Penetration Tester - London

Unrivalled opportunity to join a an established yet growing award-winning consulting company. We are seeking Penetration Testers with varying levels of experience to join a newly established red team working on some of the most exciting cyber projects in the UK.

Key tasks:

  • Working as an embedded penetration tester, onsite with clients Assisting with the establishment of a Red Team Analysing diverse sources of technical data to identify suspicious activity or suspected cyber attacks
  • Monitoring operational security management systems - ensuring timely detection, investigation and remediation of potential cyber threats Using advanced security analytics tools to determine emerging threat patterns and vulnerabilities
  • Providing security incident triage and investigation, and management of cyber response processes
  • Completing Client projects and tasks associated with security monitoring, detection, incident response and security intelligence
  • Continually seeking to build a greater understanding of a cyber problem until all the facts have been established
  • Creating cyber kill chains and managing investigation timelines Perform administrative duties such as creating new types of data enrichment feeds, detection logic and threat intelligence reports

Key Skills Required:

  • Demonstrable recent experience working in a penetration testing role in high pressure environments CRT - Crest Registered Tester and/or OSCP - Offensive Security Certified Professional
  • Ability to read and understand raw system data including security event logs, system logs, application logs, and device logs
  • A good knowledge of TCP/IP networks, including the technologies and protocols commonly used in local area and wide area networks
  • Ability to recognise a sophisticated attack, and how to identify patterns within event data, threat intelligence and malware analysis
  • A good working knowledge of a variety of security technologies, including network and application firewalls, host-intrusion prevention and anti-virus

Working knowledge of sysadmin for Linux and Windows Working knowledge of Pen-testing methodology / common vulnerabilities

  • A basic knowledge and of common infrastructure and security architectures Experience with vulnerability management tools and methodologies Practical knowledge of the Cyber Security threat landscape and current affairs

Desirable Skills:

  • BSc in Computer Sciences, Mathematics or Engineering (min 2:1) or equivalent.
  • CCT - Certified Web Application Tester and/or CCT - Certified Infrastructure Tester Hold or working towards a security certification; SANS (e.g. GSEC, GCIA, GCIH, GPEN) or equivalent.
  • Relevant TCP/IP network experience, or certifications such as CompTIA Network+ or CCNA. Familiarity with ISO27001 and other security standards Red Team experience