Excited to grow your career?
Any additional information you require for this job can be found in the below text Make sure to read thoroughly, then apply.
Our purpose is to make it easy for people to save and invest for a better future. We are looking for great people to join us, so please come and invest in YOUR future at HL.
We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you!
About the role
An exciting opportunity has arisen to join our Application and Offensive Security team as an Offensive Security Specialist on a Fixed Term Contract until 31st December 2025. You will act as a technical lead and SME for the delivery of offensive security testing services including penetration testing, red team and purple team engagements. The Offensive Security Specialist is required to deliver engagements as well as co-ordinate with third-party suppliers. The team is on a mission to perform an intelligently targeted and complimentary mix of both point-in-time and continuous testing. This will draw from best-in-class tactics and tooling throughout the lifespan of HL's products and services.
What you'll be doing
Performing offensive security tests on a variety of systems, to a high standard, on time.
Producing reports in a timely manner, to agreed standards.
Ensuring results go into issue trackers.
Building and maintaining test labs and methodologies.
Automating basic pen testing, or leveraging SDLC security tooling (e.g., SAST, DAST, SCA) to allow focus on more targeted, scenario-based manual testing.
Creating proof of concepts, demonstrating vulnerabilities to the wider business.
Maintaining knowledge / raising awareness of current vulnerabilities, tools, and exploitation techniques.
Ensuring that penetration tests performed by the team are effective and scoped correctly.
Acting as a go to person for technical and professional escalations.
Cultivating strong working relationships, being seen as an expert in cyber security.
Driving process improvements, using new technologies, streamlining processes, and maintaining consistency.
Contributing to the strategic direction of the team, with optimisation ideas.
About you
Experience in penetration testing.
Experience testing AWS, Web Applications, APIs and on-premise infrastructure.
Automation of pen testing techniques using a scripting language (e.g., Python).
Strong communicator with the ability to present to a varied range of audiences.
Appreciation of relationship of pen testing to security scanning (e.g., SAST, DAST, SCA).
Excellent understanding of offensive security testing techniques and tooling.
Awareness of relevant controls standards (e.g., Application Security Verification Standard).
Innovative thinker with ability to build out the maturity of the function.
Great tenacity with an enthusiasm for problem solving and learning.
Managing or mentoring other testers to grow their capability (desirable).
Current holder or previously held offensive security qualifications (e.g., CREST, Cyber Scheme, Tiger Scheme, OSCP).
Cloud/Cyber qualifications (e.g., AZ900, AWS, CISSP, CSSLP, CISM) (desirable).
Interview process
2 stage process consisting of competency and behavioural questions and an assessment task.
Working Schedule
This role is based in our Bristol head office, BS1 5HL. This is a permanent full-time role, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern of working in the office and at home.
Why us?
Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments.
To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.
What's on offer?
Discretionary annual bonus* and annual pay review
25 days* holiday plus bank holidays and 1-day additional Christmas closure
Option to purchase an additional 5 days holiday**
Flexible working options available, including hybrid working
Enhanced parental leave
Pension scheme up to 11% employer contribution
Income Protection and Life insurance (4 x salary core level of cover)
Private medical insurance*
Health care cash plans - including optical, dental, and out patientcare
Health screening programme
Help@hand - confidential support including mental health counselling and remote GP
Wellhub - unlimited access to fitness providers and wellness coach sessions
Variety of travel to work schemes with bike storage and shower facilities
Inhouse barista and deli serving subsidised coffee and sandwiches
Two paid volunteering days per year
* dependant on role level
** only available to select during our annual benefits window, in November each year
Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.
This role may also be available on a flexible working or part time basis - please ask the Recruitment & Onboarding team for more information.
Please note, we are unable to provide employment sponsorship to candidates.
TPBN1_UKTJ