Job Summary

The  poorpose of the role is to deliver high-quality penetration testing services that support the protection of the Group’s assets, customers, and reputation. The choosen candiate will operate as a First Line of Defence control owner (where applicable) for defined security testing processes and supporting infrastructure.

Key Responsibilities

•    Maintain and manage penetration testing infrastructure, including testing workstations, servers, virtual environments, and specialized hardware.
•    Administer and support internal security testing platforms (e.g., scanning engines, attack simulation tools, reporting systems), ensuring availability, stability, and performance.
•    Perform installation, configuration, updates, and patch management of security testing tools, operating systems, and supporting software.
•    Develop, customize, and improve internal tooling and automation scripts to enhance testing efficiency and repeatability.
•    Manage test lab environments, including provisioning, configuration management, access control, and secure data handling.
•    Monitor and maintain licensing, tool integrations, and compatibility across the security testing ecosystem.
•    Troubleshoot technical issues related to testing infrastructure, tools, and lab environments, ensuring minimal disruption to project delivery.
•    Ensure testing infrastructure complies with internal security policies, legal requirements, and data protection standards.
•    Maintain clear documentation of lab architecture, configurations, procedures, and operational processes.
•    Collaborate with security, IT, and engineering teams to support secure configuration and continuous improvement of testing capabilities.
•    Contribute to knowledge sharing and continuous enhancement of methodologies, tooling standards, and operational best practices.

Skills and Experience

•    Reporting & Communication
•    Web Apps automatic and manual testing
•    API Security automatic and manual testing
•    Web App Security Standards knowledge
•    Network & Infrastructure security testing
•    Active Directory automatic and manual testing
•    Cloud Security testing and configuration review
•    Mobile application manual and automatic testing    
•    Source Code Review
•    Scripting & Automation
•    Exploitation - PoC development, exploit adaptation, post-exploitation hygiene
•    Vulnerability Validation - Evidence quality, reproducibility, false-positive elimination
•    Remediation Guidance - Secure fixes, compensating controls, validation strategy
•    Threat Thinking - Attack path modeling, chaining, prioritization by impact/likelihood
•    Ethics & Safety - Safe testing, non-disruptive exploitation, data handling

Qualifications

Education
•    Bachelor’s degree in information security, Computer Science, Cybersecurity, Information Technology, Engineering, or a related Discipline; or Equivalent Practical Experience
•    Alternatively, Demonstrable Hands-on Experience in Penetration Testing, Security Engineering, or Infrastructure Administration in lieu of a formal degree.
•    Solid Foundational Knowledge of Networking, Operating Systems (WINDOWS/LINUX), and Information Security Principles.

Training
•    Formal Training in Penetration Testing, Ethical Hacking, Red Teaming, or Vulnerability Assessment Methodologies.
•    Training in System Administration, Server Management, Virtualization, or cloud platform Administration Relevant to Maintaining Testing Infrastructure.
•    Industry-Recognized Certifications (Desirable), Such as:

•    Offensive Security (E.G., OSCP OR EQUIVALENT),
•    Cloud or Platform Certifications Relevant to the Organizations Environment.

•    Ongoing Professional Development Through Technical Courses, Workshops, Labs, Security Research, or Industry Conferences.
•    Commitment to maintaining up-to-date Knowledge of Evolving Threats, Tools, and Offensive security techniques.

Languages
•    English: Professional Working Proficiency (Written and Spoken), Including the ability to produce clear, Client Ready Reports

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.