Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: 45,000 - 60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across web applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You'll Be Doing: Conduct web and mobile application assessments, plus API, infrastructure, and cloud penetration tests. Deliver high-quality technical reports and confidently present findings to clients. Support remediation efforts and provide client-facing consultancy. Help develop internal testing methodologies and contribute to Red Team and social engineering operations. Support junior team members and engage in knowledge sharing. Key Skills & Experience: 3-5 years' penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD security and container technologies like Docker. Knowledge of Red Team operations, CobaltStrike, bug bounty programs, or IoT/AI/LLM security. Hands-on coding or scripting knowledge and an understanding of industrial IoT security. What's In It for You: 45,000 - 60,000 base salary Office-based in London SE1 with optional hybrid work post-probation Annual training plan and access to industry events Regular performance reviews and professional growth opportunities Work in a collaborative, expert-led environment If you're ready to take the next step in your cyber security career as a Security Testing Consultant , click apply now .
Jun 12, 2025
Full time
Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: 45,000 - 60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across web applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You'll Be Doing: Conduct web and mobile application assessments, plus API, infrastructure, and cloud penetration tests. Deliver high-quality technical reports and confidently present findings to clients. Support remediation efforts and provide client-facing consultancy. Help develop internal testing methodologies and contribute to Red Team and social engineering operations. Support junior team members and engage in knowledge sharing. Key Skills & Experience: 3-5 years' penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD security and container technologies like Docker. Knowledge of Red Team operations, CobaltStrike, bug bounty programs, or IoT/AI/LLM security. Hands-on coding or scripting knowledge and an understanding of industrial IoT security. What's In It for You: 45,000 - 60,000 base salary Office-based in London SE1 with optional hybrid work post-probation Annual training plan and access to industry events Regular performance reviews and professional growth opportunities Work in a collaborative, expert-led environment If you're ready to take the next step in your cyber security career as a Security Testing Consultant , click apply now .
CBSbutler Holdings Limited trading as CBSbutler
Basingstoke, Hampshire
Cyber Security Assurance Consultant - DV Cleared Rate : 550 - 650 a day (Inside IR35) Location : Basingstoke (Hybrid) Duration: Initially 6 months Clearance: DV Clearance required The company: Global IT Consultancy delivering digital transformation to Defence and National Security end clients. Overview: As Security Assurance Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable)
Jun 10, 2025
Contractor
Cyber Security Assurance Consultant - DV Cleared Rate : 550 - 650 a day (Inside IR35) Location : Basingstoke (Hybrid) Duration: Initially 6 months Clearance: DV Clearance required The company: Global IT Consultancy delivering digital transformation to Defence and National Security end clients. Overview: As Security Assurance Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable)
Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant / IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will also include the delivery of security training and content and supporting the promotion of a positive security culture. The role requires close collaboration with Security Architects, Testers, Engineers and senior stakeholders to achieve the balance between delivering security assured products and supporting speed of delivery. Reports to Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable) Key skills Compliance Security Architecture Security Assessment Security Audit Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Jun 10, 2025
Contractor
Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant / IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will also include the delivery of security training and content and supporting the promotion of a positive security culture. The role requires close collaboration with Security Architects, Testers, Engineers and senior stakeholders to achieve the balance between delivering security assured products and supporting speed of delivery. Reports to Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable) Key skills Compliance Security Architecture Security Assessment Security Audit Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Overview Bulletproof is growing our Information Security consultancy team and is looking for an ISO27001 subject matter expert with experience of delivering consultancy around all the topic, including gap analysis, audits, implementations projects and ad hoc Information Security queries, to a wide variety of customers. You should have an excellent understanding of ISO27001 with knowledge on other Information Security standards and frameworks being advantageous, such as SOC 2 or PCI DSS. You should apply if you enjoy working in a fast-paced, innovative business with an exciting brand that has fun and creative ideas and are looking to disrupt the security market. Please note that this role may require travel to customer sites depending on the request of our customers and your geographical location. This is an opportunity to be part of an exciting and fast-growing security company who has engineered its own innovative products from the ground up. We want to bring someone into the team to help find new ways to globally share our vision to use technology and most importantly talented people to solve businesses most difficult security challenges. Responsibilities Being a subject matter expert for ISO27001 Project Manage your own time effectively to maximise productivity and client delivery. Delivery of Information Security services to a wide variety of customers Managing and supporting VCISO customers Conducting ISO27001 gap analyses/audits. Conducting implementation projects on the above. Supporting VCISO customers with ad-hoc advice and guidance. Reviewing and writing client Information Security documentation Keeping careful logs of client interactions Delivery of Information Security awareness training and incident response tabletops to customers Supporting the Sales Team on scoping calls Support marketing activities where required e.g., writing content. Contribute to the development and improvement of the Bulletproof Information Security documentation set. Recognise and manage upsell opportunities within existing customers. Taking on various administration tasks Supporting the recruitment of and the development of new Team members Skills required People management skills Excellent written and verbal communication skills, including a good telephone manner Excellent knowledge of ISO27001 with a proven track history of managing projects in these areas with a range of different customers. Strong research skills to be able to keep on top of changes in standards. Knowledge of other international information security standards (desirable) Customer