Penetration Tester - GBP50k - London

Source Technology
06 Sep 2017
04 Oct 2017
Contract Type

Penetration Tester - GBP50k - London

Penetration tester require for a London based security consultancy.

As a Penetration Tester you will perform and support the core components of the company's services and product offerings. As such, his/her primary function is to provide security vulnerability assessment, penetration testing, research, analysis, and findings documentation and remediation support services to customers as required. Additionally, the Consultant will assist with company with the design, implementation, configuration, support, testing and monitoring of corporate infrastructure security and access controls.


  • Identify, exploit and document security flaws and vulnerabilities with attack simulations on multiple projects working against specific client focused scopes of work.
  • Ability to flow from black box to grey box to white box tests dependent on client needs.
  • Ability to test a variety of client form factors and technologies based on scopes of work.
  • Ability to solve complex technical problems and articulate to non-IT personnel.
  • Ability to effectively provide technical risk assessment of technologies in networks applications, wireless, social engineering, code reviews and war dialing.
  • Ability to perform vulnerability assessments and penetration testing, utilizing tools commercial and open source tools.
  • Perform, review and analyse security vulnerability data to identify applicability and false positives.
  • Research and develop testing tools, techniques, and process improvements.
  • Create risk based security code reviews (static & dynamic.)
  • Conduct penetration testing in line with Open Web Application Security project.
  • Mentor junior engineers to build their skills and contribution levels.
  • Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.
  • Support company through the testing and evaluation of new technologies and security controls.
  • Assist and support Security Staff as they perform vulnerability, network and network security assessments.
  • May require the performance of other essential functions depending upon work location or assignment.

Required Knowledge:

  • Knowledge and understanding of basic information security principles.
  • Knowledge of security best practice guidelines, (ISO 17799, NIST, OWASP etc.)
  • WINS, DNS, and DHCP, Network troubleshooting.
  • Microsoft OS, Active Directory and Server technologies.

  • Encryption cracking tools
  • Password cracking tools
  • Remote access methods.
  • Backup and disaster recovery methodologies.
  • Patch management technologies and processes.
  • Wireless protocols and services.
  • Variety of testing tools such as: Paros, WebScarab, Burpsuite, Nessus, Appscan,
  • Familiarity with UNIX a plus.

Required Skills:

  • Design and testing experience related to security.
  • Experience with security issues in large scale networks.
  • Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software.
  • Ability to grasp new technology concepts, quickly and assist others in understanding them as well.
  • Senior-level documentation and project management skills.
  • Ability to work in a team environment and interact with people.
  • Strong verbal, communication and technical writing abilities.
  • Project management skills.
  • Possess strong leadership, coaching and mentoring skills.
  • Occasional travel, possibly air travel.
  • Ability to meet pressured deadlines and time constraints.

Location: London

Salary: GBP50k