City of London, London
Unrivalled opportunity to join a an established yet growing award-winning consulting company. We are seeking Penetration Testers with varying levels of experience to join a newly established red team working on some of the most exciting cyber projects in the UK.
- Working as an embedded penetration tester, onsite with clients Assisting with the establishment of a Red Team Analysing diverse sources of technical data to identify suspicious activity or suspected cyber attacks
- Monitoring operational security management systems - ensuring timely detection, investigation and remediation of potential cyber threats Using advanced security analytics tools to determine emerging threat patterns and vulnerabilities
- Providing security incident triage and investigation, and management of cyber response processes
- Completing Client projects and tasks associated with security monitoring, detection, incident response and security intelligence
- Continually seeking to build a greater understanding of a cyber problem until all the facts have been established
- Creating cyber kill chains and managing investigation timelines Perform administrative duties such as creating new types of data enrichment feeds, detection logic and threat intelligence reports
Key Skills Required:
- Demonstrable recent experience working in a penetration testing role in high pressure environments CRT - Crest Registered Tester and/or OSCP - Offensive Security Certified Professional
- Ability to read and understand raw system data including security event logs, system logs, application logs, and device logs
- A good knowledge of TCP/IP networks, including the technologies and protocols commonly used in local area and wide area networks
- Ability to recognise a sophisticated attack, and how to identify patterns within event data, threat intelligence and malware analysis
- A good working knowledge of a variety of security technologies, including network and application firewalls, host-intrusion prevention and anti-virus
Working knowledge of sysadmin for Linux and Windows Working knowledge of Pen-testing methodology / common vulnerabilities
- A basic knowledge and of common infrastructure and security architectures Experience with vulnerability management tools and methodologies Practical knowledge of the Cyber Security threat landscape and current affairs
- BSc in Computer Sciences, Mathematics or Engineering (min 2:1) or equivalent.
- CCT - Certified Web Application Tester and/or CCT - Certified Infrastructure Tester Hold or working towards a security certification; SANS (e.g. GSEC, GCIA, GCIH, GPEN) or equivalent.
- Relevant TCP/IP network experience, or certifications such as CompTIA Network+ or CCNA. Familiarity with ISO27001 and other security standards Red Team experience