Penetration Tester Manager

The Hut Group ,
Manchester, Greater Manchester

Overview

Job Description

THG aims to be the Worlds leading Online Health & Beauty Destination. We are currently the UKs leading multi-website online retailer with rapidly growing global operations and a unique proprietary technology platform. With over 16 million customers worldwide and 400 million visits to our sites annually, we understand the importance of reliable technology and a data-driven expertise. Our software is the core of our business and enables the company to continue to grow and thrive. The Groups industry leading and proprietary technology platform powers its own consumer sites plus global media partners and brand owners, including: Nestle, P&G, Nintendo and the Daily Mail Group. We develop all of our own applications in-house with our Development Delivery Teams. In order to enable our Delivery Teams to continue to achieve, we are always looking for bright and intellectual people who are happy to push boundaries and really challenge the status quo. Led by world-class technologists with a diverse range of backgrounds ranging from Silicon Valley tech giants (Google, Amazon) through to Hedge funds and Algorithmic Trading Firms. You will be surrounded by highly intellectual and passionate colleagues, all with the common goal to help us grow this business globally, fast. Requirements Information Security is crucial to our business and our penetration team sits at the bleeding edge. Tasked with conducting penetration tests and red team exercises against THG global applications, networks and infrastructure you will be part of a diverse team leading the protection of the business. Team management is the primary function of the role, taking part in testing is secondary to the role. Responsibilities: * Manage the team of penetration testers. * Scheduling the teams testing engagement. * Liaise with product and system owners to scope and define penetration testing requirements. * Finalise test output to ensure they meet industry standard. * Conduct open source intelligence investigation on THG and its associated brands and organisations. * Keep up to date with latest technological developments and tools. * Perform penetration tests on web applications, mobile applications, APIs, internal applications, networks and servers. * Analyse the outcome of 3rd party penetration test reports * Make recommendations based upon your reports and 3rd party reports Attributes: * Candidates for the role should be self-motivated, logical thinking problem solver who is flexible and adaptive to a very busy work environment * Youll need to be organised, have an inquisitive nature but with a positive attitude and be eager to learn. Other desirables: * Good understanding of network protocols * Solid technical skills in both information security architecture and penetration testing * Ability to assess testing tools and deploy the right ones * Project planning skills * A solid understanding of ethical hacking * Scripting and programming experience is beneficial * Ability to explain findings to non-technical professionals * Excellent report writing and presentation skills * Customer facing skills and a proven track-record of building client relationships * Able to work independently but also as part of a team * Flexibility to change direction and manage conflicting demands * Outstanding organisational and data analytics skills Qualifications THG Infosec prefers experience over certifications, that said an experienced tester may have some of the following: * A degree in computer science/security * OSCP, CHECK, CREST * Experience with using NMAP, Burp, OpenVAS, NIkto, OSINT tooling Benefits * Competitive Salary * Youll be joining a growing, intelligent team that will drive business change * Youll have the opportunity to make an impact within the team, applying the skills and methodologies youve learnt * Youll be working for a company with an excellent culture, in a friendly and fast paced environment * Youll be able to react to change with backing from the business * You'll have the opportunity to solve complex business/technical problems