Senior Manager - Attack Surface Management

Security is a top priority at ING Australia, and our security team plays a crucial role in enabling the entire organization to operate in a safe and secure manner. We are currently seeking an experienced leader in Attack Surface Management and Offensive Security domain to join our Technology security team, reporting directly to our CISO.

As a passionate team player, you will help by managing the penetration testing, red team and attack surface management functions to identified security vulnerabilities and support with addressing them.

This is a newly created role and provide you an unique opportunity to define this function and make a significant impact.

If you are ready to take on a new challenge and possess the skills we're looking for, we want to hear from you.

What you’ll do 

• Build and lead a team of penetration testers to execute penetration and red team testing,  identify gaps and manage the risks.
• Identify and exploit security weaknesses, document findings, and recommend effective remediation strategies.
• Develop comprehensive strategies to uncover and exploit technical or operational vulnerabilities.
• Create innovative testing solutions for scenarios with incomplete information or no precedents.
• Determine appropriate testing levels and scope based on system requirements.
• Understand and apply security solutions, architecture, DevSecOps, and security in hybrid multi-cloud environments.
• Work independently or lead a team of technical testers in penetration testing and red team engagements.
• Simulate advanced persistent threats (APT) to test and improve security measures.
• Collaborate with system owners, developers, and engineers to explain and remediate identified vulnerabilities.
• Conduct code reviews, security assessments, and cloud assessments to ensure robust security practices.

What we’re looking for

• 5+ years' experience leading Offensive security and penetration testing teams.
• Proven experience and capability building Offensive Security and Penetration Testing functions at the highest standards.
• Good understanding for security solutions, security architecture, DevSecOps and security in hybrid multi-cloud environment
• Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
• Experience in simulating advanced persistent threats (APT).
• Ability to work closely with system owners, developers, engineers and/or project teams to explain vulnerabilities identified to aid in their remediation
• Experience in Code Review and Security Assessment and Cloud Assessments
• Tertiary or advanced industry qualifications in offensive security (i.e. OSEP/OSCE)

What’s in it for you?

• Drop everything and learn with over 16,000 professional and personal development courses to choose from
• Discounted ING Health Insurance
• An additional Rest Day to support your wellbeing.
• An IMPACT Day to volunteer on approved sustainability activity.

About Us

At ING, we want to make life simpler and more worthwhile – for everyone who banks with us, for the people who work with us, and the community at large, too. 
 
When you come to work at ING, you’re joining a team where individuality isn’t just accepted, it’s encouraged. We’ve built a culture that’s fun, friendly and supportive – it’s the kind of place where you can be yourself and make the most of whatever you have to offer. 
 
We give people the freedom to think differently, take ownership of their work, and make great things happen. We’re here to help you get ahead. And with our global network, there’s plenty of scope to take your career in new directions, perhaps even ones you’ve never considered. 
 
We are all about celebrating success and as a result we are proud to be a WGEA Employer of Choice for Gender Equality and a certified Family Inclusive workplace.  
 
Sound like the kind of place you’d feel at home? We’d love to hear from you. 
 
(One last thing, ING operates a direct talent sourcing model. So, no agency introductions, please.) 

Applications close 21st September 2024
 
Before you apply 

Here at ING we consider employee development to be important and encourage existing employees to apply for suitable internal positions. It is expected that any employee applying for a vacant position would have been in their current role for a minimum of twelve (12) months before applying. This may be waived in special circumstances and after consultation with your manager  

Still in two minds?

At ING, we know that diversity drives innovation. Research reveals that 60% of women and underrepresented groups may pause at this stage, even after starting their application. Don’t miss out on the opportunity to bring your unique perspective to our team - submit your application today!