Security Tester
2 days a week on site in Telford
3 months contract
Inside IR35
Please note that the applicant must be eligible for SC Clearance
Tenable (advanced skills)
Expand use of Tenable and deliver an external testing capability for vulnerability assessments and security compliance of boundary and external-facing assets. This includes deploying vulnerability assessment scanning tooling (Tenable One) for PCI-DSS scanning when required.
Develop a centralised service dashboard and workflow management tool linked to a central asset database, providing a single view across security compliance tooling. This will facilitate tracking of penetration test reports, automate reporting and reassessment, and integrate with workflow/ticketing systems, reducing manual effort and providing a continuous security overview. The service will utilize the CMDB and asset inventory to ensure comprehensive asset coverage and integration with CSC tooling.
Additional capabilities include:
* Providing workflow and ticketing systems for request prioritization and management
* Tracking testing and patch requests through workflow capabilities
* Maintaining a single CMDB/asset database with enriched asset data
* Integrating threat intelligence to prioritize outputs
* Offering a consolidated dashboard and reporting across technologies
* Expanding Tenable capabilities to Tenable One to utilize the full product suite
* Extending security compliance coverage beyond servers to include applications, posture management, cloud environments, databases, code scanning, containerization, and infrastructure components
* Ensuring full scanning and coverage of network assets across environments (Crown, LDC, AWS, Azure, Office)
* Completing onboarding of server assets for comprehensive scanning and reporting
* Onboarding CNI assets for scanning, coverage, and reporting
Further responsibilities include:
* Reviewing current capabilities and expanding CSC and security testing services on digital and modern platforms
* Delivering tooling, processes, reports, and onboarding for digital assets, focusing on Tenable/Tenable One
* Conducting discovery work to explore options for a holistic discovery scanning capability
* Collaborating with the CMDB ServiceNow owner to assess discovery scope and future plans
* Implementing discovery scanning and developing related processes and reports
* Using Tenable for regular automated scans of build images, aligning with CIS and build benchmarks during onboarding and pipelines
* Providing reports to clients to monitor compliance with standards
#J-18808-Ljbffr