10x is a strategic solutions business working to transform banking and make it 10x better for customers, banks and society.
Our next-generation cloud-native technology platform enables our financial services clients to give their customers more timely, relevant and personalised experiences when it comes to managing money.
The 10x platform is built on a microservices architecture using a unique data model that is fully compliant with Open Banking standards. It is infinitely configurable and constantly evolving to deliver better, more personal, experiences for everyone.
10x was founded by Antony Jenkins, the former Group Chief Executive of Barclays.
As a people-led technology business, our success relies on attracting and retaining the very best talent with the highest level of skills and capability to develop our business.
Join us and you will be part of a team delivering a digital banking platform at the forefront of innovation, transforming banking and the wider FinTech sector.
Guided by our strong values of Transformation, Integrity and Impact, we actively support, respect and collaborate with our customers, partners and each other.
Working from our offices in Victoria, London, the 10x team comprises more than 300 specialists with deep and relevant experience across multi-billion-dollar businesses, challenger, disruptor brands and start-ups.
At 10x you work alongside innovators and leaders in banking and financial services, big-technology and consumer-focused industries – proven practitioners who understand how to meet the evolving needs of businesses and consumers.
Our engineers and developers are leaders too, drawing on experience in and outside of financial services to deliver new digital solutions. They work across API development, security, cloud-native engineering and payments technology and include UI and UX designers, technical architects and data scientists.
What unifies the 10x team is an ambition to transform banking.
About the role
The 10x Security team is responsible for the secure design and operation of the 10x platform along with securing the wider 10x organisation. Both the platform and the organisation are using the latest technologies and working practices to provide world class service to our clients and colleagues. We provide “bank-grade” security but with latest technology, genuinely agile delivery, and without the legacy technology issues facing most banks.
Providing secure and resilient service to our clients is critical to the success of our business and security is recognised as a key organisational priority.
We work in a dynamic and exciting environment where we are constantly looking for new ways to improve the security of our platform and exploit the latest technology.
We are looking for a Penetration Tester to join the team to provide assurance on the 10x platform and wider 10x organisation.
You will seek to find ways to defeat our security controls and execute a testing roadmap across a number of different domains:
· Web Application Testing
· Red Teaming
· Social Engineering
Security is an organisational priority for 10x and we will also be working with a variety of third party penetration testing organisations, but we are looking for a technically savvy pen tester to join our team and help build the most secure banking platform on a leading edge technology platform.
· Proficient in performing a variety of penetration tests such as infrastructure, web application, mobile application and secure code analysis
· Self-motivated and able to work independently and as part of a larger team
· Hold industry recognised qualifications such as Crest and OSCP
· Excellent written and verbal communication skills
· Broad security experience across security domains with deep expertise in at least one of Identity and Access Management, Network Security, Data Security or Mobile Security
· Experience in securing end user computing environments exploiting Mac, Windows and M365
· A proven ability to learn and adapt to new, complex development environments
· Deep experience in securing public cloud environments, ideally AWS
· Experience in securing mission critical, regulated workloads
· Be part of a call out team to provide live service to our clients
· Experience with a number of the following security tools, Akamai, Apigee, Imperva, Forgerock, Threatmetrix, Dome9, Qualys and Fortify along with cloud-native security controls
· Experience with microservice based cloud native architectures, relational databases, bigdata and streaming technologies, continuous integration, and agile methodologies, particularly scrum