management skills, particularly in relation to setting and managing customer expectations. Ability to manage multiple client projects effectively Ability to assimilate information about customers quickly Ability to work autonomously with little supervision. Good MS Office skills, particularly Word, Excel and PowerPoint Proof-reading/ reviewing skills. Exceptional tracking and recording skills (experience using advantageous) Required qualifications / ExpErience Minimum of 3 years' experience in an Information Security role handling ISO27001. Qualifications that would be advantageous for this role would include: ISO27001 Lead Implementor, ISO27001 Lead Auditor The candidate should have a project management qualification or extensive project management experience. Personal Attributes Creative Confident speaker and presenter Innovative Honour commitments Integrity Support your team Collegiate approach to team-working Positive can-do attitude Analytical with exceptional problem-solving skills Able plan and manage time effectively Able to think laterally Accurate in approach with strong attention to detail Self-motivated and committed to driving own development Ability to stay calm under pressure Passionate about data privacy topics Willingness to learn Willingness to support, coach and help to develop more junior Team members Benefits 25 days annual holiday An additional day's annual holiday for your birthday Company pension Childcare Vouchers Subsidized gym membership Perkbox employee benefits platform Frequent team events Relaxed working environment Private Healthcare Flexible working policy Commission based bonus scheme Company Overview We believe that our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data. Key to our success is our in-house UK Security Operations Centre staffed 24/7 by our highly trained penetration testers, security analysts and compliance experts. Bulletproof's most popular services include: Penetration testing Social Engineering Red Team Proactive Monitoring Training SMB/SME cyber security products Compliance Services Bulletproof is the dedicated cybersecurity arm of the ServerChoice Group, an organisation with over 10 years' experience in providing secure online services, so you can be sure you're joining a well-established, growing organisation. Please note that as part of the recruitment process a criminal records check will be carried out by an authorised third party.
Jun 04, 2025
Full time
Overview Bulletproof is growing our Information Security consultancy team and is looking for an ISO27001 subject matter expert with experience of delivering consultancy around all the topic, including gap analysis, audits, implementations projects and ad hoc Information Security queries, to a wide variety of customers. You should have an excellent understanding of ISO27001 with knowledge on other Information Security standards and frameworks being advantageous, such as SOC 2 or PCI DSS. You should apply if you enjoy working in a fast-paced, innovative business with an exciting brand that has fun and creative ideas and are looking to disrupt the security market. Please note that this role may require travel to customer sites depending on the request of our customers and your geographical location. This is an opportunity to be part of an exciting and fast-growing security company who has engineered its own innovative products from the ground up. We want to bring someone into the team to help find new ways to globally share our vision to use technology and most importantly talented people to solve businesses most difficult security challenges. Responsibilities Being a subject matter expert for ISO27001 Project Manage your own time effectively to maximise productivity and client delivery. Delivery of Information Security services to a wide variety of customers Managing and supporting VCISO customers Conducting ISO27001 gap analyses/audits. Conducting implementation projects on the above. Supporting VCISO customers with ad-hoc advice and guidance. Reviewing and writing client Information Security documentation Keeping careful logs of client interactions Delivery of Information Security awareness training and incident response tabletops to customers Supporting the Sales Team on scoping calls Support marketing activities where required e.g., writing content. Contribute to the development and improvement of the Bulletproof Information Security documentation set. Recognise and manage upsell opportunities within existing customers. Taking on various administration tasks Supporting the recruitment of and the development of new Team members Skills required People management skills Excellent written and verbal communication skills, including a good telephone manner Excellent knowledge of ISO27001 with a proven track history of managing projects in these areas with a range of different customers. Strong research skills to be able to keep on top of changes in standards. Knowledge of other international information security standards (desirable) Customer management skills, particularly in relation to setting and managing customer expectations. Ability to manage multiple client projects effectively Ability to assimilate information about customers quickly Ability to work autonomously with little supervision. Good MS Office skills, particularly Word, Excel and PowerPoint Proof-reading/ reviewing skills. Exceptional tracking and recording skills (experience using advantageous) Required qualifications / ExpErience Minimum of 3 years' experience in an Information Security role handling ISO27001. Qualifications that would be advantageous for this role would include: ISO27001 Lead Implementor, ISO27001 Lead Auditor The candidate should have a project management qualification or extensive project management experience. Personal Attributes Creative Confident speaker and presenter Innovative Honour commitments Integrity Support your team Collegiate approach to team-working Positive can-do attitude Analytical with exceptional problem-solving skills Able plan and manage time effectively Able to think laterally Accurate in approach with strong attention to detail Self-motivated and committed to driving own development Ability to stay calm under pressure Passionate about data privacy topics Willingness to learn Willingness to support, coach and help to develop more junior Team members Benefits 25 days annual holiday An additional day's annual holiday for your birthday Company pension Childcare Vouchers Subsidized gym membership Perkbox employee benefits platform Frequent team events Relaxed working environment Private Healthcare Flexible working policy Commission based bonus scheme Company Overview We believe that our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data. Key to our success is our in-house UK Security Operations Centre staffed 24/7 by our highly trained penetration testers, security analysts and compliance experts. Bulletproof's most popular services include: Penetration testing Social Engineering Red Team Proactive Monitoring Training SMB/SME cyber security products Compliance Services Bulletproof is the dedicated cybersecurity arm of the ServerChoice Group, an organisation with over 10 years' experience in providing secure online services, so you can be sure you're joining a well-established, growing organisation. Please note that as part of the recruitment process a criminal records check will be carried out by an authorised third party.
