Lead Penetration Tester / Cyber Security Consultant - Audit, Risk, Security, Compliance Consultancy
London EC3A, or home based with travel to client sites as required
£55,000 - £80,000 depending on experience + Benefits
We are an information audit, risk, security and compliance company supplying professional services across a broad range of sectors.
The Company was initially formed in 2008 to specialise in payment security and has since grown organically into a highly respected thought-leading information risk, cyber security and compliance consultancy.
By combining creative thinking, selective hiring, passionate vision and exceptional service, our small highly experienced team provides a commercially balanced blend of strategic and tactical advice, technical assessments and assurance & audit services. We supply to large and well-known clients across many sectors including retail, insurance, financial services and telecommunication.
We have recently taken the penetration testing function in-house. We are therefore looking for an experienced Lead / Penetration Tester who, in addition to performing a hands-on penetration testing role, is keen to take a key role in shaping the penetration testing service for our clients and further developing the in-house function in line with best practice.
The Lead Penetration Tester / Cyber Security Consultant Role:
The primary role is to undertake hands-on web and mobile application and / or infrastructure penetration testing to support our assurance services. Working with the client’s management and technical teams, you will perform a structured programme of security / penetration testing on our client’s network infrastructure, systems and applications. You will conduct web and mobile application, network, infrastructure and wireless penetration tests and related activities, social engineering, simulate cyberattacks and offer recommendations, reports, added value and thought leadership to our internal teams and clients. In addition, you will help shape the service provision for our client engagements, build and lead the penetration testing team, and take a leading role in ensuring the smooth running of the penetration testing function. This could be a fantastic opportunity for an experienced penetration tester / lead to take the next step in their career development.
Key Required Skills and Experience:
+ Hands-on external penetration testing experience with experience of infrastructure and / or application penetration testing
+ Exposure to a variety of security testing tools and exploits to identify vulnerabilities and recommend corrective action
+ Current technical understanding of security threats, trends and solutions
+ Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with good reporting writing and client presentation skills
+ Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, CREST, Tigerscheme SST, and CESG Check
+ A consultative manner and customer facing skills with the ability to communicate with stakeholders at all levels and advise on best practice
+ An interest in growing the Penetration Testing Practice, improving the services and offering creative ideas and contributions
+ Some team leading experience
+ The ambition to grow with the business
+ An enquiring mind, the tenacity to overcome technical challenges, and an ability to approach problems from different perspectives
+ A commitment to personal development and keeping a current knowledge of the security industry threats and best practices
+ Ability to travel as required
You might also have:
+ Knowledge of firewalls and other network security controls
+ Knowledge of applied cryptographic protocols
+ CSSLP, OSWE, OSCP, OSWP, OSCE, OSEE, GAWPT, GPEN, or GXPN certification(s)
+ Experience hacking hardware or embedded systems
What we offer:
We offer a competitive salary plus benefits and continued investment in your training, professional development and technical certifications. You will have the opportunity to work in the supportive and pragmatic culture of an established and thought-leading Consultancy where you won’t just be a 'number’ but will be able to make a real impact on the service provision to our clients and the growth of the business.
Interested? Just Apply Below...
...But first a little formality. By applying you explicitly consent to us processing & passing your application to our client for review for this vacancy only. If your skills match the role you will hear back from us within 2 business days. If you have any pre-application questions please email team [at] recruitmentrevolution.com quoting the job title & ref. Good luck, Team RR.