Penetration Tester

**Job Title**: Penetration Tester

**Location**:Pune

**About Barclays**

**Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.**

**Risk and Control Objective**

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.

**Working Flexibly**

We’re committed to providing a supportive and inclusive culture and environment for you to work in. This environment recognises and supports ways to balance your person al needs, alongside the professional needs of our business. Providing the opportunity for all our employees, globally to work flexibly empowers each of us to work in a way that suits our lives as well as enabling us to better service our customers’ and clients’ needs. Whether you have family commitments or you’re a carer, or whether you need study time or wish to pursue personal interests, our approach to working flexibly is designed to help you balance your life.

If you would like some flexibility then please discuss this with the hiring manager.

**Introduction**:
CASS are looking for a motivated, technically minded individual to join our expanding penetration testing team. As a senior penetration testing team member you will be expected to:

- Lead and manage complex assessments independently or with different size teams.
- Work collaboratively with a variety of internal and external stakeholders to deliver high quality penetration tests.
- Provide reports which highlight and clearly articulate vulnerabilities and weaknesses to clients in terms they understand.
- Contribute and lead strategic team activities outside of normal BAU testing to raise the security posture across the organisation.
- Work within virtual teams of security and technical specialists to ensure quality delivery of leading security assurance services to our internal clients.
- Innovate towards the goal of establishing novel security assurance services and the enhancement of existing services.

**What will you be doing?**
- **Penetration Testing**
- Maintain relevant skills with which to conduct penetration testing in a number of the following domains to a significant degree of depth:

- Application
- Infrastructure
- Mobile (iOS, Android)
- Code review
- Cloud
- Iot
- Work independently or lead any size team on penetration tests
- Work with global team and external entities to lead and deliver Security Assurance services
- Analyse and review security issues identified
- Have superior time management and organizational skills to undertake multiple critical supportive and advisory tasks concurrently
- Supplement automated assessment techniques with manual security assessment approaches
- Communicate security issues identified and mitigation/remediation options to development community
- Generation of clear and concise reports
- Have a superior ability to articulate technical concepts to non-technical business owners and management
- Provide regular assessment progress updates that include sufficient detail to convey work completed and upcoming activities
- Possess an entrepreneurial attitude to excel in loosely defined scenarios
- On occasion, work outside of regular business hours to support BAU business requirements
- **Research and Development**
- Research new and emerging threats, counter controls and technologies affecting various platforms
- Innovate in collaboration with security focused development teams to implement and enhance proprietary Barclays security technologies
- Build upon the existing service request model, processes and supporting technologies

**What we’re looking for**:

- Understanding of the security mechanisms associated with Applications, Operating Systems, Networks, Databases, Virtualisation and Cloud technologies
- Wider SDL activities such as threat/attack modelling and design review
- Understanding of network security architecture

**Skills that will help you in the role**:

- Strong knowledge of information security frameworks and standards
- Good understanding of security strategies and technologies
- Experience creating innovative solutions and responding to information security incidents
- CREST/OSCP/SANS or equivalent pentesting certification

**Where will you be working?**

Pune

**Be More at Barclays**

Interested and want to know more about Barclays? Visit home.barclays/who-we-are/ for more details.

**Purpose, Values and Mindset**

We deploy finance responsibly to support people and businesses, acting with empathy and integrity, championing innovation and sustainability, for the com