Excellent opportunity for a Senior Penetration Tester to join a rapidly growing and highly skilled cybersecurity consultancy.
The company offers great career progression opportunities, a generous training and development budget and time to support research projects that allow you to break new ground in testing. You will need to be enthusiastic about continuous development.
The role is predominantly home based although will include some travel to customer sites and attendance at company meetings as needed.
Role Info:
Senior Penetration Tester
Home based with visits to client sites and company meetings as required
Up to £75,000 Per Annum
Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities.
Growth: A structured career development plan and training
Hours: 09:00 am to 17:30 pm Monday – Friday
Development Opportunity:Career progression opportunities available
Company: Specialist information and cyber security consultancy and audit services
Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose.
Your Skills / Background:4+ years hands-on penetration testing experience and existing CRT qualification. You will also be a tenacious problem solver and communicator.
The Senior Penetration Tester Opportunity:
As Senior Penetration Tester, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. In return, you will work in an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects.
This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans.
Key Responsibilities:
+ Delivering high quality infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout penetration tests, along with cloud security assessments
+ Working with client teams to research potential vulnerabilities and then plan accordingly
+ Working with clients to research and identify new and emerging attack vectors
+ Conducting vulnerability assessment scanning and unauthorised host discovery exercises
+ Analysing findings and translating them into actionable recommendations
+ Delivering high-quality technical reports, outlining technical and business risk
+ Providing support to clients during on-going incidents
+ Creating and developing tooling, knowledge/threat libraries, methodologies and policies that ensure high quality and informed testing assessments are undertaken
+ Creating and developing internal documentation to ensure our reporting is meaningful
+ Authoring appropriate thought leadership papers, articles, online posts, and marketing materials
About You:
+ A tenacious tester with current CRT qualification as a minimum (OSCP, CTM / CTL is advantageous)
+ 4+ years' demonstrable hands-on penetration testing experience
+ Have mastered a variety of security testing tools
+ Current and relevant technical understanding of technologies, security threats and trends
+ Familiar with relevant bodies and security standards
+ Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with good reporting writing and client presentation skills
About Us:
We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats. We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus.
Services include:
+ Security consulting across the area of security governance, risk, compliance and standards alignment
+ Penetration testing
+ Security architecture for cloud and infrastructure
+ Detection and response
+ Fractional heads and virtual support
+ Security auditing across varying standards such as ISO27001, NIST, PCI DSS and cyber Essentials
+ Training and awareness
Interested? Apply here for a fast-track path to our Hiring Manager
Application notice... We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details.
If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.