Principal Penetration Tester at Sky

Job Description:

A Principal Penetration Tester in the Global OTT Security team is both passionate about security and can foster that passion in the team. This is a specialised technical role focused on identifying weaknesses & vulnerabilities that can be exploited to pirate content from the OTT platform. This will require strong technical expertise across a breadth of technologies, such as mobile apps, cloud infrastructure, web content & APIs, CDNs, DRM, cryptography, and more.

You’ll be passionate and knowledgeable about security, with an interest in content protection and anti-piracy. You’ll work closely with multiple teams across Sky to ensure our streaming platform defences are constantly ahead of pirate operators.

As a Principal, you’ll have a track record of successful & effective penetration testing, and you’ll be an authority and mentor for the Global OTT Security team. You will be given substantial freedom to design & scope penetration testing activities to target specific scenarios, components, and piracy techniques. You will focus on demonstrating security weaknesses that can be exploited by pirates, and will work with affected teams to understand how to effectively protect against those exploits.

As part of an embedded team, you will work closely with other security functions within the Sky Group, and you will be continually growing and learning new things!

What you will do:

• Work with Sky Anti-Piracy teams and other specialists to understand the tools, tactics, techniques and procedures pirates use to steal content
• Conduct penetration tests to evaluate the effectiveness of existing anti-piracy security controls and find weaknesses in our apps, services and infrastructure that could be abused by pirates
• Present findings to technical & non-technical audiences with clear recommendations and guidance on how to protect against attacks
• Help shape how we conduct penetration testing & red teaming activities across OTT to better protect the propositions we support

What you will bring:

• Extensive experience in penetration testing
• Excellent technical knowledge of at least some of the following: mobile apps, TV apps, cloud infrastructure, microservices, containers, CDNs, DRM systems, content protection technologies, etc.
• Strong knowledge of Web, API and mobile application security testing frameworks and methodologies
• Technical knowledge in software engineering, system and network security, authentication and security protocols, cryptography, and network/web related protocols (e.g., TCP, UDP, HTTP, HTTPS)
• Ability to plan and deliver work independently as well as alongside teams/programmes when required
• Excellent written and verbal communication and presentation skills, with a strong focus on collaboration

Team Overview:

The Global OTT Security team is both passionate about security and can foster that passion in the team. This is a specialised technical role focused on identifying weaknesses & vulnerabilities that can be exploited to pirate content from the OTT platform. This will require strong technical expertise across a breadth of technologies, such as mobile apps, cloud infrastructure, web content & APIs, CDNs, DRM, cryptography, and more.

We bring the best from the global market into Sky – we buy technology, marketing, corporate, operational services and editorial production solutions. We are an international team working with our stakeholders our partners to curate the most effective and efficient customer-led operating model. High ethical standards are embedded in our team, and we engage our supply chains in creating a sustainable future!

The Rewards:

There’s a reason people can’t stop talking about #LifeAtSky. Our great range of rewards really are something special, here are just a few:

• Sky Q, for the TV you love all in one place
• A generous pension package
• Private healthcare
• Discounted mobile and broadband

Where you’ll work: Osterley

Inclusion:

Recognised as an ‘Inclusive Top 50 Employer’ and a ‘Times Top 50 Employer for Women’, we’re working hard to ensure we’re a truly inclusive place to work. This means we don’t just look at your CV. We’re more focused on who you are and the potential you’ll bring to Sky. We also know that everyone has a life outside work, so we’re happy to discuss flexible working!

And we’ll do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Company Benefits

• Private pension
• MacBook
• Flexible working (hybrid model)
• Bonus scheme
• Healthcare
• Dental Insurance
• Cycle to Work
• Holiday Buy

Interview Process

2 stage interview process