Penetration Tester – London - £45k-70k DOE
Opportunity working for a leading independent cyber security consulting firm based in London but operating across the UK. Specialising in Penetration Testing and Security Advisory Services dedicated to delivering world-class service to their clients, many of whom work exclusively to advance their security. We have built an impressive client base that includes major clients within the financial services, telecoms, ecommerce, defence and energy sectors.
The right candidate will be offered unmatched career progression and grow through levels in one of the industry's leading independently owned cyber security companies.
The role would suit an ambitious candidate that is looking to move on from a large security consulting firm, accelerate their career; and progress to Senior Penetration Tester level.
- Research / lab time – Got a pet security project? We’ll give you the time to finish it; and explore options for further research.
- Speaking opportunities – Our pen test team is well respected, and we would expect you to present on a regular basis to the community.
- Flexible working – Work can be carried out from home where business needs permit.
- Training – Each of our consultants is assigned to an ongoing professional training programme, agreed upon commencement and each year thereafter.
- Conferences – We expect the penetration testing team to make a visible presence at industry conferences, such as OWASP, Black Hat and DefCon.
- Your voice will be heard - You will have the opportunity to become directly involved and influence our direction.
- Benefits - 25 days annual leave; Annual Company Bonus; Contributory company pension; Corporate sick pay scheme; Interest free season ticket loan; Cycle to Work scheme; Subsidised gym membership; Perkbox Employee Benefit scheme; Childcare vouchers;
- Delivering a range of assessment types including Web Application, API, Mobile and Infrastructure tests.
- Leading Cyber Essentials projects for clients.
- Producing high quality reports to clients that highlight areas of identified weaknesses.
- Providing advice to clients on remediation routes.
- Delivering all projects to the very high standards our clients expect.
- Work with other members of the team to share knowledge and experience, and to find creative ways of solving technical issues.
- Attending project commencement calls and meetings to finalise the scope for upcoming projects.
- Helping scope up projects and assist the sales team in developing competitive proposals that win business.
- Achieving CHECK Team Leader (CTL) within the first 12 months.
- Pre-sales and post-sales client support.
- At least three-six year’s experience working as a full time penetration tester.
- BSc in Computer Science, Engineering or equivalent.
- Confidence and ability to carry out assessments independently.
- At least one of the following qualifications: CREST CRT, OSCP or Tigerscheme QSTM.
- The ability to work towards client-led or internal deadlines.
- Highly organised approach with an attention to detail.
- Familiarity with the OWASP Top 10 and SANS CWE Top 25 and an understanding of how these vulnerabilities can be exploited.
- A creative approach to performing thorough proven-method tests.
- Excellent verbal and written communication skills, and the ability to write strong technical reports.
- An articulate and confident presentation style.
- The ability to explain how exploits were successful, and how a client could remediate the vulnerabilities raised during an assessment.
- Highly professional and dependable.
- Willingness to travel.
- Knowledge of hardware and embedded system security.
- Red teaming experience.
- Ability to carry out cloud security assessments on AWS, Google Cloud or Azure.