Penetration Tester

We are looking for a Penetration Tester able to support the security operations centre on escalation and incident response, supporting the Cyber Resilience and Operations function.  

You will be part of a new penetration security testing service that will provide greater coverage of security testing for our infrastructure, applications, mobile devices, cloud platforms and endpoints that support regulatory, client and threat led requirements.

The responsibilities will include:  

• Offer global vulnerability assessment and penetration testing services, detecting system weaknesses and making recommendations for mitigation. 

• Design and perform penetration tests to simulate cyber-attacks with integration of threat and incidents into penetration testing priorities 

• Support cyber security incidents, predominantly in APAC, on escalation and in repsonse 

• Documentation of findings including detailed reports on test results 

• Develop and engineer penetration testing services, including automation scripts 

• Maintain security testing operating procedures 

• Support in delivery of initiatives to mature security controls, services and processes. 

• Support in the delivery of the Information Security strategy. 

• Support in the creation and delivery of security reporting and MI. 

• Support in the development and delivery of consistent global services that enable delivery of the business goals. 

What are we ideally looking for in a successful candidate:

• Technical knowledge of web applications, applications and infrastructure component e.g. cloud platforms, mobile devices, networks and infrastructure endpoints. Provide expertise of at least 1 key area. 

• Deep Exploit and Vulnerability Knowledge beyond automated approaches 

• Scripting and coding skills 

• Ideally with some experience of incident management and response, however, training will be provided 

• Strong operating system understanding and understanding of network protocols 

• Good knowledge of the practical implementation of information security and risk frameworks such as NIST CSF, ISO27001, NIST 800-53 and COBIT and good knowledge of auditing frameworks such as ISAE3402 and SOC2. 

• Proven ability to manage internal stakeholders through a journey of improving information security maturity. 

• Good ability to communicate information security and risk concepts to stakeholders at all levels. 

• Professional penetration testing security qualifications such as CEH (v12) - Certified Ethical Hacker; OSEP, OSCP 

What is in it for you?

• Be part of a highly successful, rapidly growing global business that is leading the delivery of financial services and partners with some of the world’s largest companies.

• Remuneration and career advancement is based on individual contribution and business impact rather than tenure or seniority.

• We provide significant financial rewards for high performing individuals.

• Global career opportunities for our best employees at any of our offices in the UK, Canada, Czech Republic, Australia, New Zealand, or China.

If this role appeals to you, please apply with your cover letter and CV by the 10th of March 2025.

*Please note we shortlist as we receive applications. We encourage early applications as we may withdraw advertising at any time.

more information, please reach out to us on apac_recruitment@fnz.com

About FNZ

FNZ is committed to opening up wealth so that everyone, everywhere can invest in their future on their terms. We know the foundation to do that already exists in the wealth management industry, but complexity holds firms back. 

We created wealth’s growth platform to help. We provide a global, end-to-end wealth management platform that integrates modern technology with business and investment operations. All in a regulated financial institution. 

We partner with over 650 financial institutions and 12,000 wealth managers, with US$1.5 trillion in assets under administration (AUA).

Together with our customers, we help over 20 million people from all wealth segments to invest in their future.