At a Glance
- Tasks: Lead and evolve the security testing programme, managing relationships and overseeing penetration testing.
- Company: Dynamic cyber security firm focused on innovation and collaboration.
- Benefits: Up to £70k salary, hybrid work, professional development support, and annual bonus.
- Other info: Opportunity for career growth across various security disciplines.
- Why this job: Shape the future of security testing while maintaining technical involvement and influence.
- Qualifications: Strong cyber security experience and stakeholder management skills required.
The predicted salary is between 70000 - 70000 £ per year.
Cyber Security Testing Lead - £70k Hybrid (up to 2 days per week in the office) | Permanent | Bonus Scheme
Shape the Future of Security Testing
Are you an experienced cyber security professional who enjoys the technical side of penetration testing and vulnerability management, but wants to move beyond purely hands-on testing? This is an opportunity to lead and mature a security testing capability across a complex and business-critical technology estate. You'll work at the intersection of security testing, vulnerability management, stakeholder engagement and governance—helping ensure that testing programmes are effective, scalable and aligned to evolving business risk.
Rather than spending your days conducting penetration tests yourself, you'll be the person defining what needs testing, engaging specialist testing providers, validating findings, driving remediation and helping embed security into projects and technology change initiatives. This role would particularly suit someone coming from a Senior Penetration Tester, Security Testing, Application Security, Security Engineering or Vulnerability Management background who wants broader ownership and influence.
What You'll Be Doing
- Own and evolve the organisation's security testing programme.
- Scope, coordinate and oversee penetration testing across applications, infrastructure and cloud environments.
- Manage relationships with specialist third-party penetration testing providers.
- Review findings and work with technical teams to ensure effective remediation.
- Validate remediation activities and provide technical challenge where required.
- Help integrate security testing into the Secure Software Development Lifecycle (SSDLC).
- Provide oversight of vulnerability assessment activities and scanning programmes.
- Work closely with infrastructure, engineering, development and project teams.
- Identify opportunities to expand and improve testing coverage across critical systems.
- Mentor colleagues and help improve technical security understanding within the wider security function.
What We're Looking For
You'll bring a blend of technical credibility and stakeholder management capability.
Essential Experience
- Strong cyber security experience within testing, security engineering, application security or vulnerability management.
- Experience managing or coordinating penetration testing activities.
- Ability to understand, interpret and challenge penetration testing findings.
- Experience driving remediation activities across technical teams.
- Strong understanding of vulnerability management processes.
- Ability to communicate complex technical risks to non-technical audiences.
- Experience working with multiple stakeholders across technology functions.
Desirable Experience
- Cloud security testing exposure (particularly Azure).
- Vulnerability management tooling such as Tenable, Pentera or similar.
- Experience with SSDLC, SAST and DAST processes.
- Threat modelling experience.
- Security certifications such as OSCP, CEH, CISSP, CREST or equivalent technical certifications.
- Equivalent certifications will be considered.
Why This Role Is Different
This isn't a traditional penetration testing role. All formal penetration testing is delivered by accredited third-party providers, giving you the opportunity to focus on:
- Security testing strategy
- Programme ownership
- Stakeholder engagement
- Vendor management
- Vulnerability governance
- Security improvement initiatives
You'll help shape the future direction of the security testing capability while maintaining enough technical involvement to stay close to the detail.
What's In It For You?
- UP TO £70,000 Basic Salary
- Hybrid working (up to 2 days per week in the office)
- No on-call requirement
- Exposure to large-scale transformation programmes
- Opportunity to build and mature security testing capabilities
- Support for professional development and certification maintenance
- Opportunity to attend industry events and professional communities
- Annual bonus scheme
- Exposure across Security Engineering, Security Operations, Security Architecture and GRC disciplines, creating multiple future career pathways.
For immediate consideration, apply today.
Security Testing Lead employer: identifi Global Resources
Join a forward-thinking organisation that prioritises innovation and professional growth in the field of cyber security. As a Security Testing Lead, you'll benefit from a hybrid working model, competitive salary, and a supportive environment that encourages continuous learning and development. With opportunities to engage in large-scale transformation programmes and collaborate across various security disciplines, this role offers a unique chance to shape the future of security testing while advancing your career.
StudySmarter Expert Advice🤫
We think this is how you could land Security Testing Lead
✨Tip Number 1
Network like a pro! Reach out to your connections in the cyber security field, especially those who are already in roles you’re eyeing. A friendly chat can lead to insider info about job openings or even referrals.
✨Tip Number 2
Show off your expertise! Attend industry events or webinars related to security testing and vulnerability management. Engaging with others in the field not only boosts your knowledge but also puts you on the radar of potential employers.
✨Tip Number 3
Tailor your approach! When reaching out to companies, especially through our website, make sure to highlight how your experience aligns with their needs. Mention specific skills like managing penetration testing activities or driving remediation efforts.
✨Tip Number 4
Don’t shy away from follow-ups! After interviews or networking chats, drop a quick thank-you note. It keeps you fresh in their minds and shows your enthusiasm for the role. Plus, it’s a great way to reiterate your interest in shaping their security testing capabilities.
We think you need these skills to ace Security Testing Lead
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that align with the Security Testing Lead role. Highlight your experience in penetration testing, vulnerability management, and stakeholder engagement to show us you're the right fit.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about security testing and how your background makes you a great candidate. Be sure to mention any relevant certifications or experiences that set you apart from the crowd.
Showcase Your Technical Skills:In your application, don't shy away from discussing your technical expertise. Whether it's your experience with cloud security testing or vulnerability management tools, we want to see how you can contribute to our security testing programme.
Apply Through Our Website:For the best chance of getting noticed, make sure to apply directly through our website. This way, your application will go straight to our hiring team, and you'll be one step closer to joining us at StudySmarter!
How to prepare for a job interview at identifi Global Resources
✨Know Your Stuff
Make sure you brush up on your technical knowledge related to penetration testing and vulnerability management. Be ready to discuss specific tools you've used, like Tenable or Pentera, and how they fit into the security testing landscape.
✨Showcase Your Leadership Skills
Since this role involves programme ownership and stakeholder engagement, prepare examples of how you've led teams or projects in the past. Highlight your experience in managing relationships with third-party providers and driving remediation activities.
✨Communicate Clearly
Practice explaining complex technical concepts in simple terms. You'll need to convey risks to non-technical audiences, so think of ways to make your explanations relatable and straightforward.
✨Ask Insightful Questions
Prepare thoughtful questions about the company's security testing strategy and how they integrate security into their software development lifecycle. This shows your genuine interest in the role and helps you assess if it's the right fit for you.
