Senior Offensive Security Engineer

London

dunnhumby

Global leader in Customer data science, retail media and analytics, experts in working with brands, grocery retail, retail pharmacy, and retailer financial services.

View all jobs at dunnhumby

Apply now Apply later

dunnhumby is the global leader in Customer Data Science, empowering businesses everywhere to compete and thrive in the modern data-driven economy. We always put the Customer First.

 

Our mission: to enable businesses to grow and reimagine themselves by becoming advocates and champions for their Customers. With deep heritage and expertise in retail – one of the world’s most competitive markets, with a deluge of multi-dimensional data – dunnhumby today enables businesses all over the world, across industries, to be Customer First.

 

dunnhumby employs nearly 2,500 experts in offices throughout Europe, Asia, Africa, and the Americas working for transformative, iconic brands such as Tesco, Coca-Cola, Meijer, Procter & Gamble and Metro.

We’re looking for a Senior Offensive Security Engineer who expects more from their career. It’s a chance to extend and improve dunnhumby’s Information Security team. It’s an opportunity to work with a market-leading business to explore new opportunities for us and influence global retailers.

The ideal candidate will have a strong background in cyber security, with a focus on detection engineering and threat/attack simulation. The candidate will be responsible for developing, implementing, testing, and managing a range of detection and simulation tools and techniques to continuously improve our security capabilities.

What you’ll be working on

  • Conduct periodic validation testing (including, but not limited to, atomic testing, breach and attack simulations, adversary simulation exercises, purple teaming, tabletops, and penetration testing) to validate the effectiveness or identify security gaps and vulnerabilities in the organization's security controls
  • Analyse the results of testing and simulation exercises to identify gaps, trends and patterns, provide recommendations for improvement and follow them through to completion.
  • Identifying methods by which to detect specific attacks and threats identified in the wild
  • Work with other members of the security team to implement recommended improvements to the organization's security controls
  • Develop and maintain testing and simulation frameworks to ensure the continued effectiveness of the organization's security controls
  • Maintain up to date knowledge of the Cyber Security threat landscape, its associated Threat Intelligence, emerging threats, and attack techniques, for use in the testing exercises
  • Support the Vulnerability Management function in identifying, prioritising and escalating vulnerability remediation and reporting on its progress

What we expect from you

  • Experience in threat detection and validation, including atomic testing, breach and attack simulation, purple teaming and adversary simulation
  • Experience using common security testing and analysis tools such as Atomic Red Team, Caldera, Metta, Splunk Attack Range, APT Simulator, Mimikatz, Bloodhound, Cobalt Strike, Metasploit, Kali, Pentera and SafeBreach, Cymulate
  • Translating threat intelligence and TTPs into testing payloads as well as actionable detection logic for the Defensive Operations teams
  • Familiarity with the MITRE ATT&CK Framework

What you can expect from us

We won’t just meet your expectations. We’ll defy them. So you’ll enjoy the comprehensive rewards package you’d expect from a leading technology company. But also, a degree of personal flexibility you might not expect.  Plus, thoughtful perks, like flexible working hours and your birthday off.

You’ll also benefit from an investment in cutting-edge technology that reflects our global ambition. But with a nimble, small-business feel that gives you the freedom to play, experiment and learn.

And we don’t just talk about diversity and inclusion. We live it every day – with thriving networks including dh Gender Equality Network, dh Proud, dh Family, dh One and dh Thrive as the living proof.  We want everyone to have the opportunity to shine and perform at your best throughout our recruitment process. Please let us know how we can make this process work best for you. For an informal and confidential chat please contact stephanie.winson@dunnhumby.com to discuss how we can meet your needs. 

Our approach to Flexible Working

At dunnhumby, we value and respect difference and are committed to building an inclusive culture by creating an environment where you can balance a successful career with your commitments and interests outside of work.

We believe that you will do your best at work if you have a work / life balance. Some roles lend themselves to flexible options more than others, so if this is important to you please raise this with your recruiter, as we are open to discussing agile working opportunities during the hiring process.

For further information about how we collect and use your personal information please see our Privacy Notice which can be found (here)

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  3  0  0

Tags: Agile APT Cobalt Strike Kali Metasploit MITRE ATT&CK Offensive security Pentesting Privacy Red team Splunk Threat detection Threat intelligence TTPs Vulnerabilities Vulnerability management

Perks/benefits: Flex hours

Region: Europe
Country: United Kingdom

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.