Business Unit: Technology Operations&Cyber Security Salary range:£48,000 - £70,000 per annum - Depending on experience.  Location:  UK Remote - with occasional travel (starting quarterly then monthly) to the local hub in Glasgow.  Contract type: Permanent - Full Time  Live to inspire change. Live a life more Virgin. Our Team Are you passionate about cyber security and eager to make a real impact? At Virgin Money, we’re looking for a dynamic Penetration Test and Red Team Lead to join our busy Vulnerability Management team.  You will be part of a specialist function to support widening of our testing programme, developing and facilitating third party testing, and working closely with our technology and infrastructure colleagues to assess and prioritise findings, giving straight up advice on security best practice and our regulatory requirements. It’s a great opportunity to work with industry-leading tools and security partners, to enhance your analytical, technical and communication skills, and to really make a difference to our customers and colleagues. What you’ll be doing Deliver our penetration testing and Red Team programme: ensure tests are delivered to scope and on time, with results assessed by key stakeholders Developour testing programme: identify and progress penetration testing and red team targets which support the validation of our security posture Third Party Relationship Management: working with our providers to develop approach and scope, ensuring tests provide external assurance in line with the Bank’s risk appetite Vulnerability Assessments: assess the output from tests, providing guidance to key stakeholders on next steps and best practice, tracking remediation to completion Assess Security Risks&Threat Landscape: Identify and evaluate security risks on the Bank’s applications and infrastructure, making recommendations to continuously improve Virgin Money’s security posture in an ever-changing threat landscape Provide Expert Guidance: Offer expert guidance and advice on test findings, our policy&standards, industry regulations, frameworks, and best practices, to support understanding and prioritisation of efforts by key stakeholders Support and Mentoring: Assist in the development of the team, providing mentorship to junior team members, fostering a collaborative and growth-oriented environment  We need you to have A good understanding of the penetration testing and vulnerability management lifecycles, with an appreciation of testing techniques, the OWASP Top 10, and minimisation of risk Ability to implement and manage a testing delivery programme, working independently and proactively with internal technical and managerial stakeholders, and third party providers Experience of testing IT infrastructure, web and mobile applications, networking components, Excellent stakeholder management skills, with the ability to manage relationships with internal technical and managerial stakeholders, and third-party providers of technically accredited testing Experience of analysing and translating output from penetration tests and red team exercises, with an ability to conduct risk assessments and communicate remediation requirements, acting as an SME on security incidents where required Knowledge and experience of providing security guidance on vulnerabilities, best practice and expectations Proven experience of building and managing a service improvement programme, including task allocation, management and tracking, supporting resource requirements, and budget managementIt’s a bonus if you have but not essential Experience of red and purple team exercises and a technical leadership role. Knowledge of ethical hacking methodologies and industry standards and frameworks, such as NIST, CIS. Exposure to automated/continuous pen testing capabilities and tools RedHot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time)​ plus the option to buy more. Up to five extra paid well-being days per year​.  20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those lookingto adopt.  Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness.  And there's no waiting around, you'll enjoy these benefits from day one. Feeling insatiably curious about this role? If we’re lucky to receive a lot of interest, we may close the advert early and would hate you to miss out. We're all about helping you Live a Life More Virgin, so happy to talk flexible working with you. Say hello to Virgin Money We’re making great strides towards achieving our ambition of becoming the UK’s best digital bank.  As a full-service digital bank with a heritage stretching back over 180 years, we`re a workforce to be reckoned with.  We're putting the full power of our experience behind disruptive ideas that reinvent the role a bank plays in people'slives. We're customer obsessed and work tirelessly to create positive experiences for our millions of customers and deliver on our purpose, ‘Making You Happier About Money.’ Our customer centric culture means that we're able to do banking differently and by innovating and working together we can make a real difference. Join us and Live a Life More Virgin that empowers you with choice and flexibility in how you work. Be yourself at Virgin Money Our purpose is to make people happier about money, this means seeing and feeling the world as our customers do by creating a workforce that reflects the rich diversity of our customers and communities.  We’re committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard.   As a Disability Confident Leader, we're committed to removing any obstacles to inclusion.  If you need anyreasonable adjustments or support making your application, contact our Talent Acquisition team Now the legal bit Living A Life More Virgin allows our colleagues to be based anywhere in the UK (if the role allows it), but we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks – we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.