Penetration Tester

This review provides an in-depth look at the Penetration Tester opportunity at Lloyds Banking Group, designed to help prospective candidates understand the scope of the role and its potential impact on their career trajectory. We'll highlight the advantages and key considerations to guide your decision-making process.

Opportunity Overview:

Lloyds Banking Group is seeking a skilled Penetration Tester to join their Chief Security Office (CSO). This role is integral to safeguarding the Group, its customers, and suppliers from evolving security threats. By building in-house penetration testing capabilities, the organization aims to enhance the speed, quality, and agility of its security testing, ultimately delivering greater value and reducing reliance on external vendors.

Key Responsibilities:

• Planning, executing, and reporting on penetration testing engagements across various asset types including Web, API, Mobile, and Infrastructure.
• Performing manual exploitation and post-exploitation activities to identify and assess vulnerabilities.
• Documenting and meticulously reviewing findings to ensure accuracy and high-quality reporting.
• Designing and implementing scalable detection mechanisms to proactively identify recurring security weaknesses.

Advantages for Candidates:

• Impactful Work: You will play a crucial role in protecting a leading financial institution and millions of customers, contributing directly to the organization's mission of helping Britain prosper.
• Career Growth & Development: Lloyds Banking Group is committed to investing in its colleagues and fostering a culture of continuous improvement. This role offers opportunities to expand your skillset in a dynamic security landscape.
• Learning & Mentorship: The role encourages a collaborative demeanor and a passion for mentoring others, providing a platform to share knowledge and contribute to a strong security-focused team.
• Diverse Skill Development: The requirement for experience in three out of four key areas (Web, API, Mobile, Infrastructure, Cloud, AI) allows for specialization or broad development across multiple security domains.
• Flexible Working: The organization supports hybrid working, offering a balance between in-office collaboration and remote work, with specific details available on their flexible working options.
• Comprehensive Benefits: Beyond the competitive salary range of £47,790 - £53,100, candidates can expect a generous benefits package including pension contributions, performance-related bonuses, share schemes, and extensive wellbeing initiatives.
• Commitment to Diversity & Inclusion: Lloyds Banking Group has a strong focus on diversity, equity, and inclusion, actively promoting an environment where everyone can thrive. They are a Disability Confident Leader and offer reasonable adjustments throughout the recruitment process.

Key Considerations for Candidates:

• Experience Requirements: Significant experience as a penetration tester is essential. Candidates must demonstrate strong experience in at least three of the specified testing areas (Web, API, Mobile, Infrastructure, Cloud, AI).
• Certifications: Relevant security testing certifications such as CREST (CRT, CCT), OSCP, OSCE, GPEN, or GXPN are highly valued and demonstrate a commitment to professional development in the field.
• Technical Acumen: A strong understanding of common vulnerabilities (including OWASP Top 10) and robust analytical thinking skills are critical for success in this role.
• Communication & Collaboration: The ability to communicate effectively with both technical and non-technical stakeholders, and a collaborative approach to problem-solving, are key attributes.
• Desirable Experience: While not strictly mandatory, experience with cloud-native and containerized environments, AI/LLM model testing, broader security testing practices (VM, SAST/DAST, SCA), and large, complex enterprise environments will significantly strengthen an application. Experience in software development or source code review is also considered advantageous.
• Location Flexibility: The role is available in Leeds, Bristol, Manchester, or Edinburgh, offering geographical choice for candidates.

Career Path Guidance:

This Penetration Tester position at Lloyds Banking Group presents a compelling opportunity for professionals looking to advance their careers in cybersecurity within a large, established, and purpose-driven organization. The emphasis on in-house development suggests a commitment to nurturing talent and offering clear pathways for growth. Candidates with a passion for continuous learning, a desire to contribute to impactful security initiatives, and a collaborative spirit will find this role particularly rewarding. The diverse range of testing areas covered provides a solid foundation for specialization or continued broad development, aligning with evolving industry demands.