The scope of Services is to provide ICT Security Resources into the Authority's Security Function to manage and operate Information and Data Security activities and responsibilities on behalf of the Authority. The Authority's Security Function manages and operates the following high-level Information and Data Security activities and responsibilities on behalf of the Authority, which include, but are not limited to:
- Security Governance, Risk and Compliance Management;
- Security Budgeting;
- Security Policy (development, drafting, enforcement, etc.);
- Security Architecture and Strategy (security strategy development, security design, control frameworks and control objectives defence in depth, business needs assessments, security and operational risk impact assessments, etc.);
- Security Operations (security management, vulnerability scanning, analysis and mitigation management, coordinating penetration testing, security incident management, etc.);
- Security Monitoring (threat detection and response, Level 3 security analysis and handling, etc.);
- Solution and Platform Security Management and Assessment;
- Supplier/Vendor Security Management and Assessment;
- Security Privacy and Information Security;
- Raising and submitting Requests for Security Change (RFCs) as needed to address security and service operation issues inclusive of back out plans;
- Participating in the Technical Advisory Board (TAB) prior to the Change Advisory Board (CAB) or Emergency Change (EC) meetings to ensure that service operation risks (including security risks), issues and views are taken into account Security Awareness; and Data Security (Data Leakage Protection, Data Classification, Data handling, etc.).
The Authority's Security Function also:
- Perform Vulnerability Management scans, using Qualys, to complement or enhance an externally sourced Vulnerability Management service;
- Oversee the Authority's Security Incident and Event Monitoring (SIEM) solution, which is IBM QRadar, and collect, correlate, process, manage and analyse logs of security events to Level 3 to complement or enhance an externally sourced Security Monitoring service (to Level 1 and Level 2);
- And oversee the Authority's Security Awareness Training programme and Phishing Reporting and Analysis, which is PhishAlarm, a Wombat Security behaviour reinforcement tool by Proofpoint.
Mandatory requirement Academic Qualification:
- Honours Degree or Postgraduate Diploma (NFQ Level 8 or equivalent) in Information Security, Computer Science, Engineering, or a related discipline.
- Alternatively, equivalent industry experience (typically 5+ years) in penetration testing or offensive security.
Professional Certifications:
Core Offensive Security Certifications:
- OSCP - Offensive Security Certified Professional (preferred)
- CEH - Certified Ethical Hacker (EC-Council)
- CEPT - Certified Expert Penetration Tester
Supplementary Certifications:
- CISSP or equivalent (for broader security knowledge)
- Cloud Security Certifications - e.g. AWS Security Specialty, Azure AZ-500, or GCP Professional Cloud Security Engineer
Key Deliverables:
- The Security Penetration Tester is responsible for conducting comprehensive vulnerability assessments and penetration testing across the Authority's digital assets, including public-facing services, internal infrastructure, mobile applications, and cloud environments.
- The role reports to the Security Architect when required.
Key Responsibilities:
External & Internal Penetration Testing:
- Perform controlled testing of perimeter infrastructure (e.g. firewalls, routers, gateways, web/app/database/email servers).
- Conduct internal testing of corporate network components and systems.
- Test mobile applications, websites, and APIs for security weaknesses.
Vulnerability Assessment & Exploitation:
- Execute port scanning, service enumeration, and vulnerability scanning.
- Perform manual and automated exploitation techniques, including: Reconnaissance, scanning, exploitation, post-exploitation, and cover tracks.
- Identify and assess SSL/TLS configurations, cipher suites, and cryptographic protocols.
Cloud & Platform Security Testing:
- Assess cloud environments (AWS, Azure, GCP) for misconfigurations and vulnerabilities.
- Evaluate authentication, access controls, and key management practices.
Security Advisory & Technical Guidance:
- Provide expert input on security across: Operating systems, platforms, networks, databases, middleware, end-user devices
Cryptography, identity and access management, and cloud architecture
Reporting & Communication:
- Deliver clear, actionable reports detailing findings, risk impact, and remediation recommendations.
- Communicate technical findings to both technical and non-technical stakeholders.
Tooling & Automation:
- Use industry-standard and AI-assisted tools for reconnaissance, testing, and reporting.
- Ensure testing methodologies align with OWASP, PTES, and relevant standards.
Experience/Competencies/Skillsets
Required Experience:
- Minimum 3 years' hands-on experience in penetration testing and vulnerability assessment across enterprise environments.
- Demonstrated expertise in testing web applications, mobile apps, infrastructure, and
- cloud environments (AWS, Azure).
Technical Competencies:
- Proficient in manual and automated penetration testing techniques.
- Strong understanding of network protocols, operating systems, and application security.
- Experience with vulnerability scanning tools, SIEM platforms, and exploit frameworks
- Familiarity with cryptographic protocols, access controls, and secure authentication
- Knowledge of OWASP Top 10, MITRE ATT&CK, and relevant testing methodologies.
AI & Automation:
- Experience using AI-assisted tools for reconnaissance, exploit development, reporting, and productivity enhancement.
Core Skills:
- Strong communication and reporting skills (verbal and written)
- Analytical mindset with attention to detail
- Up-to-date knowledge of cybersecurity frameworks, threat intelligence.
- Skilled in stakeholder engagement and promoting security awareness
