Lead Penetration Tester

Role Description 

At FNZ, our purpose is to make wealth management more accessible, bringing easier, fairer and more inclusive solutions to people worldwide. Here in the Global Cyber & Information Security team, we are on a mission to embed cyber resilience across FNZ, protecting the platforms that support investment solutions for over 20 million people. 

We are looking for a lead Penetration Tester, reporting within the Cyber Resilience and Operations function. You will be responsible for the creation and oversight of a new penetration security testing service that will provide greater coverage of security testing of our infrastructure, applications, mobile devices, cloud platforms and endpoints that support regulatory, client and threat led requirements. The service will use a mix of internal resource and 3rd parties. 

You will be qualified as a penetration testing expert and will have security subject matter expertise, knowledge of the cybersecurity landscape, knowledge and experience following a variety of industry recognised information security frameworks, experience in interpreting and implementing client and regulatory requirements, coupled with an ability to communicate effectively to stakeholders of all levels.  

You will also have proven oversight and development of a small team of penetration testers and use of 3rd party testing services. 

Specific Role Responsibilities  

• Offer global vulnerability assessment and penetration testing services, detecting system weaknesses and making recommendations for mitigation. 

• Design and perform penetration tests to simulate cyber-attacks with integration of threat and incidents into penetration testing priorities 

• Documentation of findings including detailed reports on test results 

• Develop and engineer penetration testing services, including automation scripts 

• Train colleagues on penetration testing techniques; providing oversight of penetration testing results 

• Maintain security testing operating procedures 

• Support in delivery of initiatives to mature security controls, services and processes. 

• Support in the delivery of the Information Security strategy. 

• Support in the creation and delivery of security reporting and MI. 

• Support in the development and delivery of consistent global services that enable delivery of the business goals. 

Experience required 

Primary requirements 

• Proven technical knowledge of web applications, applications and infrastructure component e.g. cloud platforms, mobile devices, networks and infrastructure endpoints 

• Deep Exploit and Vulnerability Knowledge beyond automated approaches 

• Scripting and coding skills 

• Strong operating system understanding and understanding of network protocols 

• Proven line management 

• Good knowledge of the practical implementation of information security and risk frameworks such as NIST CSF, ISO27001, NIST 800-53 and COBIT and good knowledge of auditing frameworks such as ISAE3402 and SOC2. 

• Experience in developing and managing formal security documents. 

• Proven ability to manage internal stakeholders through a journey of improving information security maturity. 

• Good ability to communicate information security and risk concepts to stakeholders at all levels. 

• Professional penetration testing security qualifications such as CEH (v12) - Certified Ethical Hacker course 

About FNZ Culture  

Our culture is what drives us. It's at the heart of who we are and everything we do. It's what inspires, excites and moves us forward. Our ambition is to create a culture for growth, one that opens up limitless opportunities for our employees, customers and the wider world. At FNZ we know that great impact is only possible with great teamwork.  

That’s why we value the strength and diversity of thought in our global team.  

The FNZ Way is the cornerstone of what we do. It is comprised of four values that set the standard for how everyone at FNZ interacts with each other, with our customers, and with all our diverse stakeholders around the world. 

1. Customer obsessed for the long-term 

2. Think big and make an impact  

3. Act now and own it all the way 

4.Challenge, commit and win together 

Read more about The FNZ Way and our values: www.fnz.com/culture 

Opportunities 

• Right from day one, you will work alongside exceptional, multicultural teams - experts in their respective fields - who will inspire and challenge you to make your greatest impact.  

• Be part of a highly successful, rapidly growing, global business that is leading the delivery of financial services via cloud computing and partners with some of the world’s largest companies; 

• Working in a flexible and agile way that meets the needs of the business and personal circumstances;  

• Remuneration, significant financial rewards and career advancement is based on individual contribution and business impact rather than tenure or seniority; 

• We provide global career opportunities for our best employees at any of our offices in the UK, EU, US, Canada, South Africa and APAC. 

Commitment to Equal Opportunities  

At FNZ, we recognise that diversity, equity and inclusion are important factors contributing to our success. We embrace the unique perspective and capabilities of our current and future employees, which will help us continue to drive innovation and achieve our business goals. Recruitment decisions at FNZ are made in a non-discriminatory manner without regard to gender, ethnicity/race, faith, age, nationality, gender identity, sexual orientation, marital status, socio-economic background, disability or military veteran status where all applicants and employees are valued and respected.  

In addition, we want to ensure accessibility needs are well supported, if you require specific support please advise us. 

About FNZ

FNZ is committed to opening up wealth so that everyone, everywhere can invest in their future on their terms. We know the foundation to do that already exists in the wealth management industry, but complexity holds firms back. 

We created wealth’s growth platform to help. We provide a global, end-to-end wealth management platform that integrates modern technology with business and investment operations. All in a regulated financial institution. 

We partner with over 650 financial institutions and 12,000 wealth managers, with US$1.5 trillion in assets under administration (AUA).

Together with our customers, we help over 20 million people from all wealth segments to invest in their future.