Security Testing Engineer

Excited to grow your career?

Our purpose is to empower people to save and invest with confidence. We are looking for great people to join us, so please come and invest in YOUR future at HL.

About the role

Hargreaves Lansdown, a leading FinTech company, is undergoing an Agile transformation. Information Technology has underpinned Hargreaves Lansdown's success and will play an increasingly important role in HL's future strategy and growth as the company continues its digital journey.

As part of this journey, we are working hard to increase Security Testing capabilities across all change. We are therefore looking for a Security Testing Engineer with a proven track record in information security / Security Testing, who enjoys working with a variety of technologies and wishes to progress their career, assisting in security assurance across the business.

ROLE ACCOUNTABILITIES

• Design and implementation of automated Security Testing solutions / vulnerability scanning within an SDLC
• Supporting senior management in defining testing strategy, tools and technologies
• Running proof of concepts for new tools to support automated security assurance during agile sprints
• Onboarding chosen automation solutions, liaising with teams across the business to build and deploy
• Integrating use of security tooling into existing team / business processes
• Tool maintenance and optimisation through configuration reviews and feature upgrades
• Monitoring of tool effectiveness (e.g., cost/benefit analysis, performance against metrics)
• Production of dashboards to demonstrate effectiveness
• Triage of vulnerabilities, identification of false positives and providing mitigation and risk advice
• Identification of improvements and shift left opportunities
• Championing Security Testing as part of the delivery pipeline, and a secure by design culture
• Cultivate strong working relationships across the business including IT, projects, squads, SOC, InfoSec and Vulnerability Management, to ensure processes are smooth and efficient
• Adhering to deadlines, prioritising work, and provide progress updates against plan

EXPERIENCE / SKILLS

• Experience of SAST/SCA/DAST toolsets such as Veracode, GitLab
• Experience of API scanning toolsets such as Salt, Cequence, 42crunch
• Understanding of CVSS, EPSS or other vulnerability risk measurement framework
• Ability to code in at least one programming or scripting language
• Appreciation of different types of software development languages and deployment tools
• Knowledge of security vulnerabilities and an aptitude to keep up to date with emerging ones
• Ability to replicate vulnerabilities to demonstrate risk to development teams
• Experience of working with Agile processes
• Understanding of cloud technologies such as AWS and Azure
• Highly organised with advanced planning & organising skills, as well as a good attention to detail
• Experience in writing processes and optimising them based on feedback
• Experience in integrating security tooling CI/CD pipelines.

Why us?

Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments.

To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.

What's on offer?

• Discretionary annual bonus & annual pay review
• 25 days holiday plus bank holidays and 1-day additional Christmas closure time
• Option to purchase an additional 5 days holiday per year
• Flexible working options available, including hybrid working
• Pension scheme up to 11% employer contribution
• Sharesave scheme - have a real stake in HL's future
• Income Protection & Life insurance (4 x salary core level of cover)
• Health care cash plans - including optical, dental, and out patientcare
• and an Employee Assistance Programme
• Gympass - gym memberships and wellbeing apps available
• Variety of travel to work schemes with free bike storage and shower facilities
• An inhouse barista serving subsidised coffee and snacks
• Join HL's sports, I&D networks and volunteering groups (two paid volunteering days per year)
• LifeWorks Discounts on services, restaurants and retailers

up to 30 days depending on role level & increasing with length of service

We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you!

Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.

This role may also be available on a flexible working or part time basis - please ask the Recruitment & Onboarding team for more information.

Please note, we are unable to provide employment sponsorship to candidates.