Security Testing Consultant (Pen Tester) Location: London SE1 Salary: £45,000 - £60,000 depending on relevant experience Hours: Full-time, Monday to Friday Work Location: Office-based during probation, then hybrid (3 days office / 2 days WFH) Full time / Permanent Remarkable Jobs are recruiting on behalf of a dynamic and growing cybersecurity organisation. We are seeking a Security Testing Consultant (Pen Tester) to join their expert team in London SE1. This is a fantastic opportunity for an experienced professional to take on a varied, high-impact role conducting in-depth security assessments across multiple platforms. Security Testing Consultant (Pen Tester) Role: As a Security Testing Consultant (Pen Tester) , you will play a vital role in identifying and mitigating vulnerabilities in client systems including applications, infrastructure, cloud platforms, APIs, and mobile technologies. You'll be part of a collaborative team, providing expert guidance and helping to ensure the highest standards of cybersecurity. Security Testing Consultant (Pen Tester) Key Responsibilities: Deliver penetration testing across web, cloud, mobile, and infrastructure Conduct black box, grey box, and white box testing Produce detailed reports and deliver findings to clients Advise clients on remediation strategies and provide post-test support Support team knowledge sharing and mentor junior consultants Participate in Red Team activities and social engineering assessments Contribute to evolving internal processes and methodologies What They Are Looking For: Essential: 3-5 years of hands-on penetration testing experience Strong understanding of OWASP and vulnerability testing standards Proficiency with tools such as Kali, Burp Suite, Nmap, Nessus, Metasploit Knowledge of cloud platform testing (AWS, Azure, GCP) Strong reporting and client communication skills Relevant qualifications such as CREST CRT, OSCP, OSCE, or CCT Desirable: Familiarity with CI/CD environments and containerisation Programming and scripting knowledge Red Team or bug bounty experience Experience with CobaltStrike, IoT, or hardware security Security Testing Consultant (Pen Tester) Key Attributes: Organised, proactive, and analytical Strong communicator with a collaborative mindset Able to manage time effectively across multiple assignments Detail-oriented with a commitment to high-quality documentation If you're ready to take on a challenging and rewarding role as a Security Testing Consultant (Pen Tester) , we'd love to hear from you. Apply now to become a Security Testing Consultant (Pen Tester)!
May 30, 2025
Full time
Security Testing Consultant (Pen Tester) Location: London SE1 Salary: £45,000 - £60,000 depending on relevant experience Hours: Full-time, Monday to Friday Work Location: Office-based during probation, then hybrid (3 days office / 2 days WFH) Full time / Permanent Remarkable Jobs are recruiting on behalf of a dynamic and growing cybersecurity organisation. We are seeking a Security Testing Consultant (Pen Tester) to join their expert team in London SE1. This is a fantastic opportunity for an experienced professional to take on a varied, high-impact role conducting in-depth security assessments across multiple platforms. Security Testing Consultant (Pen Tester) Role: As a Security Testing Consultant (Pen Tester) , you will play a vital role in identifying and mitigating vulnerabilities in client systems including applications, infrastructure, cloud platforms, APIs, and mobile technologies. You'll be part of a collaborative team, providing expert guidance and helping to ensure the highest standards of cybersecurity. Security Testing Consultant (Pen Tester) Key Responsibilities: Deliver penetration testing across web, cloud, mobile, and infrastructure Conduct black box, grey box, and white box testing Produce detailed reports and deliver findings to clients Advise clients on remediation strategies and provide post-test support Support team knowledge sharing and mentor junior consultants Participate in Red Team activities and social engineering assessments Contribute to evolving internal processes and methodologies What They Are Looking For: Essential: 3-5 years of hands-on penetration testing experience Strong understanding of OWASP and vulnerability testing standards Proficiency with tools such as Kali, Burp Suite, Nmap, Nessus, Metasploit Knowledge of cloud platform testing (AWS, Azure, GCP) Strong reporting and client communication skills Relevant qualifications such as CREST CRT, OSCP, OSCE, or CCT Desirable: Familiarity with CI/CD environments and containerisation Programming and scripting knowledge Red Team or bug bounty experience Experience with CobaltStrike, IoT, or hardware security Security Testing Consultant (Pen Tester) Key Attributes: Organised, proactive, and analytical Strong communicator with a collaborative mindset Able to manage time effectively across multiple assignments Detail-oriented with a commitment to high-quality documentation If you're ready to take on a challenging and rewarding role as a Security Testing Consultant (Pen Tester) , we'd love to hear from you. Apply now to become a Security Testing Consultant (Pen Tester)!
