Overview
Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness unrelenting technological change to successfully deliver innovations that will help them gain a competitive advantage and improve the everyday lives of people around the globe.
As part of the Expleo Digital and Emerging Technology (DET) team, you will report to the Head of Cyber. Within the Cybersecurity Practice, you will be part of a dynamic and passionate team, working on complex and captivating projects integrating the latest technological solutions and trends. This is a customer-facing role that will provide you with the opportunity to work with emerging technologies and cutting-edge products in a fast-paced and dynamic environment. The Penetration Tester is responsible for identifying and exploiting security vulnerabilities in client systems, networks, applications, and devices. This role focuses on conducting thorough penetration testing, producing comprehensive reports, and providing guidance and support to clients for remediation. The Penetration Tester ensures that all testing activities adhere to the highest standards of quality and security.
Responsibilities
- Conduct comprehensive penetration testing on client systems, networks, applications, and devices to identify security vulnerabilities.
- Develop and execute detailed testing plans and methodologies for various environments, including Cloud, OT, Application, IT, and IoT.
- Produce detailed reports that clearly communicate vulnerabilities, their potential impacts, and recommended remediation strategies.
- Collaborate with client teams to explain findings, support remediation efforts, and provide post-testing debriefs.
- Stay up-to-date with emerging cybersecurity threats, vulnerabilities, and mitigation techniques.
- Assist in the development and refinement of security policies and procedures based on testing results.
- Provide training and guidance to clients on best practices for securing their environments.
- Contribute to the continuous improvement of Expleo's penetration testing methodologies and tools.
- Ensure that penetration testing activities comply with internal and client-specific quality assurance standards.
- Support the sales process by providing technical expertise and insights during client engagements.
- Manage the configuration and maintenance of penetration testing tools and environments.
- Track and report on project progress, ensuring timely delivery of testing activities and documentation.
Qualifications
- Relevant education or industry-recognised certifications in management-related subjects suited to this role (MSc, BSc, CREST, OFFSEC, GIAC, EC-Council, CompTIA)
Essential skills
- Deep understanding of network architecture and protocols.
- Deep understanding of operating systems.
- Good understanding of API vulnerabilities.
- Demonstrable knowledge in web application penetration testing, under OWASP or equivalent framework.
- Good knowledge of at least one scripting language, such as Python, Bash, and PowerShell.
- Proficient in penetration testing tools and techniques.
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication skills, with the ability to explain complex technical issues to non-technical stakeholders.
- Ability to work independently and as part of a team in a fast-paced environment.
- Strong organisational and time management skills.
Desired skills
- Knowledge of OT and IoT security practices and standards.
- Experience in conducting red team exercises.
Experience
- Minimum of 5 years of experience in penetration testing or a related cybersecurity role.
- Proven experience working as a Pen Tester in an IT consultancy role or blue-chip environment.
- Hands-on experience with penetration testing and vulnerability detection tools, such as Burp Suite, Nmap, Wireshark, Metasploit, and Nessus.
- Proven track record of identifying and exploiting security vulnerabilities in diverse environments.
- Experience with Cloud security assessments (AWS, Azure, GCP).
- Familiarity with secure coding practices and application security testing.
What do I need before I apply
- Have the right to work in the UK.
- Current or eligibility to achieve at a minimum SC clearance.
Benefits
- Collaborative working environment - we stand shoulder to shoulder with our clients and our peers through good times and challenges.
- We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects.
- Expleo Academy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses.
- Competitive company benefits.
- Always working as one team, our people are not afraid to think big and challenge the status quo.
Inclusivity Commitment
As a Disability Confident Committed Employer we have committed to ensuring our recruitment process is inclusive and accessible, communicating and promoting vacancies, offering an interview to disabled people who meet the minimum criteria for the job, anticipating and providing reasonable adjustments as required, and supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work.
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age. We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive.