Job Title: Senior Penetration Tester
Corporate Title: Senior Associate
Division: Group IT Head Office
Department: IT Security
Location: Angel Lane, London
1) Job/Group Overview:
Nomura is an Asia-based financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Retail, Asset Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com
Nomura employs a robust IT Security department, members of which are located in all of its major regions, namely EMEA, Americas, India, Asia Excluding Japan (AeJ) and Japan. This team is responsible for designing, implementing and maintaining Nomura's IT Security Policy and strategy within the Japan region.
Under the direction of the global Security Test team, the candidate will need to coordinate and run penetration tests of Nomura's IT assets to ensure the reduction of technical risk, being able to pro-actively identify weaknesses and shortcomings in Nomura's security posture and recommend necessary controls and procedures to protect and detect adversarial threats.
The role will not only involve conducting tests from initial scoping to the management of findings remediation, but will oversee security tests run by external vendors and involve the mentoring of junior team members.
2) Experience:
The candidate will need to have experience and knowledge of:
* Conducting infrastructure and web application penetration tests and security assessments as part of red, blue and purple team business as usual and bespoke projects
* Pre-test scoping activities and post-test management including follow up of findings remediation
* Subject matter expertise in web, mobile or network penetration testing with track record of end to end testing of complex systems
* Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls.
* Excellent understanding of cyber security risks and controls.
* Ability to effectively communicate with internal stakeholders and third party vendors, to ensure security engagements run smoothly and to others' expectations.
* Excellent report writing skills with the ability to explain technical findings to a non-technical audience, with the ability to articulate actual business risk.
3) Requirements
Mandatory
* At least 5 or more years of IT security testing experience
* Strong communication skills
* Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams.
* Ability to be pro-active and self-manage tasks through to completion.
Preferred
Any security certifications, such as: CISSP, CISM, CISA, Security+, CEH, CCSK, or similar industry recognized certifications.
Nomura competencies
Trusted Partner
Understand clients' needs and issues, and respond with high-quality proposals
Acquire capabilities to perform one's responsibilities and contribute to being a Trusted Partner
Entrepreneurial leadership
Produce new ideas that might challenge the status-quo or oneself
Teamwork
Collaboration
Seek advice from senior colleagues and utilize it for improved results
Collaborate with members from relevant departments
Influence
Contribute to the success of the organization both quantitatively and qualitatively, and act with awareness of the impact on others
Serve as role model and provide guidance to junior employees
Integrity
Have a good understanding of corporate philosophy, professional ethics, compliance, risk management, and code of conduct, and make decisions and take actions accordingly
Right to Work
The UK Government have taken steps to reduce net migration to the UK by limiting the number of overseas workers coming to the UK for employment. Please note that whilst we are able to consider applications from overseas workers from outside the UK (who require a Tier 2 Skilled Worker visa) we can only employ them if we can provide evidence that this is a genuine vacancy for a qualified role
Diversity & Inclusion
Nomura is an equal opportunity employer. We value diversity and are committed to ensuring we best reflect the diversity of the communities we serve creating an inclusive environment for all our employees. We welcome all applications and do not discriminate on the basis of age, disability, gender identity and gender expression, pregnancy and maternity, marriage and civil partnership, race, religion or belief, sex or sexual orientation.
If you require any assistance or reasonable adjustments due to a disability or long-term health condition, please do not hesitate to contact us.