What you’ll be doing
as a Cyber Resilience Testing Lead
1. Lead the technical validation of vulnerabilities, including severity assessment, exploitability analysis and business impact evaluation primarily across enterprise IT systems, applications and infrastructure, with support to OT environments where required.
2. Perform triage of vulnerabilities using industry‑standard methodologies such as CVSS.
3. Act as the technical escalation point for disputed remediation plans, advising on compensating controls and risk acceptance.
4. Maintain and update the central vulnerability register, ensuring accurate tracking from identification through to remediation.
5. Assign ownership of vulnerabilities and track remediation progress to completion.
6. Collect and validate remediation evidence, ensuring audit‑ready documentation.
7. Prepare reports and dashboards to support oversight by Cyber Resilience leadership.
8. Support the design of the annual penetration testing and red/purple team testing schedule.
9. Review and validate testing outputs, including exploit paths and findings.
10. Translate testing findings into actionable remediation plans in collaboration with SOC, architecture, engineering and delivery teams.
11. Support the coordination of penetration testing, red/purple teaming and cyber stress testing activities.
12. Maintain readiness for regulatory compliance, ensuring testing and vulnerability evidence meets audit requirements.
13. Support broader cyber resilience initiatives through operational and administrative activities.
14. Maintain accurate records and contribute to reporting and regulatory submissions.
Base location – Hybrid – Clearwater Court, Reading
Working pattern – 36 hours Monday to Friday
What you should bring to the role
15. Experience in cybersecurity, vulnerability management or related technical security roles, ideally within enterprise IT environments.
16. Strong understanding of offensive security methodologies, including MITRE ATT&CK.
17. Ability to analyse penetration testing reports in depth and translate findings into control improvements.
18. Experience tracking vulnerability remediation and coordinating with stakeholders to ensure timely resolution.
19. Experience working within large, complex or regulated organisations.
20. Strong organisational skills with the ability to manage multiple priorities and maintain accurate records.
21. Excellent communication and interpersonal skills to engage technical and non‑technical stakeholders.
22. Ability to build strong working relationships and operate as a self‑starter.
Technical experience and skills
23. Familiarity with tools such as ServiceNow or similar platforms.
24. Knowledge of cybersecurity frameworks and standards such as CAF, NIST and CIS Controls.
25. Proficiency in reporting and data analysis tools such as Excel or equivalent.
26. Ability to validate vulnerabilities, interpret testing results and support remediation planning.
Desirable qualifications and experience
27. Broader knowledge and experience within cybersecurity or information security.
28. Exposure to OT / ICS security testing environments including PLCs, HMIs and industrial protocols (desirable but not essential).
29. Experience producing technical dashboards reflecting vulnerability management and resilience maturity.
30. Experience working with vendors or delivery partners on testing or remediation activities.
31. Experience supporting penetration testing, red/purple teaming or cyber stress testing programmes.
32. Experience supporting regulatory compliance aligned to industry standards (e.g. SEMD, CAF).
Desirable technical skills and qualifications
33. Bachelor’s degree in Computer Science, IT, Cyber Security or a related field (or equivalent experience).
34. Professional certifications such as CompTIA Security+, CySA+ or similar (CISSP/CISM desirable but not essential).
What’s in it for you?
35. Competitive salary between £68,000 and £78,000 per annum, depending on experience.
36. Annual Leave - 26 days holiday per year, increasing to 30 with the length of service. (plus bank holidays)
37. Generous Pension Scheme through AON.
38. Performance-related pay plan directly linked to company performance measures and targets.
39. Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.