Senior Cyber Security Testing Engineer

WPP IT provides IT services for WPP, the world’s largest communications services group. As a creative transformation company, WPP is helping its clients transform the future through extraordinary work. WPP IT is an integral part of that journey and we are proud to provide technology for some of the world’s most creative brands.

Visit our LinkedIn page to see what we're up to!

Why we're hiring:

At WPP, technology is at the heart of everything we do, and it is WPP IT’s mission to enable everyone to collaborate, create and thrive.  

As we progress on this journey, we need to further evolve how we protect our customers, employees, and shareholders for today and the future. You will play a critical role within our growing Cyber Security team by developing and implementing a world class information security programme to protect WPP Group from cyber threats. This is an essential role, supporting WPP IT to deliver its purpose to design, build, run and transform all current and future IT services which underpin the One WPP strategy. 

The Cyber Security, Senior Security Testing Engineer’s primary purpose will be to lead and oversee the maintenance and development of the Cyber Security Penetration testing, Vulnerability Management and Vulnerability Remediation programmes. 

Reporting into the Cyber Security and Systems Engineering Lead, you will mentor and manage a global team of Cyber Security testing and vulnerability management SMEs. 

What you'll be doing:

• Working under the direction and guidance of the Cyber Security Systems & Engineering Lead, while following the Cyber Security testing strategy, build and maintain a global pentesting and vulnerability management function. 
• Work in collaboration with IT, Cyber Security and Group teams (such as Risk & Compliance & CSO) to design and deliver business aligned security testing solutions. 
• Ensure accurate, pragmatic and timely technical Cyber Security Testing & Vulnerability guidance is provided to stakeholders. 
• Develop and deliver Cyber Security testing artefacts including technical documentation, methodologies, process\procedures, requirements, test plans and reports. Support and contribute to the delivery of a wider Information Security Management System. 
• Work closely with the Cyber Security Systems & Engineering Lead, Security Architects and Technology Operations Teams to ensure the correct operation, and optimal configuration of Penetration testing and Vulnerability Management toolsets. 
• Work closely with the Cyber Security Systems & Engineering Lead, Security Architects and Technology Operations Teams to drive and track the timely remediation of vulnerabilities.  
• Build and maintain knowledge and awareness security testing and vulnerability intelligence feeds (NCSC, CISA, SANS). Articulate vulnerability information into clearly defined business risk. 
• Deliver and present appropriate KPI, KRI and other requisite reporting to the Cyber Security Systems & Engineering Lead and Head of Cyber Security Operations. 
• Act as a Pentesting and Vulnerability Management SME for projects and initiatives relevant to the role. 
• Working closely with WPP technology teams, build professional relationships to ensure cooperation between stakeholders and Cyber Security Operations. 
• Lead and direct third-party suppliers to ensure testing services are provided effectively, within project timescales and service level agreements. 

What you'll need:

• Strong hands on technical background in cyber / information security. 
• Knowledge of securing network technologies, client, and server operating systems, security data, information, and intelligence. 
• Stakeholder management. 
• Able to take a pragmatic approach to Cyber Security by identifying, understanding and clearly articulating risk. 
• Experience of providing Security testing expertise to Enterprise-wide Cyber Security Change programmes. 
• 5 years plus in a similar role within a large, complex and technologically diverse organisation. 
• Must have in depth technical knowledge of security technologies including but not limited to: Pentesting tools and methodologies , SIEM solutions , Application components , Firewall Solutions , Cloud Security Centres , TCP-IP Networking , Internet Technologies.

Who you are:

You’re open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You’re optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with confidence: to try the new and to seek the unexpected.

You’re extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we deliver extraordinary every day.

What we'll give you:

Passionate, driven people – We champion a culture of people that do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and deliver projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?