The Cyber Security Testing Manager reports to the Head of Security Solutions within the CISO (Chief Information Security Officer) function.
The Cyber Security Testing Manager will be responsible for developing, maintaining and running RSA’s suite of security testing capabilities including SAST / DAST, penetration testing, red teaming and password auditing.
You will be responsible for the security testing elements of the Systems Development Life Cycle (SDLC) and will work with the Delivery and Change community to ensure that security testing can be consumed by projects delivering new systems and solutions. You will also be responsible for running BAU security testing across all existing solutions and for ensuring that the testing approach and capabilities are in step with emerging cybersecurity threats and RSA’s risk appetite.
In your role you will be responsible for the oversight of third parties delivering the testing capabilities and also for identifying testing activities that would be better run in-house.
• Developing and maintaining RSA’s security testing capability.
• Providing a consumable security testing service to the technical and business communities.
• Maintaining and championing the security testing elements of the SDLC.
• Support the CISO leadership team in the development of the security strategy and associated security services.
• Deliver a security testing programme covering penetration testing and red teaming to RSA UK each year
• Track the progress of remediation and act as the customer for projects delivering remediation activity
• Review emerging cyber threats and industry trends to ensure that RSA’s security testing capability remains effective and relevant
• Participation in an on-call rota to support the management of critical security incidents out of hours
You will have:
• Advanced knowledge of penetration testing approaches and techniques
• Advanced knowledge of red teaming approaches and techniques
• Experience in managing third party suppliers
• Ability to communicate technical risk information in business terms and contexts
• Relevant security qualifications or experience, with a preference for CISSP
• Significant experience in developing and running security testing programmes
• Security testing experience, preferably in Financial Services
• Experience of running security testing in a variety of application development approaches and environments including ITIL, Agile and Cloud.
RSA is one of the world's leading FTSE 100 general insurers with a proud heritage dating back over 300 years. We provide high quality, innovative insurance products and services for some 20 million customers in over 100 countries, setting new standards in the industry.
Why are we telling you all this? Well, we’re an ambitious sort of company. And if you’re an ambitious sort of person – with the drive to improve us as you improve yourself – we’ll promise you all the resources and career opportunities you need
We aim to provide every one of our employees with a great work-life balance and the opportunity to contribute to charity. We have a thriving community investment programme, volunteer weeks, social events, focus groups, and team outings.
If this sounds like a role you’re interested in then please apply
Horsham, Chart Way, England, West Sussex, RH12 1XL, United Kingdom