BAE Systems Applied Intelligence is seeking an experienced Security Testing Consultant to accelerate the growth of intelligence-led penetration testing with a focus on Financial Services customers, including regulatory schemes such as CBEST and TIBER.

The Consultant will work in partnership with our world leading Threat Intelligence and Incident Response teams to develop a deep understanding of advanced threats and their tactics, techniques and procedures to test the cyber defences of tier one banks, insurers and critical national infrastructure providers. The Consultant will also help build, promote and grow our knowledge and capability in intelligence-led cyber defence.

The Consultant must hold the CCSAS certification and have the experience required in order to be able to conduct CBEST/TIBER red team assessments. This position is part of our global Cyber Technical Services team, which includes adjacent areas of Threat Intelligence and Incident Response.

Responsibilities:

• Delivery of end-to-end intelligence-led security testing engagements either to satisfy regulatory requirements such as CBEST and TIBER-EU, or as part of red teaming engagements spanning application testing, web and mobile tests, and infrastructure testing.

• Contribute to scoping engagements, leads their delivery, presents findings to senior stakeholders, and contributes to meetings with regulators in the context of CBEST/TIBER assessments.

• Production of detailed reporting and presentations for both technical and non-technical stakeholders.

• Safe and responsible use of testing tools, ensuring controls are in place to limit risks during customer engagements.

• Develop improvements in terms of scripts, tools, or techniques to enhance the Security Testing team's capabilities.

• Conduct research into vulnerabilities and collaborate with colleagues in other teams such as Threat Intelligence, Incident Response, and the wider Security Consulting community.

Skills/Experience

Required:

• Experience in delivery of security testing projects; ability to demonstrate comprehensive, practical knowledge of testing tools, techniques, and procedures.

• Understanding of client needs in terms of testing outcomes, stakeholder engagement, and risk mitigation.

• Self-starter with ability to identify problems early and come up with solutions using own initiative.

• The ability to work to strict deadlines and prioritise work appropriately.

• Technical skills with an interest in one or more of the following: adversary emulation, vulnerability discovery, reverse-engineering, emerging technology.

• Flexibility and willingness to travel both within the UK and globally.

• CCSAS certification

• Holds SC clearance, or ability to obtain that

Desirable (one or more of the following):

• Experience in a high level scripting language such as Python, a mid level language such as C/C++, or low level language such as ASM

• Skills and experience in application, operating system, database management operation, development, or security management.

• Skills and experience in testing within Financial Services, Government, Telecommunications or Energy sectors

Exploit development or other in depth vulnerability research experience.

Life at BAE Systems Applied Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.

Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

About BAE Systems Applied Intelligence

We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.

Division overview: Capabilities

At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Applied Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector.

As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.