Job Description
Offensive Security Specialist – Richmond Villages. Permanent, Full time – 37.5 hours per week – Salary £51,200 - £64,000 (depending on experience & location). Locations: Salford Quays / Staines / Central London, Flexible / Hybrid working.
Role Overview
As an Offensive Security Specialist, you will be part of a team responsible for testing, measuring, and reporting on the effectiveness of security controls used across the Bupa IT estate against known adversarial tactics and techniques. You will design, run and analyse assessments using our Breach and Attack Simulation platform and additional data from Red Team, Penetration Testing, Vulnerability Scanning, and other tools that identify misconfigurations within the Bupa infrastructure that represent a potential security risk. You will also design test strategies based on the MITRE ATT&CK framework, using internal and external Threat Intelligence and your own knowledge and experience of corporate network environments.
What You'll Do
* Review and analyse findings from multiple data sources to assess impact and determine remediation priorities.
* Develop remediation plans for high-priority vulnerabilities, using your offensive security expertise to identify potential attack paths.
* Collaborate across teams to disrupt these paths effectively, leveraging technical knowledge and that of others.
* Influence stakeholders including technology owners and remediation teams to commit to and implement remediation strategies.
* Perform risk analysis on test data to ensure the most critical issues are addressed first, aligning with frameworks such as MITRE ATT&CK and the Unified Kill Chain.
* Use threat intelligence to guide future assessments, ensuring testing is relevant to current controls and risks.
* Utilise BAS platforms and engage in continuous self‑learning through provided resources to maintain credibility and expertise.
* Partner with internal and external SMEs across Security Operations, Engineering, Threat Intelligence, and Vulnerability Management to design effective solutions.
* Mentor and guide colleagues, sharing knowledge and influencing others to resolve identified weaknesses.
* Lead small projects, ensuring timely and accurate implementation of solutions, and design unbiased methods to validate their effectiveness.
* Challenge and improve existing processes, contributing to documentation and reporting using tools such as Kibana, Lucene, and Python.
* Communicate technical findings clearly to Risk teams and other stakeholders, ensuring risks are well understood and documented.
What You'll Bring
* Experience within IT Security disciplines such as Security Operations, Red Teaming, Penetration Testing, or Security Engineering; expert knowledge of enterprise technologies and infrastructure.
* Confidence in your technical expertise and the ability to present yourself as a technically competent SME.
* Exposure to Security Monitoring and Security Control technologies.
* Exposure to Threat Intelligence sources.
* Good experience of typical enterprise security services, including but not limited to:
o Threat Intelligence
o Penetration testing
o Anti‑malware
o Email/SPAM management
o Authentication mechanisms
o SIEM
o WAF
o Firewalls
o Proxy technologies
o IDS/IPS
o DLP
* Track record of technical delivery within a fast‑paced, pressured environment.
* Strong stakeholder engagement and effective communication skills.
* Confidence to ask for help and drive solutions forward.
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme covering mental, physical, financial, social, and environmental wellbeing. We support flexible working and a range of family‑friendly benefits.
* 25 days holiday, increasing with length of service, with the option to buy or sell.
* Bupa health insurance as a benefit in kind.
* An enhanced pension plan and life insurance.
* Onsite gyms or local discounts where no onsite gym available.
* Various other benefits and online discounts.
Why Bupa
We're a health insurer and provider that focuses on our customers. Our people are driven by the purpose of helping people live longer, healthier, happier lives and making a better world. We champion diversity and believe in inclusive representation. We encourage applications from people with diverse backgrounds and experiences.
We are a Level 2 Disability Confident Employer and aim to offer an interview/assessment to disabled applicants who best meet the minimum criteria for the role. We are committed to ensuring fair treatment during recruitment and offering reasonable adjustments for accommodation.
#J-18808-Ljbffr