Tandem Bank
We're building the UK's greener, digital bank. From award-winning savings accounts to finance for green products, we can help your pocket and the planet – in tandem.
Job Title: Senior Penetration Tester
Working Pattern: Monday to Friday, 36.25 hours per week
Salary: £80,000-£90,000 + up to 20% bonus
Location: Flexible – Embrace fully remote or hybrid work from any of our vibrant UK offices in London, Cardiff, Durham, Manchester, or Blackpool.
At Tandem, we're not just a bank; we're a movement for positive change. If you're an ambitious and dedicated Senior Penetration Tester ready to make an impact, we've got a space with your name on it!
The primary responsibility of the Senior Penetration Tester is to lead and execute comprehensive penetration testing activities across various digital platforms and environments. This role will encompass testing web applications, APIs, mobile applications, network infrastructure, and cloud platforms (AWS and Azure). Additionally, the role will involve contributing to the overall security strategy, particularly focusing on offensive and defensive security operations, threat intelligence and modelling.
The successful candidate will play a critical role in improving Tandem Bank’s security posture, working collaboratively with Security Operations to identify, mitigate, and remediate vulnerabilities, and assist in refining security protocols and best practices.
Key Responsibilities:
* Conduct penetration tests on web applications, APIs, and mobile applications (Android & iOS).
* Perform infrastructure security assessments of network environments and cloud platforms (AWS & Azure).
* Review Firewall and Switch rules and ACLs.
* Lead in Red Team exercises to assess defensive measures and identify security weaknesses.
* Execute social engineering campaigns, including complex phishing simulations and physical security tests.
* Collaborate with internal teams to define remediation strategies for identified vulnerabilities.
* Stay updated on the latest security trends, vulnerabilities, and penetration testing methodologies.
* Contribute to the development of security processes, procedures, and best practices to strengthen the security posture of Tandem Bank.
* Prepare detailed reports for both technical teams and executive stakeholders, articulating vulnerabilities, and recommended remediation.
Required Experience:
Extensive experience in penetration testing across:
* Web Application & API Testing
* Mobile Application Security Testing (Android & iOS)
* Network Infrastructure Testing
* Cloud Security Testing (AWS & Azure)
* Proven track record in leading Red Team engagements.
* Strong knowledge of social engineering tactics and experience in executing complex phishing and physical assessments.
* Experience with Digital Forensics and Threat Intelligence integration.
* Ability to collaborate effectively with cross-functional teams and stakeholders.
* Strong understanding of attack vectors, threat landscapes, and security best practices.
Desirable Certifications:
* OSCP (Offensive Security Certified Professional)
* OSCE (Offensive Security Certified Expert)
* CREST CRT (Certified Registered Tester)
Desired Qualities:
* Strong analytical and problem-solving skills.
* Excellent verbal and written communication abilities, particularly in conveying complex technical findings to non-technical stakeholders.
* A passion for cybersecurity and continuous learning.
Ready to make your mark?
Apply now and let's pave the way to a greener world, together. Our approach to DE&I is reflected in our hiring process so please let us know if you require any reasonable adjustments.
#J-18808-Ljbffr