MAIN RESPONSIBILITIES
- Perform pen tests, vulnerability assessments and build reviews both remotely and at client sites, against network devices, servers, end user devices, cloud technologies, wireless networks, web, and mobile applications
- Opportunities to deliver related services such as social engineering, staff security awareness training, red teaming and IoT device testing
- Active testing is accompanied by writing detailed and accurate reports to communicate findings to clients, as well as phone calls to confirm requirements and discuss test results
- Varied work, with a mix of government and private sector clients, and a commitment not to pigeonhole testers on a narrow track
- Joining an established and friendly team who will be there to help you develop your knowledge and career
- Working alongside senior testers
- Support and funding for core exams, plus dedicated time and budget for self-development, additional training, and conference attendance
- A realistic cap on client site work/travel
- A bonus scheme to reward high levels of utilisation and more challenging work types
- The opportunity to dedicate one day per year for charitable work
- Remote/home working with travel to client sites nationally/regionally
KEY COMPETENCIES
- CREST Registered Tester, or equivalent Cyber Scheme or OSCP qualification
- Minimum one year’s penetration testing experience in infrastructure and application disciplines, ideally with exposure to client site testing such as internal pen tests and IT health checks
- SC clearance and experience of formal NCSC CHECK testing for central government clients an advantage but not essential
- Excellent written and verbal communication skills
- Highly organized with strong attention to detail
- Flexibility and resilience to meet the demands of the role
- Ability to demonstrate exceptional customer service
- A team player, able to work alongside colleagues and clients to deliver work
- A proactive approach to acquiring new skills and a desire for personal development
