybersecurity experts play a critical role in safeguarding a company’s data and reputation. Thanks to this growing reliance on cybersecurity, employers in the UK are going above and beyond simple salary offers to attract the top echelon of talent. Although base salary remains a key component of any job offer, the broader package—encompassing equity, bonuses, and perks—can often surpass what you’d gain from a small bump in monthly pay. For cybersecurity specialists working in areas such as threat intelligence, incident response, penetration testing, or compliance, the complexity and risk mitigation you bring to the table is massive. Knowing how to negotiate the entire package ensures you are duly rewarded for keeping an organisation’s data, assets, and operations safe. In this guide, we’ll delve into every aspect of negotiating a cybersecurity job offer. Whether you’re pivoting to a mid‑senior role or cementing your expertise at an established security consultancy, understanding the full range of compensation elements will help you secure an offer that acknowledges the criticality of what you do. Let’s explore equity options, performance bonuses, and the perks that matter most, so you can come out of your next job negotiation confident that you’re getting more than just a salary.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.