Senior Security Specialist - RedTeam

Senior Security Specialist

LSEG (London Stock Exchange Group) is a global financial markets infrastructure and data business. We are dedicated to delivering open‑access financial services that support stability and growth worldwide.

Plan and execute security testing operations across the enterprise. Work closely with Business partners, BISOs, GSOC, and other entities to ensure the Group’s security program is effectively tested and potential gaps discovered.

• Plan, lead and execute offensive security engagements as a threat actor during tests, attack simulations, training and exercises
• Employ simulated adversary threat‑based approaches to expose and exploit vulnerabilities and weaknesses to improve the security of our products and technology landscape
• Replicate tactics, techniques and procedures used by modern attackers, including common network exploitation, penetration techniques and software exploitation
• Develop attack plans, coordinate with Red Team Operators and 3rd‑party vendors to meet objectives
• Provide constructive feedback to defenders and product teams on successes and failures
• Develop, modify and extend tools/exploits, including custom tools and automation, to aid execution of security assessments
• Establish credibility as a trusted advisor to stakeholders including customers, executives, peers and employees
• Stay current with sophisticated attacks and apply them during red‑team activities
• Help defensive teams and product teams understand how to detect and stop cyber attacks via purple‑team exercises, CTF demonstrations, etc.
• Supervise junior team members and report findings through written reports, Jira tickets, presentations and other formats
• Maintain and develop security testing processes and related artefacts

• Bachelor’s Degree in Information Systems, Technology, Computer Science, Engineering or equivalent, or minimum 5 years of cyber security experience
• Demonstrable experience in Red Teaming and Penetration Testing
• Minimum 3 years of technical security experience with at least one of: firewalls, IDS/IPS, web proxies, DLP, web applications, cryptography, social engineering, OSINT, mobile platforms, software security, malware reverse engineering
• Deep technical understanding of enterprise operating systems, Active Directory and networking
• Solid understanding of security vulnerabilities and common software engineering flaws
• Familiarity with popular scripting languages and ability to automate tasks
• Familiarity with CND‑based analytical models (Kill Chain, ATT&CK, etc.)
• Certifications OSCP, OSCE, OSEE, OSWE, CREST, GXPEN preferred
• Experience working with Financial Services and Critical Infrastructure
• Strong verbal, written and presentation communication skills
• Ability to work in a fast‑paced environment
• Problem‑solving mindset and barrier‑breaking attitude

We are a proud equal‑opportunity employer and do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, gender identity, age, marital status, veteran status, pregnancy, disability or any other basis protected by law.