Description Our global Fintech client are looking for a Penetration Tester. Responsibilities As a Penetration Tester you will be working with cyber security professionals to protect our clients customers, assets and systems. Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Automation of security testing, and development of internal tooling, to achieve continuous assurance. Key Skills AWS / GCP Penetration testing 5+ years technical information security experience. Please note this role is hybird working environment and will require someone on site in London 2/3 days a week. Job Title: Penetration Tester Location: London, UK Rate/Salary: (phone number removed) - (phone number removed) GBP Yearly Job Type: Permanent Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. (phone number removed). Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at (url removed)> To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to (url removed)> We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice at (url removed)/en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Mar 09, 2025
Full time
Description Our global Fintech client are looking for a Penetration Tester. Responsibilities As a Penetration Tester you will be working with cyber security professionals to protect our clients customers, assets and systems. Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Automation of security testing, and development of internal tooling, to achieve continuous assurance. Key Skills AWS / GCP Penetration testing 5+ years technical information security experience. Please note this role is hybird working environment and will require someone on site in London 2/3 days a week. Job Title: Penetration Tester Location: London, UK Rate/Salary: (phone number removed) - (phone number removed) GBP Yearly Job Type: Permanent Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. (phone number removed). Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at (url removed)> To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to (url removed)> We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice at (url removed)/en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, CREST Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP networking (firewalls, routing, etc.). Coding/scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today! JBRP1_UKTJ
Feb 21, 2025
Full time
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, CREST Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP networking (firewalls, routing, etc.). Coding/scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today! JBRP1_UKTJ
Overview As a Penetration Tester Team Lead, you will be responsible for the day-to-day management of a small team of Penetration Testers, including coaching, guiding, and mentoring. In addition to this, you will perform formal and comprehensive penetration testing assessments, including producing full written reports to appropriate standards and within agreed deadlines. Furthermore, you will support recruitment, quality assurance of reports, and client pre-engagement activities such as scoping and proposal drafting. Additional management time of one day a week will be assigned to help support management activities. Supervisory Responsibilities The Penetration Tester Team Lead will be responsible for the day-to-day management of a team of Penetration Testers, including coaching, guiding, and mentoring. Responsibilities Manage, coach, guide, and mentor a team of Penetration Testers; Complete performance reviews, including 1-2-1s, and support with appropriate follow-up actions; Work with the Penetration Testing Managers to support continuous improvement, efficiency, and effectiveness of the team; Support the Service Delivery team in assigning penetration testing projects; Assist the Marketing team with content development (including blogs, social media posts, and articles) to raise the profile of Bulletproof's Penetration Testing services; Support the Sales & Pre-sales teams with client pre-engagement interactions, including scoping call activities and proposal drafting; Assist in the recruitment pipeline, reviewing candidate submissions, CTF results, and conducting interviews; Manage the QA process to ensure high-quality client reports are delivered in accordance with applicable Service Level Agreements (SLA); Perform formal and comprehensive application, infrastructure, and other penetration testing assessments as required; Conduct vulnerability assessments and provide findings with remediation actions; Deliver well-written, concise, technical and non-technical reports in English; Manage and deliver penetration testing project activities within deadlines; Perform any other appropriate job duties in line with the associated skill and experience of the post holder. Skills and Experience Required Proven industry experience in penetration testing; Previous management or mentoring experience is advantageous but not essential as full support will be provided; Strong understanding of multiple penetration testing fields & frameworks, including OWASP, PTES, and other methodologies; Experience testing web and mobile applications (iOS/Android); Experience reviewing infrastructure and associated technologies (such as AD & network controls/devices); Experience reviewing cloud platforms; Experience preparing and launching social engineering campaigns; Knowledge of how modern solutions are designed, developed, and deployed across different platforms; Ability to program or script in your preferred language; Relevant security qualifications (such as OSCP, OSCE, CREST CRT, CREST CCT); Good knowledge and understanding of network and OS principles; Good knowledge of various operating systems; Good knowledge of virtualization. Personal Attributes Excellent spoken and written English communication skills with strong attention to detail and accuracy; A passion for security and networks; Analytical and problem-solving skills with a can-do attitude and the ability to think laterally and creatively; Self-motivated with a commitment to continued development; Ability to work independently and as part of a team; Influencing and negotiation skills with the ability to build relationships at all levels; Willingness to learn. Benefits 25 days annual holiday; An additional day's annual holiday for your birthday; Company Pension contribution; Subsidized gym membership; Perkbox employee benefits platform; Frequent team events; Private Healthcare (individual cover only); Learning Allowance Benefit - a reimbursable benefit of £100 per annum for personal career development; Flexible working policy. Company Overview Bulletproof is a trusted provider of innovative cyber security and people-powered solutions. Our cyber security services are the best way to stay ahead of hackers, take control of infrastructure, and protect business-critical data. We provide a full spectrum of cyber security services including CREST-certified penetration testing, 24/7 threat monitoring, compliance support, and security training to help organizations protect against today's evolving threat landscape. Please note that as part of the recruitment process, a criminal records check will be carried out by an authorized third party.
