Senior Specialist| Security Penetration Testing

Senior Specialist, Security Penetration Testing-(220002886+)

Job
:Operations

Primary Location
:Asia-India-Bangalore

Schedule
:Full-time

Employee Status
:Permanent

Posting Date
:17/Nov/2024, 1:10:34 AM

Unposting Date
:Ongoing

Roles and Responsibility
• Planning targeted and intelligence led project/BAU penetration testing. This will include certifying SC platform builds through a robust testing methodology and process
• Scheduling/planning regulatory related penetration testing activities
• Delivering quality assurance over the quality of third parties as well as internal team engaged by SC
• Learn and practice alongside more experienced team of pentesters to identify areas of development, learn penetration testing
• Deliver continuous improvement through process re-engineering, technology transformation, integration and exploitation to deliver optimised yet robust services to mitigate threats to the Bank

Our Ideal Candidate
• Industry certifications will be a plus e.g. CEH CISSP, SANS GIAC, GPEN, OCSP, CREST certifications. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.

Role Specific Technical Competencies
• Between 1 - 4 years of hands-off knowledge in security penetration testing, vulnerability management , technologies and Operational experience in a global environment. Core

Working knowledge in :
• Security penetration testing and Red Team processes, technologies and industry frameworks (eg CREST)
• Knowledge of tactics, techniques, and procedures that could be used for recon, persistence, lateral movement, and ex-filtration
• The threat and vulnerability landscape including malware, emerging threats, attacks and vulnerability management
• Application, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing, scanning
• Programming languages such as C /C# / C++, Java, or Assembly and one/or more of the scripting languages, e.g. Perl, Python, PowerShell or shell scripting
• Application, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing and scanning
• Writing and demonstrating proof of concept work from an exploitation or attack perspective
• Building and employing modules and tailored payloads for common testing frameworks or tools
• Networking topologies, protocol usage, and enterprise hardware including switches, routers, firewalls and their roles in security
• Access control methodologies, network / host intrusion detection, vulnerability management tools, patch management tools, penetration testing tools, and AV solutions
• Infiltration of physical systems such as social engineering, and hardware authentication bypass
• Hardware hacking or building custom hardware for the purpose of exploitation Core
• Experience in working with cross-border teams, preferably in the Financial Services industry.Advanced
• Broad understanding of security related regulatory requirements from MAS, HKMA, RBI, PRA and DFSNY Entry
• Fundamental skills of Task prioritization, Time management, Customer focus.Advanced
• Detailed oriented, Strong deductive reasoning, critical thinking and problem solving skills Advanced
• Ability to work in a fast-paced team environment Advanced
• Proven ability to manage diverse stakeholder expectations Core
• Excellent oral/written communication skills for articulating thoughts clearly with stakeholders ranging from engineers to senior business management Advanced

About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge, and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:
• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle , continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together , we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
• In line with our Fair Pay Charter , we offer a competitive salary and benefits to support your mental, physical, financial, and social wellbeing.
• Core bank funding for retirement savings, medical and life insurance , with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual, and digital learning
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website