Skip to main content

Senior Penetration Tester

Syracuse, New York; Brooklyn, New York; Waltham, Massachusetts

Apply

Overview

Our IT ambition is to be recognized for ‘Transforming National Grid into the leader of the digital energy future’. Market innovation will drive the digital utility. We plan to enhance our IT offerings, mature the way we interact with our business partners, and transform the culture of our teams. Culturally, we will be placing a stronger emphasis on designing systems around the end user. We are establishing an operating model based on accountability and empowering our workforce to share ideas and drive continuous improvement. There will be clear career options within the company, both management and technical. We are focusing on enhancing and investing in both leadership capability and developing necessary technical expertise.

  • Glassdoor Reviews and Company Rating

Job Description

Senior Penetration Tester

Organization Information Technology Department DR&SPrgDela

About us

Join National Grid’s digital transformation! We are digital creators, continuous learners and daring innovators. We leverage digital innovative ways to create products and catalyze the transformation of National Grid's business units into more agile and digitally native organizations in our shared purpose of bringing energy to life. Come and join us on this incredible journey, We need you!

The Vulnerability Testing Team is part of Vulnerability Management within the National Grid’s global Security Team. It supports the Security Team’s operations by identifying vulnerabilities and security issues via penetration testing assessments. It also identifies real-world threats posing a genuine risk to National Grid; replicating behaviours of threat actors, assessed by Government and commercial intelligence providers. Your discoveries will enable National Grid to proactively adjust its defensive posture.

We want to find a highly motivated individual to take on a Senior Tester role with a strong skill set in Web, API, and Application testing. A successful candidate will carry out penetration testing across a range of environments, including Enterprise and Critical National Infrastructure networks, covering National Grid’s global business. If you yearn to be innovative and contribute new ideas and play a critical part in the Cyber Security organization, we want to hear from you!

What you'll do

As a Senior Penetration Tester, you'll liaise with project teams and other security functions to implement effective remediation activities. Significant findings will be shared with C-level management and help influence the security department's strategic direction. You'll also provide guidance and mentoring to junior team members, helping them develop in the early stages of their careers. Key responsibilities include the following:

  • Scope penetration tests with project teams
  • Conduct penetration testing activities against IT systems and applications
  • Liaise with Security Architects and Project teams to articulate findings and drive remediation
  • Analyse or produce high quality penetration test reports and draft remediation plans
  • Build / maintain penetration testing environments
  • Maintain technical documentation; e.g. methodologies, technical guides, and reporting standards
  • Mentor junior testers, developing their penetration testing experience

What you'll need

  • 3 to 5 years of experience in a Penetration Testing position
  • Strong understanding of Penetration testing process and deliverables
  • Strong web and API penetration testing experience
  • Knowledge of common application vulnerabilities such as those included within the OWASP Top 10 and ASVS checklist
  • Experience with using common web/API application penetration testing tools such as Burp Suite Professional
  • Demonstrable knowledge of additional tooling utilized for all stages of the web/API testing methodology
  • Strong stakeholder management and written/oral communication skills, with the ability to communicate at a technical and business user level
  • High reporting standards and strong attention to detail, able to review and QA work of peers

It would be awesome if you had

  • Experience in application development
  • Actively involved in the security community; developing open source tools, contributing to security blogs, or participating in CTF competitions
  • Able to work in both waterfall and agile software delivery projects
  • Experience working in a Critical National Infrastructure environment, or similarly regulated industry
  • Good understanding of the Energy industry and Industrial Control Systems 
  • Computer Science, Mathematics, Engineering, or Security related degree (or higher)
  • Formal certification in one of the following: 
    o  OSCP
    o  OSWA
    o  GIAC GWAPT
    o  CCT – APP, Tiger Scheme, or equivalent 

What you'll get

  • Consistent growth potential through company leadership programs
  • Competitive compensation package including robust benefits with a yearly bonus 
  • Numerous wellness programs
  • A multitude of company-endorsed community programs to participate in  

More Information

Are you the right fit for this exciting role? You want to learn more about the position and National Grid's ambitious Digital Transformation? Then let's chat!

Apply directly or reach out to me at cyril.lenoir@nationalgrid.com. 

#LI-CL1

At National Grid, we keep the lights on and homes warm. But it’s so much more than that. We keep people connected and society moving. This is no easy feat, and it takes all of us. But National Grid supplies us with the environment to make it happen. As we generate momentum in the energy transition for all, we don’t plan on leaving any of our customers in the dark. But we aren’t looking for external recognition – we already what we do is vital. We’re building a clean, fair and affordable energy future.

Salary

$84,000 - $132,000 a year

Please be advised that due to the nature of this position, incumbents are subject to federal Drug & Alcohol safety regulations governing US Department of Transportation ("DOT") covered positions, including the Federal Motor Carrier Safety Administration (FMCSA) and Pipeline Hazardous Material Safety Administration (PHMSA). As such, the Company’s testing programs and policies regarding the use of federally prohibited drugs or alcohol, for recreational or medical purposes, will remain in effect for these safety-sensitive, DOT covered positions.

This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.

National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise.  We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve.  National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team. 

Apply

Success Profile

What makes you a successful Information Technology team player at National Grid? Check out the top traits we’re looking for and see if you have the right mix.

  • Strategic
  • Inventive
  • Collaborative
  • Proactive
  • Results-driven
  • Leadership
a group people looking at code on a laptop

Our culture

  • A culture of inclusivity where the best ideas can come from anywhere.
  • A belief that we do our best work when we all work together.
  • An understanding that to engineer the future, you have to think out of the box.

Rewards

  • Healthcare

  • 401(k)

  • Continuing education

  • Paid time off

  • Employee assistance (EAP)

  • Health & wellness

Employee working on a solar panel

Learn more about environmental responsibility at National Grid.

Learn more about environmental responsibility at National Grid

Sign up for Job alerts

Step 1:Search by category, location or a combination and click “add to list”.

  • Information Technology, Syracuse, New York, United StatesRemove
  • Information Technology, Brooklyn, New York, United StatesRemove
  • Information Technology, Waltham, Massachusetts, United StatesRemove
  • Featured, Syracuse, New York, United StatesRemove
  • Featured, Brooklyn, New York, United StatesRemove
  • Featured, Waltham, Massachusetts, United StatesRemove
  • Cyber Security, Syracuse, New York, United StatesRemove
  • Cyber Security, Brooklyn, New York, United StatesRemove
  • Cyber Security, Waltham, Massachusetts, United StatesRemove

Step 2: Enter email address and click subscribe

  • National Organization on Disability leading disability employer 2020
  • Best places to work for lgbtq equality
  • DiversityInc 2020 Top Companies for LGBT Employees
  • DiversityInc 2020 Top Companies for Utilities
Top