Feb 20, 2025
Full time
Overview As a Penetration Tester Team Lead, you will be responsible for the day-to-day management of a small team of Penetration Testers, including coaching, guiding, and mentoring. In addition to this, you will perform formal and comprehensive penetration testing assessments, including producing full written reports to appropriate standards and within agreed deadlines. Furthermore, you will support recruitment, quality assurance of reports, and client pre-engagement activities such as scoping and proposal drafting. Additional management time of one day a week will be assigned to help support management activities. Supervisory Responsibilities The Penetration Tester Team Lead will be responsible for the day-to-day management of a team of Penetration Testers, including coaching, guiding, and mentoring. Responsibilities Manage, coach, guide, and mentor a team of Penetration Testers; Complete performance reviews, including 1-2-1s, and support with appropriate follow-up actions; Work with the Penetration Testing Managers to support continuous improvement, efficiency, and effectiveness of the team; Support the Service Delivery team in assigning penetration testing projects; Assist the Marketing team with content development (including blogs, social media posts, and articles) to raise the profile of Bulletproof's Penetration Testing services; Support the Sales & Pre-sales teams with client pre-engagement interactions, including scoping call activities and proposal drafting; Assist in the recruitment pipeline, reviewing candidate submissions, CTF results, and conducting interviews; Manage the QA process to ensure high-quality client reports are delivered in accordance with applicable Service Level Agreements (SLA); Perform formal and comprehensive application, infrastructure, and other penetration testing assessments as required; Conduct vulnerability assessments and provide findings with remediation actions; Deliver well-written, concise, technical and non-technical reports in English; Manage and deliver penetration testing project activities within deadlines; Perform any other appropriate job duties in line with the associated skill and experience of the post holder. Skills and Experience Required Proven industry experience in penetration testing; Previous management or mentoring experience is advantageous but not essential as full support will be provided; Strong understanding of multiple penetration testing fields & frameworks, including OWASP, PTES, and other methodologies; Experience testing web and mobile applications (iOS/Android); Experience reviewing infrastructure and associated technologies (such as AD & network controls/devices); Experience reviewing cloud platforms; Experience preparing and launching social engineering campaigns; Knowledge of how modern solutions are designed, developed, and deployed across different platforms; Ability to program or script in your preferred language; Relevant security qualifications (such as OSCP, OSCE, CREST CRT, CREST CCT); Good knowledge and understanding of network and OS principles; Good knowledge of various operating systems; Good knowledge of virtualization. Personal Attributes Excellent spoken and written English communication skills with strong attention to detail and accuracy; A passion for security and networks; Analytical and problem-solving skills with a can-do attitude and the ability to think laterally and creatively; Self-motivated with a commitment to continued development; Ability to work independently and as part of a team; Influencing and negotiation skills with the ability to build relationships at all levels; Willingness to learn. Benefits 25 days annual holiday; An additional day's annual holiday for your birthday; Company Pension contribution; Subsidized gym membership; Perkbox employee benefits platform; Frequent team events; Private Healthcare (individual cover only); Learning Allowance Benefit - a reimbursable benefit of £100 per annum for personal career development; Flexible working policy. Company Overview Bulletproof is a trusted provider of innovative cyber security and people-powered solutions. Our cyber security services are the best way to stay ahead of hackers, take control of infrastructure, and protect business-critical data. We provide a full spectrum of cyber security services including CREST-certified penetration testing, 24/7 threat monitoring, compliance support, and security training to help organizations protect against today's evolving threat landscape. Please note that as part of the recruitment process, a criminal records check will be carried out by an authorized third party.
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer asalary of £35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further. JBRP1_UKTJ
Feb 20, 2025
Full time
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer asalary of £35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further. JBRP1_UKTJ
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, Crest Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP Networking (Firewalls, routing, etc.). Coding/Scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T). Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today!
Feb 20, 2025
Full time
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, Crest Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP Networking (Firewalls, routing, etc.). Coding/Scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T). Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today!
