Senior Technical Consultant/Pen Tester

Applications have now closed

Please visit our main job board to see all our current vacancies.

Senior Technical Consultant/Pen Tester

CHECK Team Leader/Experienced CREST Certified Tester for an established security consultancy in London

Job Description

My client, a well-established security consultancy, is currently searching for an experienced London-based Senior Security Consultant, to strengthen their consulting team.

The ideal candidate would be preferably CHECK or CREST accredited at CTL level.

About the Role:

· Perform application (web and mobile) and infrastructure vulnerability assessment and penetration tests on different platforms using different technologies.

· Conduct source code reviews to identify software program vulnerabilities and detect malware or malicious embedded code.

· Simulate real-time cyber-attacks using red team / blue team / black team exercises.

· Conduct server/network/middleware security configuration assessments.

· Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware / ransomware.

· Ensuring all client sites, externally and internally, are accurately tested.

· Produce reports on identified security vulnerabilities and advise possible recommendations to remediate the vulnerabilities.

· Build and maintain relationships with existing and prospective clients, and develop / improve a network of business contacts.

· Assist the Sales team with pre-sales opportunities as well as assist with scoping prospective engagements and developing proposals.

· Assist in continuously enhancing the existing penetration testing methodologies.

· Conduct security research, and produce blog pieces to raise the market profile of ProCheckUp.

· Remain up-to-date on the latest cyber security threats, vulnerabilities and regulatory requirements.

Desirable Experience/Qualifications:

· Professionally qualified (e.g. OSCP/CREST and/or GIAC - GXPN, GPEN, GWAPT, etc. or other relevant qualifications) preferably CREST CCT.

· CHECK status.

· Security Clearance.

· Possess a recognised Degree in Computer Science, Information Technology, Engineering (Computer / Electronics), or a related discipline.

Key skills:

• Good understanding of information security management and information systems governance.

• Ability to work on various platforms and operating systems (e.g. Windows, Linux, Kali).

• Experience with at least one scripting language (e.g. Bash, Powershell, Python).

• Understand the OWASP testing methodology and have knowledge of penetration testing tools.

• Strong knowledge base in enterprise technologies and operations, enterprise networking, internet application security, database security evaluation and architecture.

• Able to understand basic networking concepts (e.g. routing, ALC, load balancers, SSL/TLS, TCP).

Personal Qualities:

· Demonstrated integrity in a professional environment.

· Good communication skills with the ability to articulate complex IT concepts and issues within a business context and to a wide audience including senior client management.

· Excellent written and verbal communication skills including advising clients and consulting on findings relating to their business through direct contact and solid assessment reports.

· Have strong analytical, problem solving and inter-personal skills.

· Be able to work as part of a team, and at the same time being an independent self-starter.

· Hands on mentality, with a long experience in ethical hacking.

· Willingness to travel.

Advanced Resource Managers IT Limited operates & advertises as an Employment Agency for permanent positions and as an Employment Business for contract/temporary positions.

Key Consultant

James Riley

20170818 093119 - edited 3

Meet James from our Cyber Security team. He specialises in the recruitment of penetration testers, security consultants, security engineers, offensive security professionals and threat intelligence researchers.