Red Team Lead

Within the Chief Security Office (CSO) our role is to protect the Group and our customers from security threats, and to enable the Group's businesses to make change to their services safely and quickly. The Advanced Intrusion Testing (AIT) team conducts intelligence-led intrusion tests, including Red Teaming and Purple Teaming, designed to simulate the approach a skilled adversary would use in real life cyber-attack scenarios against the Group. Scenarios are crafted to independently evaluate the organisation's end-to-end cyber resilience by testing people, processes and technology.,

• Deliver Red Team Adversary Emulation tests, technically leading AIT colleagues through the execution of TTPs, while handling communication with key collaborators. Research and devise testing that will challenge the organisations' ability to detect and respond to cyber-attacks.
• Support the delivery of collaborative testing exercises (Purple Team tests), maximising opportunities for the SOC to improve LBG's security defence.
• Work collaboratively as part of a cross functional matrix team of technical authorities from across the Chief Security Office and the business, focused on proactively improving the security posture of the Group.
• Review testing outputs and support collaborators to identify appropriate remedial plans, while identifying thematic findings and root cause analysis.
• Act as a technical authority within Chief Security Office and share knowledge and technical expertise to others through consultation, providing advice and coaching.
• Identify and drive continuous improvement within the AIT team and support the direction of overall AIT strategy.
• Lead by example, consistently demonstrating the Group Values and the Leadership Behaviours by being approachable and acting with integrity to build trust and credibility within your team.
• Lead informal technical coaching and sharing of knowledge, providing an appropriate level of support for team members from a technical level.
  
  Solid experience in offensive security operations, such as network penetration testing, application (web / mobile / API) penetration testing, red teaming, or purple teaming.
• Ability to conduct targeted, covert tests including identifying vulnerabilities, exploiting them, and performing post-exploitation activities, without needing to rely heavily on tools.
• Solid understanding of Red Team, Purple Team, and Penetration testing methodologies and tools.
• Good communication skills and experience of communicating technical issues with both technical and non-technical collaborators.
• A genuine passion for cybersecurity research and testing, keeping up with the latest threats to the financial sector and adopting an adversarial attitude.
• Good understanding of network and operating system fundamentals across Windows and NIX.
• Good overall working knowledge of enterprise architectures, operations, and IT environments and Defensive Security tooling.
• Familiarity with the MITRE ATT&CK framework., Offensive security / cybersecurity related qualifications (e.g. SANS GIAC, CREST, OSCP/OSCE, CRTO or equivalent cybersecurity programme).
• Software development or coding experience in any low level or high-level language (C#, C++, C, Python, Bash Scripting, Java, Rust, etc.).
• Understanding of malware techniques.
• Social Engineering and/or physical intrusion techniques.
• Experience of CI/CD, Infrastructure as Code.
  
  Want to do amazing work, that's interesting and makes a difference to millions of people? Join our journey.
At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we're building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.

Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity, or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it's why we especially welcome applications from under-represented groups. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes:
• A generous pension contribution of up to 15%
• An annual performance-related bonus
• Share schemes including free shares.
• Benefits you can adapt to your lifestyle, such as discounted shopping.
• 30 days' holiday, with bank holidays on top
• A range of wellbeing initiatives and generous parental leave policies