Job Summary

Purple Team is a first Line of Defence team simulating real-life attackers' techniques to protect the customers and the organization against emerging threats. We drive and apply security research to strengthen prevention, detection, and response measures through threat-informed adversary emulations. We improve resilience through continuous simulation, automation, and insights extending to AI, Platforms, Infrastructure and Cloud environments. Purple Team Senior Security Tester is a permanent role that requires hands-on experience in offensive cyber security testing and defensive cyber security controls.

Key Responsibilities

• Plan, scope and execute Purple Team testing engagements (Infrastructure, Platforms, EDR evasion, AIML, Cloud) to continuously validate the effectiveness of cybersecurity measures against evolving threats.
• Research, develop and emulate new attack techniques to ensure resilience against emerging threats.
• Clearly communicate technical insights to stakeholders across business units and functions.
• Closely collaborate with Detection engineering, SOC, Threat intelligence, CISOs, Business and Technology teams to develop proactive security measures and remediation plans.
• Develop Purple Team continuous testing strategy, methodology, R&D activities, testing infrastructure and tooling.

Skills and Experience

• At least 3 years’ experience in Purple Teaming OR Red Teaming OR 4+ years’ experience in one of the areas: infrastructure and cloud penetration testing.
• Deep expertise conducting scenario-based offensive security operations based on threat actor behaviours described by Tactics, Techniques and Procedures (TTPs).
• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Experience in malware development and exploit development.
• Good coding skills in languages such as C / C++ / C#, capable of writing tools and automation in bash / python / PowerShell for offensive operations.
• Familiarity with C2 frameworks and Red Team tooling e.g. Cobalt Strike, Nighthawk, Brute Ratel.
• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
• Detailed oriented, strong deductive reasoning, critical thinking and problem-solving skills.
• Able to work in fast-paced environment, self-starting, organized and requiring minimal management oversight.
• Excellent oral/written communication skills for articulating thoughts clearly with stakeholders ranging from engineers to senior business management.

Preferred Qualifications - AIML and Cloud

• Hands‑on experience testing security controls for Generative AI/ML/Agentic solutions in enterprise environments (e.g. copilots, chatbots, AI‑enabled platforms, MCP servers).
• Practical understanding of LLM‑based architectures, including prompts, RAG pipelines, APIs, plugins/tools, and integration with enterprise identity and access controls.
• Hands‑on experience testing security controls in public cloud environments such as Azure and AWS, preferably in large enterprise or regulated settings.
• Practical understanding of cloud Identity and Access Management, including Role‑Based Access Control, Service Principals, Managed Identities, and cross‑account / cross‑subscription trust.
• Ability to simulate realistic cloud attack paths, including misconfiguration abuse, credential compromise, privilege escalation, and lateral movement between cloud and on‑prem environments.

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.