In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity-not just answers-in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel. Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of penetration testers in the UK. We test web and mobile applications, computer networks, cloud infrastructure, hardware devices, security awareness through social engineering, organizations through red and purple team exercises, and more. At Kroll, your work will help deliver clarity to our clients' most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll. What you'll do As an Offensive Security Consultant, you'll be reporting to a Vice President in our Offensive Security team and deliver projects for our clients, large and small, across Europe and North America. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. In summary, you will: Execute offensive security and consultative engagements for our clients by testing their applications and infrastructure Author deliverables, such as technical and executive reports Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations Keep your skills and knowledge up to date with the latest trends in cybersecurity and emerging technology What you'll need to succeed Bachelor's degree or college diploma in cybersecurity, computer science or engineering, software engineering, or IT/System/Network administration 2+ years in cybersecurity, with at least 1 year in penetration testing, cloud security, or red teaming A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Testing Guide, TIBER EU, MITRE ATT&CK, PTES, or others An ability to analyze root causes and deliver technological recommendations to our clients Excellent oral and written communication skills Experience working both as part of a global team and independently CREST CPSA, CREST CRT, OSCP, or OSWE certifications are an asset Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability. Kroll is headquartered in New York with offices around the world.
Feb 18, 2025
Full time
In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity-not just answers-in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel. Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of penetration testers in the UK. We test web and mobile applications, computer networks, cloud infrastructure, hardware devices, security awareness through social engineering, organizations through red and purple team exercises, and more. At Kroll, your work will help deliver clarity to our clients' most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll. What you'll do As an Offensive Security Consultant, you'll be reporting to a Vice President in our Offensive Security team and deliver projects for our clients, large and small, across Europe and North America. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. In summary, you will: Execute offensive security and consultative engagements for our clients by testing their applications and infrastructure Author deliverables, such as technical and executive reports Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations Keep your skills and knowledge up to date with the latest trends in cybersecurity and emerging technology What you'll need to succeed Bachelor's degree or college diploma in cybersecurity, computer science or engineering, software engineering, or IT/System/Network administration 2+ years in cybersecurity, with at least 1 year in penetration testing, cloud security, or red teaming A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Testing Guide, TIBER EU, MITRE ATT&CK, PTES, or others An ability to analyze root causes and deliver technological recommendations to our clients Excellent oral and written communication skills Experience working both as part of a global team and independently CREST CPSA, CREST CRT, OSCP, or OSWE certifications are an asset Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability. Kroll is headquartered in New York with offices around the world.
Role: Penetration Tester Location: London Salary: 55,000 Are you passionate about cybersecurity and eager to put your skills to the test? We're looking for a Penetration Tester to join our growing team and help identify vulnerabilities before malicious actors can exploit them working for a leading managed security service provider. About the Role: As a Penetration Tester, you'll simulate real-world cyber-attacks to assess the security of our clients' systems, networks, and applications. Your goal will be to uncover weaknesses and provide actionable recommendations for enhancing security. What You'll Do: Conduct penetration testing on a variety of systems (web applications, networks, and mobile apps). Identify and exploit vulnerabilities to assess the security posture of our clients. Collaborate with security teams to patch vulnerabilities and strengthen defenses. Prepare detailed reports outlining findings and provide remediation steps. Stay up-to-date with the latest cybersecurity threats and industry best practices. Who You Are: Proficient in penetration testing methodologies and tools (e.g., Kali Linux, Burp Suite, Metasploit). Strong understanding of common vulnerabilities (OWASP Top 10, CVE databases). Hands-on experience with web application and network security testing. Strong problem-solving skills and the ability to think like an attacker. Excellent communication skills to present findings clearly to technical and non-technical teams. Certifications like OSCP, CEH, or similar are a plus. Why Join Us: Competitive salary and benefits. Opportunity to work with cutting-edge cybersecurity technologies. Collaborative, inclusive work environment with career growth opportunities. Impactful work protecting organizations from cyber threats. If you're ready to help safeguard the digital world, we want to hear from you. Apply today and be part of our mission to create safer online environments for all! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Feb 15, 2025
Full time
Role: Penetration Tester Location: London Salary: 55,000 Are you passionate about cybersecurity and eager to put your skills to the test? We're looking for a Penetration Tester to join our growing team and help identify vulnerabilities before malicious actors can exploit them working for a leading managed security service provider. About the Role: As a Penetration Tester, you'll simulate real-world cyber-attacks to assess the security of our clients' systems, networks, and applications. Your goal will be to uncover weaknesses and provide actionable recommendations for enhancing security. What You'll Do: Conduct penetration testing on a variety of systems (web applications, networks, and mobile apps). Identify and exploit vulnerabilities to assess the security posture of our clients. Collaborate with security teams to patch vulnerabilities and strengthen defenses. Prepare detailed reports outlining findings and provide remediation steps. Stay up-to-date with the latest cybersecurity threats and industry best practices. Who You Are: Proficient in penetration testing methodologies and tools (e.g., Kali Linux, Burp Suite, Metasploit). Strong understanding of common vulnerabilities (OWASP Top 10, CVE databases). Hands-on experience with web application and network security testing. Strong problem-solving skills and the ability to think like an attacker. Excellent communication skills to present findings clearly to technical and non-technical teams. Certifications like OSCP, CEH, or similar are a plus. Why Join Us: Competitive salary and benefits. Opportunity to work with cutting-edge cybersecurity technologies. Collaborative, inclusive work environment with career growth opportunities. Impactful work protecting organizations from cyber threats. If you're ready to help safeguard the digital world, we want to hear from you. Apply today and be part of our mission to create safer online environments for all! