This job has ended. Find similar jobs.

Penetration Tester

Posted 3 February by Hedgehog Security Ltd Ended

Hedgehog Security is recruiting for a qualified, experienced penetration tester to be based in our Gibraltar office but may include up to 30% of the year travelling globally. The penetration tester will report to our team leader who is based in the UK and our management team. The right candidate will be offered excellent career progression and growth in one of the industry's leading independently owned cyber security companies.

Benefits of working at Hedgehog include:

  • Bonus's based on our Technical Quest boosters
  • Generous holiday allowance of up to 30 days.
  • Research and lab time for that security project you have in mind. We provide paid time to finish it; and explore options for further research.
  • Speaking opportunities happen all the time. You will work with the marketing team to help you get established. We would expect you to present on a regular basis to the community.
  • Each of our testers is assigned to an ongoing professional training programme, agreed upon commencement and each year thereafter.
  • You are expected to make a visible presence at industry conferences, such as OWASP, Black Hat and DefCon.
  • Flexible benefits such as pension, health, gym membership, cycle to work scheme, season ticket loans, company car scheme.
  • Access to the Hedgehog motorsport team, with social weekends away at various race circuits competing at grass roots levels through to professional levels.

Responsibilities

As a Penetration Tester you will join a highly experienced team that delivers work on client projects in Gibraltar, Europe and the UK. Your responsibilities will include:

  • Delivering a range of black-box, grey-box and / or white-box penetration testing to clients.
  • Working on projects in web, mobile application testing, infrastructure testing, phishing and social testing.
  • Delivering reports to clients that highlight areas of identified weaknesses.
  • Providing advice to clients on technical-remediation routes.
  • Delivering all projects to the very high standards our clients expect.
  • Work with other members of the team to share knowledge and experience, and to find creative ways of solving technical issues.
  • Attending project commencement calls and meetings to finalise the scope for upcoming projects.
  • Experience of delivering hands-on web / mobile application and infrastructure testing.
  • Demonstrable experience of security research and exploit creation.
  • Initiative and problem-solving skills.
  • Highly responsive with an ability to handle escalations quickly and professionally.
  • Possess a creative approach to performing thorough proven-method tests.
  • Have the ability to work towards client-led or internal deadlines.
  • A Full knowledge of OWASP Top 10 and SANS CWE Top 25; and how to exploit vulnerable systems in each of these categories.
  • Have minimum of 2+ years’ professional experience.
  • A willingness to travel.

Requirements

Essential

  • Indepth security knowledge of both Windows and Linux platforms.
  • Experience of delivering hands-on web / mobile application and infrastructure testing.
  • Demonstrable experience of security research and exploit creation.
  • Initiative and problem-solving skills.
  • Be OSCP qualified.
  • Highly responsive with an ability to handle escalations quickly and professionally.
  • Possess a creative approach to performing thorough proven-method tests.
  • Have the ability to work towards client-led or internal deadlines.
  • A Full knowledge of OWASP Top 10 and SANS CWE Top 25 and how to exploit vulnerable systems in each of these categories.
  • Have minimum of 2+ years’ professional experience.
  • A willingness to travel.

You will need very strong communication skills including:

  • Excellent verbal and written communication skills, and the ability to write strong technical reports.
  • An articulate and confident presentation style.
  • Ability to explain how exploits were carried out, and how a client should remediate.

Desirable

  • Ideally you will be fluent with programming skills and have strong knowledge of ASP .net, PHP, Java, Python, Objective C and C#.
  • Strong database (MS SQL, MySQL) and web server (IIS, Apache) skills.
  • Experience of testing a variety of platforms including iOS, Android, Windows and Linux.
  • API testing.
  • Any experience of research, authoring, public-speaking or intelligence analysis.

Other Information

Hedgehog supports forces veterans and blue light service leavers and is an equal opportunities employer.

Required skills

  • Penetration Testing
  • Web Application Penetration Testing
  • Infrastructure Penetration Testing
  • Wireless Penetration Testing
  • Mobile Application Penetration Testing

Reference: 34390130

Bank or payment details should not be provided when applying for a job. reed.co.uk is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Report this job