Penetration Testing coordinator

Role Responsibilities

This Penetration Testing coordinator is an Individual Contributor role within the CSS VMIS Hive where there will be involvement in change-based initiatives that will enhance the Banks capabilities in Application and Infrastructure Vulnerability Management and cyber security risk reduction.

Penetration Testing Coordination

• Performs any functions, within scope of authority and expertise, to provide the highest level of service and responsiveness to the members served by the standard chartered
• Performs, coordinates and manages assigned penetration testing co-ordination responsibilities and projects to include the creation and/or maintenance of project activities, plans, project task implementation action items.
• Supports the Head of the Department in coordinating and preparing requested items for audits, examinations, scheduling independent third-party tests such as vulnerability scans, network penetration tests, as well as various risk assessments. Assists with remediation plans and coordinates follow-up activities.
• Coordinates the incoming project pipeline from business units, organizing and scheduling various meetings, creating well thought-out agenda's and actionable post-meeting minutes. Communicates to the Head of the department any project concerns or issues, potential project overruns for final resolution with others across the OU. In doing may complete an initial assessment of each project to gauge resource requirements, scope and complexity. Updates project status and related Heatmaps on a regular cadence.
• Works across different verticals and stakeholders in the bank to coordinate vendor managed Testing including setting an annual schedule of activities the extended team completes in including, but not limited to, updating risk assessment information, review of SOW documents, updating risk assessment information and other related forms. Updates all metadata (vendor names, addresses contract start, end renewals, etc.) which is used to manage the overall program across the CU. Adds new vendors and removing retired ones. Assists team and reports on progress throughout the year.
• Work with key stakeholders to gather, analyse requirements, and produce documentation to enable Pen Test scheduling to be agreed between application teams and external vendors.
• Build effective relationships and support Project team in defining remediation activities/solutions to address identified issues

Governance:

• Provide support to the Programme/Project Manager in assuring the delivery of the AIVM programme is in line with the Group's Standards, the System Development Framework and other applicable standards applicable to investment delivered change
• Regular status updates including tracking against requirements
• Support Project Manager on relevant governance related working group with updates on progress, issues and solutions and track to closure

Good to have skills:

• Experience in Evaluation and validation of information security technologies, including but not limited to: Firewalls, Intrusion Prevention Systems, Email Security Gateways, Web Security Gateways, Web Application Firewalls, Vulnerability Management Tools, Security Incident and Event Management Systems, Anti-malware Systems, Remote Access VPNs, and Encryption technologies
• Prior experience in handling end to end penetration testing project co-ordination for a large multinational bank or service organisation

Qualifications

• Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.
• 8-10 yrs of experience in relevant role , Penetration Testing Coordination, Business Analyst preferably in a Banking domain and with Cyber Security role (has basic understanding of Cyber & Information Security)
• Industry certifications will be a plus e.g. CISM, CEH, CISSP, SANS GIAC, GPEN, OCSP, CREST certifications