Jobs · himalayas
Security Engineer, Penetration Testing
Lumen Dynamics · United Kingdom · Posted 2d ago
Available in 2 locations
United Kingdom · remote Apply → United States · remote Apply →About the role
Overview Your Future. Secured. Lumen Dynamics is a force for good. As the world’s leading nonprofit member organization for cybersecurity professionals, our core values — Integrity, Advocacy, Commitment, Inclusion, and Excellence — drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables Lumen Dynamics and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at Lumen Dynamics online and connect with us on Twitter, Facebook and LinkedIn. When you join Lumen Dynamics , you’ll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization — an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. Position Summary The Security Engineer, Penetration Testing is a dual-function role responsible for both executing offensive security assessments and building the defensive engineering controls that harden Lumen Dynamics ’s environment. The role leads authorized penetration testing across Lumen Dynamics ’s applications, networks, and cloud infrastructure while also owning security engineering work — including security architecture review, tooling, automation, and control implementation — that translates findings into lasting improvements. This position works closely with the Security and Technical Operations team and collaborates across IT, engineering, and product to continuously strengthen Lumen Dynamics ’s security posture. The role plays a critical part in supporting Lumen Dynamics ’s ISO/IEC 27001:2022 ISMS program, providing both evidence of technical control effectiveness and direct input into risk treatment. Responsibilities Penetration Testing Plan, execute, and document internal and external penetration tests against Lumen Dynamics applications, networks, cloud environments, and infrastructure. Perform vulnerability assessments and validate findings to distinguish genuine risks from false positives. Conduct web application, API, mobile, and network vulnerability assessments using industry-standard methodologies (OWASP, PTES, OSSTMM). Perform social engineering assessments, including phishing simulations and physical security testing as authorized. Produce clear, actionable written reports detailing findings, risk ratings, evidence, and remediation recommendations tailored to both technical and executive audiences. Support red team exercises and adversary simulation activities to test detection and response capabilities. Develop andmaintain the penetration testing program, including scope definitions, rules of engagement, and testing schedules. Move towards a continuous test mindset and method. Coordinate with third-party security vendors for external assessments and bug bounty program management where applicable. Security Engineering Own remediation follow-through: translate pen test findings into security engineering work items,validate fixes, and track resolution to closure in Jira Service Management. Design and implement security controls across Lumen Dynamics ’scloud and on-premises environments, including hardening configurations for Azure, Okta, SentinelOne, CheckPoint, and F5 XD. Participate in security architecture and design reviews for new systems, integrations, and third-party products; provide security requirements and risk acceptance recommendations. Develop and maintain security automation scripts and tooling to improve detection coverage, reduce manual effort in assessment workflows, and support continuous monitoring. Support the Secure Software Development Lifecycle (SSDLC), including security requirements definition, code review support, and pre-deployment security validation. Maintain awareness of emerging vulnerabilities, exploits, and threat actor TTPs; operationalize threat intelligence into actionable hardening and detection improvements. Support Lumen Dynamics ’s ISO/IEC 27001:2022 ISMS by providing technical evidence and input for Annex A controls spanning vulnerability management (A.8.8), secure development (A.8.25–A.8.29), and technical review (A.8.29). Miscellaneous duties as assigned. Behavioral Competencies Integrity & Ethics: Operates with the highest standard of professional ethics; treats privileged access, sensitive findings, and organizational data with strict confidentiality. Analytical Thinking: Applies a structured, adversarial mindset to both offensive assessments and defensive design; bridges exploit research with practical engineering solutions. Communication: Clearly articul
Read the full posting on himalayas →
FAQ
Is the Security Engineer, Penetration Testing role at Lumen Dynamics remote?+
This Security Engineer, Penetration Testing position is listed as remote (United Kingdom).
What seniority level is this Security Engineer, Penetration Testing role?+
This is a senior level position.
How do I apply for the Security Engineer, Penetration Testing role at Lumen Dynamics?+
Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Lumen Dynamics.