Lead for Red Team and Penetration Testing

Job Description

Do you want to shape how a leading Nordic bank tests and improves its cyber defences? We’re looking for an experienced people leader to head our Red Team and Penetration Testing capability - modernising our approach through smart automation, AI, and helping us stay ahead of real-world threats.

The Red Team and Penetration Testing Team consists of five professionals, ranging from junior to senior levels, and is part of the Cyber Build area in the Security, Resilience, and Controls (SRC) organisation. We work closely with engineers and security stakeholders across the Group to validate controls, identify exploitable weaknesses, and turn findings into measurable risk reduction.

In this role you will lead the team, set direction and priorities, and continuously improve how we deliver red team engagements and penetration testing across the bank. A key part of the mission is to expand our coverage and throughput over the coming year by standardising ways of working, leveraging modern tooling, and introducing higher levels of automation and AI where it adds real value.

We are looking for an experienced leader who will report to the Head of Cyber Build. You will develop, coach, and empower the team, act as an escalation point, and partner with stakeholders to ensure our offensive security work is relevant, actionable, and aligned with the bank’s risk priorities.

You will join a journey to reshape how we perform red teaming and penetration testing in a focused and expanding organisation with clear goals. We offer modern facilities in our Copenhagen and Vilnius offices, a hybrid working model, and benefits that support well-being and health.

You will:

• Lead and coach the Red Team and Penetration Testing team, creating a safe, productive culture with clear expectations and growth plans.
• Own the strategy and roadmap for offensive security testing across the bank (red team engagements, penetration tests, and purple-team collaboration).
• Plan, scope, and oversee complex engagements - ensuring quality, repeatability, and strong operational security.
• Drive actionable outcomes: turn findings into clear risk narratives and remediation plans and follow up with engineering teams to ensure fixes land.
• Build strong stakeholder partnerships across Security, Technology, and the business - prioritising testing where it matters most.
• Modernise our delivery model by introducing automation and AI-assisted workflows (e.g., reporting, recon, test orchestration) to increase coverage and consistency.
• Set and maintain standards, playbooks, and governance for engagements (methodology, evidence handling, tooling, and documentation).
• Act as the senior escalation point and trusted advisor, briefing leaders on offensive security capability, risk posture, and investment needs.
  
  

About you:

We’re looking for a leader who combines strong leadership skills with offensive security credibility someone who is curious, structured, and pragmatic, and who can partner widely to turn testing into real risk reduction.

• Demonstrated people leadership experience - building, coaching, and retaining teams in offensive security, cyber defence, or closely related domains.
• Strong practical understanding of penetration testing and/or red teaming, including common attacker tactics, techniques, and procedures and how to test for them safely.
• Experience running end-to-end engagements: scoping, rules of engagement, execution, reporting, and stakeholder debriefs at multiple seniority levels.
• Broad technical foundation across cloud, networks, identity, endpoints, and applications, with the ability to guide others in choosing the right testing approach and tooling.
• Clear, structured communication—able to translate technical findings into risk, prioritisation, and decisions for executives and engineering leaders.
• A pragmatic, improvement mindset with interest in automation and AI-assisted workflows to scale testing while maintaining quality.
• Relevant certifications are an advantage (e.g., OSCP/OSCE, GXPN/GPEN, CRTO) or equivalent demonstrated experience.
• Professional English skills (written and spoken).
  
  

We offer:

Monthly salary range from 6080 EUR to 9120 EUR gross (based on your competencies relevant for the job).

Additionally, each Danske Bank employee receives employee benefits package which includes:

• Growth opportunities: professional & supportive team, e-learnings, numerous development programs; (incl. professional certificates); 100+ professions for internal mobility opportunities.
• Health & Well-being: a diverse, inclusive, work & life balance work environment; additional health insurance; mental well-being practices; partial psychologist counselling compensation; silence and sleep zones at the office; game rooms.
• Hybrid working conditions: Work from home up to two days a week; home office budget (after the probation period); modern Danske Campus workplace developed with anthropologist for the best employee experience.
• Additional days of leave: for rest, health, volunteering, exams in higher education institutions, and other important activities. Moreover, for seniority with Danske Bank.
• Monetary compensation package: accidents & critical diseases insurance; financial support in case of unfortunate events, travel insurance; IIIrd Pillar Pension Fund contribution.
  
  

See all the benefits HERE.

Your job function (position) in the job contract will be Cyber Security.

If you're interested in this role and joining my team, feel free to contact me – Eric Olsson

About Us

Danske Bank is a Nordic bank with bridges to the world around us. For 150 years, we have supported people and businesses in releasing their potential. A career with us is an opportunity to join a community of 22,000 colleagues in a culture where we are committed to Teaming Up, Owning It and Being Open. Together, we are on a journey to transform Danske Bank into a better bank. For our customers, our employees and the societies around us.