Penetration Tester
We are looking to recruit a Penetration Tester to join our growing team. We’re looking for an enthusiastic and driven individual to enhance our internal Penetration Testing capability.
Client satisfaction is paramount to us and therefore strong customer facing skills are a must. We are a small Consultancy with big plans for growth, offering a clear career path and family based approach to our team, Partners and Clients.
Role Overview
In this role, you will help to secure UK national infrastructure by pen testing cutting edge IT and Operational Technology systems. Your scope will be broad and will cover infrastructure, public cloud platforms, Web Application and APIs.
The successful candidate will provide a wide range of security testing services on a consultancy basis for Public Sector and SME clients alike. The Pen Tester will be responsible for providing clients with findings documentation, analysis and remedial support following the security testing.
The successful candidate will be an experienced Pen Tester who is eligible for SC clearance (you must have been a UK resident for 5 years to be eligible). You will have a recognised Pen Testing certification such as CREST CRT, OSCP or CSTM.
Key responsibilities
- Perform web application, infrastructure, IoT, cloud, API, wireless and mobile application penetration tests
- Perform Red Team and social engineering testing
- Be involved in the draft proposals and scoping discussions with clients
- Writing reporting and presenting test findings to clients
- Consulting with clients on remedial actions following the results of the security testing
- Assisting with the junior members of the penetration testing team
Qualifiations, Experience and Skills required
- 3 – 5 years’ experience performing security testing
- Possess OSCP, OSCE, CRT, CCT, CSTM or Red Team Test Leader qualifications
- Experience in performing Web Application, API and microservices based testing
- Experience in performing infrastructure and cloud based testing
- Experience with Nmap, Burpsuite, Nessus, Qualys, Metasploit or Kali
- Strong knowledge of OWASP Testing Methodologies
- Ability to scrutinise Java, Python and JavaScript code to identify security vulnerabilities
- Prior experience with working on a consultancy basis or in a client facing position
Nice to have Skills
- Experience of performing Penetration tests in the Public Sector
- CHECK Team Member/Leader Status
- Existing SC clearance
Package
- £40 – £65k per annum dependant on skills and experience
- Up to 10% annual bonus (if targets met)
- Funded InfoSec training and time allocated for self-study
- 40 hour working weeks
- Flexible working policy (within core business hours)
- Hybrid working – Head Office in Altrincham/Work From Home (WFH)
- 25 days holiday excluding bank holidays
- Company Sickness Policy & Statutory Sick Pay (SSP)
- Company Pension (can opt out)
- Company Expense Policy
- Private Health Care
- Career development opportunities
- Regular team meals and activities
About Us
Based in Manchester UK, we are an independent Cyber Security Consultancy providing Security Consultancy and Managed Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses that want to develop strong security strategies.
We’re a UK Government approved supplier and accredited Cyber Essentials Certification Body who provide a range of Security consultancy and Managed security services. Examples include Cyber Security, Cloud Security & Data Privacy Consultancy, Vulnerability Scanning, Cloud Security Assessments & Penetration Testing services.
For more information regarding this role please send a copy of your CV to Opportunities@cybersecurityspecialists.co.uk.