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Tob Title: Penetration Tester - CRT or CSTM cert required Salary: £40,000 - £55,000 (Depending on Experience) Location: Primarily remote, with occasional onsite requirements Eligibility for SC Clearance: Non-negotiable Sponsorship: Not available About the Role: We are seeking a talented and certified Penetration Tester to join our client in the Computer and Network Security industry. As a key member, you will be responsible for identifying vulnerabilities in systems, networks, and applications through penetration testing. This role is mainly remote, with occasional onsite requirements for certain projects and collaborations. Essential Qualifications & Experience: CRT or CSTM certification is required. Hands-on experience with CHECK tools is a bonus but not mandatory. Strong understanding of penetration testing methodologies, vulnerability scanning, and security risk analysis. Familiarity with various operating systems, networking protocols, and cybersecurity tools. Excellent problem-solving and communication skills. Ability to work independently in a remote environment and manage tasks efficiently. Key Responsibilities: Conduct penetration tests on systems, networks, and applications to identify potential security vulnerabilities. Work with development and IT teams to implement fixes for identified security flaws. Perform vulnerability assessments and risk analysis to evaluate the security posture of the organisation. Provide comprehensive reports detailing test findings and actionable recommendations for improving security. Stay up to date with the latest security threats and penetration testing techniques. Collaborate with internal teams to ensure security best practices are followed. Eligibility Requirements: Must be eligible for SC clearance (Security Check). No sponsorship available for this position. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.
Feb 14, 2025
Full time
Tob Title: Penetration Tester - CRT or CSTM cert required Salary: £40,000 - £55,000 (Depending on Experience) Location: Primarily remote, with occasional onsite requirements Eligibility for SC Clearance: Non-negotiable Sponsorship: Not available About the Role: We are seeking a talented and certified Penetration Tester to join our client in the Computer and Network Security industry. As a key member, you will be responsible for identifying vulnerabilities in systems, networks, and applications through penetration testing. This role is mainly remote, with occasional onsite requirements for certain projects and collaborations. Essential Qualifications & Experience: CRT or CSTM certification is required. Hands-on experience with CHECK tools is a bonus but not mandatory. Strong understanding of penetration testing methodologies, vulnerability scanning, and security risk analysis. Familiarity with various operating systems, networking protocols, and cybersecurity tools. Excellent problem-solving and communication skills. Ability to work independently in a remote environment and manage tasks efficiently. Key Responsibilities: Conduct penetration tests on systems, networks, and applications to identify potential security vulnerabilities. Work with development and IT teams to implement fixes for identified security flaws. Perform vulnerability assessments and risk analysis to evaluate the security posture of the organisation. Provide comprehensive reports detailing test findings and actionable recommendations for improving security. Stay up to date with the latest security threats and penetration testing techniques. Collaborate with internal teams to ensure security best practices are followed. Eligibility Requirements: Must be eligible for SC clearance (Security Check). No sponsorship available for this position. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.
Senior Penetration Tester - Contract Role in London We are seeking a highly skilled and experienced Senior Penetration Tester for an exciting contract opportunity based in the vibrant city of London. This role offers a chance to work within dynamic environments, focusing on both web and mobile applications. The position is set for 3 months duration starting mid-March with negotiable rates. Key Details: Type: Contract (3-months) Rates: Negotiable Sector: Cybersecurity Testing / Information Security Main Responsibilities Include But Are Not Limited To : - Conducting detailed penetration tests on various web-based as well as mobile platforms. - Identifying vulnerabilities, providing recommendations & producing comprehensive reports. The ideal candidate will be working under hybrid conditions allowing flexibility between home and our office located centrally in London. The IR35 status remains TBC which we aim to clarify at the earliest possibility. If you have expertise in safeguarding digital infrastructure through ethical hacking techniques this could potentially be your next engagement! Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
Feb 08, 2025
Contractor
Senior Penetration Tester - Contract Role in London We are seeking a highly skilled and experienced Senior Penetration Tester for an exciting contract opportunity based in the vibrant city of London. This role offers a chance to work within dynamic environments, focusing on both web and mobile applications. The position is set for 3 months duration starting mid-March with negotiable rates. Key Details: Type: Contract (3-months) Rates: Negotiable Sector: Cybersecurity Testing / Information Security Main Responsibilities Include But Are Not Limited To : - Conducting detailed penetration tests on various web-based as well as mobile platforms. - Identifying vulnerabilities, providing recommendations & producing comprehensive reports. The ideal candidate will be working under hybrid conditions allowing flexibility between home and our office located centrally in London. The IR35 status remains TBC which we aim to clarify at the earliest possibility. If you have expertise in safeguarding digital infrastructure through ethical hacking techniques this could potentially be your next engagement! Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer a salary of 35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further.
