Please check your email .
*Salary - Negotiable, dependant on experience*
My client, a well-established security consultancy, is currently searhcing for an experienced London-based Senior Security Consultant, to strengthen their consulting team.
The ideal candidate would be preferably CHECK or CREST accredited at CTL level.
About the Role:
· Perform application (web and mobile) and infrastructure vulnerability assessment and penetration tests on different platforms using different technologies.
· Conduct source code reviews to identify software program vulnerabilities and detect malware or malicious embedded code.
· Simulate real-time cyber-attacks using red team / blue team / black team exercises.
· Conduct server/network/middleware security configuration assessments.
· Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware / ransomware.
· Ensuring all client sites, externally and internally, are accurately tested.
· Produce reports on identified security vulnerabilities and advise possible recommendations to remediate the vulnerabilities.
· Build and maintain relationships with existing and prospective clients, and develop / improve a network of business contacts.
· Assist the Sales team with pre-sales opportunities aswell as assist with scoping prospective engagements and developing proposals.
· Assist in continuously enhancing the existing penetration testing methodologies.
· Conduct security research, and produce blog pieces to raise the market profile of ProCheckUp.
· Remain up-to-date on the latest cyber security threats, vulnerabilities and regulatory requirements.
· Professionally qualified (e.g. OSCP/CREST and/or GIAC - GXPN, GPEN, GWAPT, etc. or other relevant qualifications) preferably CREST CCT.
· CHECK status.
· Security Clearance.
· Possess a recognised Degree in Computer Science, Information Technology, Engineering (Computer / Electronics), or a related discipline.
• Good understanding of information security management and information systems governance.
• Ability to work on various platforms and operating systems (e.g. Windows, Linux, Kali).
• Experience with at least one scripting language (e.g. bash, powershell, python).
• Understand the OWASP testing methodology and have knowledge of penetration testing tools.
• Strong knowledge base in enterprise technologies and operations, enterprise networking, internet application security, database security evaluation and architecture.
• Able to understand basic networking concepts (e.g. routing, ALC, load balancers, SSL/TLS, TCP).
· Demonstrated integrity in a professional environment.
· Good communication skills with the ability to articulate complex IT concepts and issues within a business context and to a wide audience including senior client management.
· Excellent written and verbal communication skills including advising clients and consulting on findings relating to their business through direct contact and solid assessment reports.
· Have strong analytical, problem solving and inter-personal skills.
· Be able to work as part of a team, and at the same time being an independent self-starter.
· Hands on mentality, with a long experience in ethical hacking.
· Willingness to travel to client sites
Register with ARM's job board to receive the latest opportunities that match your criteria straight in your email inbox, manage your job search and receive our newsletter.
Looking for a different recruitment experience? Work with an award-winning multidisciplinary team of technology and engineering recruitment experts, find out exactly what makes ARM stand apart.