Meet James from our Cyber Security team. He specialises in the recruitment of penetration testers, security consultants, security engineers, offensive security professionals and threat intelligence researchers.
Senior Technical Consultant/Pen Tester
Applications have now closed
Please visit our main job board to see all our current vacancies.
Senior Technical Consultant/Pen Tester
CHECK Team Leader/Experienced CREST Certified Tester for an established security consultancy in London
Job DescriptionMy client, a well-established security consultancy, is currently searching for an experienced London-based Senior Security Consultant, to strengthen their consulting team.
The ideal candidate would be preferably CHECK or CREST accredited at CTL level.
About the Role:
· Perform application (web and mobile) and infrastructure vulnerability assessment and penetration tests on different platforms using different technologies.
· Conduct source code reviews to identify software program vulnerabilities and detect malware or malicious embedded code.
· Simulate real-time cyber-attacks using red team / blue team / black team exercises.
· Conduct server/network/middleware security configuration assessments.
· Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware / ransomware.
· Ensuring all client sites, externally and internally, are accurately tested.
· Produce reports on identified security vulnerabilities and advise possible recommendations to remediate the vulnerabilities.
· Build and maintain relationships with existing and prospective clients, and develop / improve a network of business contacts.
· Assist the Sales team with pre-sales opportunities as well as assist with scoping prospective engagements and developing proposals.
· Assist in continuously enhancing the existing penetration testing methodologies.
· Conduct security research, and produce blog pieces to raise the market profile of ProCheckUp.
· Remain up-to-date on the latest cyber security threats, vulnerabilities and regulatory requirements.
· Professionally qualified (e.g. OSCP/CREST and/or GIAC - GXPN, GPEN, GWAPT, etc. or other relevant qualifications) preferably CREST CCT.
· CHECK status.
· Security Clearance.
· Possess a recognised Degree in Computer Science, Information Technology, Engineering (Computer / Electronics), or a related discipline.
• Good understanding of information security management and information systems governance.
• Ability to work on various platforms and operating systems (e.g. Windows, Linux, Kali).
• Experience with at least one scripting language (e.g. Bash, Powershell, Python).
• Understand the OWASP testing methodology and have knowledge of penetration testing tools.
• Strong knowledge base in enterprise technologies and operations, enterprise networking, internet application security, database security evaluation and architecture.
• Able to understand basic networking concepts (e.g. routing, ALC, load balancers, SSL/TLS, TCP).
· Demonstrated integrity in a professional environment.
· Good communication skills with the ability to articulate complex IT concepts and issues within a business context and to a wide audience including senior client management.
· Excellent written and verbal communication skills including advising clients and consulting on findings relating to their business through direct contact and solid assessment reports.
· Have strong analytical, problem solving and inter-personal skills.
· Be able to work as part of a team, and at the same time being an independent self-starter.
· Hands on mentality, with a long experience in ethical hacking.
· Willingness to travel.
Advanced Resource Managers IT Limited operates & advertises as an Employment Agency for permanent positions and as an Employment Business for contract/temporary positions.