Penetration Tester - West London - GBP45k

Recruiter
Source Technology
Location
London
Salary
40000.00 - 49999.00 GBP Annual
Posted
06 Sep 2017
Expires
04 Oct 2017
Contract Type
Permanent

Penetration Tester - West London - GBP45k

A British telecommunications company is currently looking for a junior Penetration Tester to join their technical team.

As a Penetration Tester you will play a key role in protecting key information assets as well as being responsible for conducting various security assessments, educating the business on the inherent risks and providing hardening and mitigation strategies

As a member of the Information Security team, the Penetration Tester will be required to be a thought leader within selected information security practices, have proven experience in development and maintenance of security operations, and have a strong understanding of technology risks with an ability to identify mitigating controls.

Job responsibilities:

• Web-based and mobile application penetration tests

• Network penetration tests

• Logical security audits

• Hands-on technical security evaluations and remediation advice

Assignments & Skills:

• The ability to perform and manage application security assessments

• Penetration testing

• Data leakage

• Network and system forensics

• Testing the design and effectiveness of security controls of Internet systems, networks and applications.

Team Overview:

IS Security is responsible for Threat Assessment and Incident Response for the company's Technology Infrastructure. In addition the team is responsible for the development and compliance maintenance of Policies, Standards and business cases to manage the risks posed to the company technology.

The department is also responsible for ensuring Programme delivery is compliant against these standards and Policies through project consultancy.

Key responsibilities:

• Performing penetration tests and vulnerability assessments on company assets and where necessary 3rd Parties.

• Web Application Penetration Testing -End User Environment

• Performing application security penetration and vulnerability testing against applications.

• Testing a diverse range of Applications, Devices and systems.

• Manual Web App testing for SQL injection, XSS, CSRF, Broken Auth & Session Management, Buffer overflows, OWASP top 10 etc.

• Mobile Application Security testing of Android & IOS Devices

• Work with developers. Have a direct impact on projects and applications. Identify issues and enhance security.

• Respond to cutting edge threats facing the business.

• Simulate real life Hacking attacks

• Performing research as necessary on reported issues and emerging risks to identify best-practice solutions.

Candidate requirements

Essential:

• 1+ years of experience performing network, web / application and wireless penetration testing including exploitation.

• Demonstrable skills in common types of penetration testing such as web/application and infrastructure testing, wireless network testing, VoIP, firewall rule set review.

• Hands-on experience with software security testing and common testing tools like Appscan, WebInspect, Fortify, etc

• Experienced with tools such as Burp/Paros/Proxy tools, nmap, Nessus, Metasploit, Backtrack, Kali, SQL Ninja and various hacking tools.

• Experience with penetration testing frameworks

• Ability to do manual penetration testing/validation and not rely on automated scanners.

Desirable:

• Technical certifications such as: OSCP, OSCE, GWAPT, GPEN, GCIH, CISSP, CISA, CISM, CEH, CHECK, CREST, TIGET SST

• PCI/DSS

• Reverse engineering, binary analysis, antivirus avoidance, and exploit development.

• Advanced understanding of security architecture and related components.

• Advanced understanding of Application Security and techniques to mitigate threats in application code and functions.

• Proven experience across consultancy, service provider and end user environments.

Location:

West London

Salary:

GBP40k

Apply with your CV to be considered.