Back to search results

Security Tester

Ref: BBBH76662_1756301101

Telford, Shropshire

Up to £0.00 per annum

Contract

Security Tester

2 days a week on site in Telford

3 months contract

Inside IR35

Please note that the applicant must be eligible for SC Clearance

Tenable (advanced skills)

Expand use of Tenable and deliver an external testing capability that can be utilised to carry out vulnerability assessments and continual security compliance of boundary and external-facing assets.
This includes delivery of vulnerability assessment scanning tooling (Tenable One) to provide PCI-DSS scanning capability to areas of the business when required.

Deliver a centralised service dashboard and workflow management tool, linking to a central asset database which provides a single pane of glass across different continual security compliance tooling. This will allow tracking of penetration test reports and provide clear workflow/ticketing integration with automation of reporting and reassessment, reducing manual effort and delivering a continual security view across the estate. The CMDB and asset inventory list will be used to ensure tracking and coverage of assets across the estate and integration with CSC tooling.

Additional capability includes:

Providing workflow and ticketing systems to prioritise and manage requests
Workflow capability to track requests for testing and patch assurance
A single CMDB/asset database with the ability to provide enriched data against assets
Integration with threat intelligence data to prioritise outputs
Consolidated single-pane-of-glass dashboard and reporting across technologies
Expansion of Tenable capability, moving to Tenable One to exploit the full product suite
Widening coverage to provide continual security compliance across environments beyond the server estate, including applications, posture management, cloud frictionless, databases, code scanning, containerisation, and wider infrastructure components
Full scanning and coverage against network assets across different environments (Crown/LDC/AWS/Azure/Office)
Complete delivery of server-based assets across the estate to ensure scanning and coverage against all environments (Crown/LDC/AWS/Azure)
Onboarding of CNI assets across the estate to ensure scanning, coverage, and reporting

Further responsibilities include:

Reviewing current capabilities and expanding CSC and security testing services in digital and modern platforms
Delivery of tooling, process, reporting, and onboarding of digital assets, with Tenable/Tenable One as core vulnerability scanning tools
Discovery work to establish options and constraints for implementing a holistic discovery scanning capability
Engagement with the CMDB ServiceNow owner to assess current discovery scope and future plans
Implementation of discovery scanning and creation of associated processes and reports
Utilising Tenable to perform regular automated scans of build images across assets, aligning with CIS and build benchmark standards as part of onboarding and build pipeline processes
Delivery and updating of reports for customer groups to track compliance with these standards