Offensive Security Analyst

All the details
As an Offensive Security Analyst, you will play a critical role in proactively identifying vulnerabilities and simulating real-world cyber threats to strengthen Marks & Spencer's security posture. Working within the Purple Team under the guidance of the Purple Team and Threat Intelligence Manager, you will execute ethical hacking activities, red team exercises, and adversary emulation campaigns. Your work will directly inform and validate defensive improvements, helping ensure M&S remains resilient against evolving cyber threats.

What You'll Do

• Help monitor global cybersecurity incidents and trends to predict potential impacts on the organization.
• Collaborate with the Blue Team to design and implement realistic attack simulations, testing the organization's detection, response and recovery procedures
• Provide recommendations and support to the Blue Team in refining and enhancing detection rules, response playbooks and overall defensive strategies based on offensive findings
• Participate in joint post-incident analysis sessions with the Blue Team to identify gaps and improve future defensive and offensive operations
• Continuously update and maintain an understanding of the threat landscape, focusing on tactics, techniques and procedures (TTPs) used by adversaries
• Contribute to the development of threat modelling, security architecture and security review processes

Who You Are

• 1-2 years experience in a penetration testing role or similar
• Knowledge of cyber threat actors, their tactics, techniques, and procedures (TTPs)
• Good analytical and problem-solving skills
• Experience with penetration testing methodologies and tools such as Metasploit, Burp Suite, Nessus, Nmap, Nikto
• Proven experience in conducting security assessments, vulnerability assessments and penetration testing including Web Application and Internal / External Infrastructure assessments

What's In It For You
Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day. We're an inclusive, dynamic, exciting, and ever evolving business built on doing the right thing and bringing exceptional quality, value, service to every customer, whenever, wherever and however they want to shop with us.

Here are some of the benefits we offer that make working for M&S just that little bit more special…

• After completing your probationary period, you'll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
• Competitive holiday entitlement with the potential to buy extra holiday days
• Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
• A generous Defined Contribution Pension Scheme and Life Assurance.
• A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
• Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
• Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
• Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
• A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.

Everyone's welcome
We're ambitious about the future of retail. We're innovating, disrupting, and leading the way into a more inspiring, digital era. It's an exciting time to be part of M&S.

To support us on our journey, we're building inclusive, diverse teams where everyone can be themselves, do their best work, and make change happen. We support each other and succeed together.

Don't worry if you don't meet every single requirement of the job description. It's more of a guide to what's possible within the role. If you're passionate, ready to work hard, and think the role feels right for you, we'd love to hear from you.
#hybridrole