Feb 06, 2025
Full time
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer a salary of 35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further.
Senior Security Test Consultant - Penetration Tester - OSCP Salary: Up to £72,000 + Private Health + Excellent Pension + Benefits + Flexi/Home Working + Full Travel Expenses Note: Sorry no sponsorship is available for this role. We are proud to collaborate with a leading Security Tech Company based in London, seeking experienced Senior Security Consultants to join their dedicated Cyber Testing Team click apply for full job details
Feb 01, 2024
Full time
Senior Security Test Consultant - Penetration Tester - OSCP Salary: Up to £72,000 + Private Health + Excellent Pension + Benefits + Flexi/Home Working + Full Travel Expenses Note: Sorry no sponsorship is available for this role. We are proud to collaborate with a leading Security Tech Company based in London, seeking experienced Senior Security Consultants to join their dedicated Cyber Testing Team click apply for full job details
Pentest CHECK Team Lead required by our client, a well-established cyber-security firm looking to expand. This is for a permanent role, but some ad-hoc working may also be on offer if that would be more suited to your current lifestyle. This role can be worked from multiple locations, with client sites across the UK. Salary banding is Our client are specifically looking for CHECK Team Leads in either Web Application or Infrastructure. The salary level for the CHECK Team Lead is approximately £60k to £70k. To find out more about the company and the role, please get in touch with Dave a IT Recruitment Solutions today. CTL, CHECK Team Lead, Pentest, Pentesting, Pentester, Penetration Testing
Jan 26, 2024
Full time
Pentest CHECK Team Lead required by our client, a well-established cyber-security firm looking to expand. This is for a permanent role, but some ad-hoc working may also be on offer if that would be more suited to your current lifestyle. This role can be worked from multiple locations, with client sites across the UK. Salary banding is Our client are specifically looking for CHECK Team Leads in either Web Application or Infrastructure. The salary level for the CHECK Team Lead is approximately £60k to £70k. To find out more about the company and the role, please get in touch with Dave a IT Recruitment Solutions today. CTL, CHECK Team Lead, Pentest, Pentesting, Pentester, Penetration Testing
We are currently working with a well-established consultancy with big plans for 2024 as they're looking to hire multiple experienced CRT Certified Penetration Testers to support upcoming projects. The company is Crest accredited and you will get the opportunity to work on a wide scope of engagements and with businesses in a variety of industries. Salary: £45,000 - £60,000 per annum Location: Remote + National Client Site Travel Penetration Tester - Responsibilities: Lead/support a variety of penetration testing engagements with a focus on excellent client delivery Manage projects, workload and training effectively Producing informative, and detail reports Involved in scoping calls for testing engagements Stay updated on cybersecurity threats and industry best practices. Penetration Tester - Requirements: Must possess CRT certification 2+ years experience in a Pen Testing role is necessary Other relevant industry certifications such as OSCP, OSEP, CSTM, CTM Must possess active, or be eligible for, SC Clearance Excellent report writing abilities and a high standard of written English Enthusiasm, dedication and keen interest in professional development This is a great opportunity for an experienced Pen Tester to join an already established offensive security practice - with the chance to work on new, fresh and exciting engagements. If you want to further enhance your skill set, develop professionally and upskill in any particular area of Pen Testing - be sure to apply and reach out. Lawrence Harvey is acting as an Employment Business in regards to this position.
Jan 26, 2024
Full time
We are currently working with a well-established consultancy with big plans for 2024 as they're looking to hire multiple experienced CRT Certified Penetration Testers to support upcoming projects. The company is Crest accredited and you will get the opportunity to work on a wide scope of engagements and with businesses in a variety of industries. Salary: £45,000 - £60,000 per annum Location: Remote + National Client Site Travel Penetration Tester - Responsibilities: Lead/support a variety of penetration testing engagements with a focus on excellent client delivery Manage projects, workload and training effectively Producing informative, and detail reports Involved in scoping calls for testing engagements Stay updated on cybersecurity threats and industry best practices. Penetration Tester - Requirements: Must possess CRT certification 2+ years experience in a Pen Testing role is necessary Other relevant industry certifications such as OSCP, OSEP, CSTM, CTM Must possess active, or be eligible for, SC Clearance Excellent report writing abilities and a high standard of written English Enthusiasm, dedication and keen interest in professional development This is a great opportunity for an experienced Pen Tester to join an already established offensive security practice - with the chance to work on new, fresh and exciting engagements. If you want to further enhance your skill set, develop professionally and upskill in any particular area of Pen Testing - be sure to apply and reach out. Lawrence Harvey is acting as an Employment Business in regards to this position.
Security Architect - TOGAF - CISM - CISSP Security Architect - Remote Essential Job Duties and Responsibilities: Ensure customer security requirements and responses are developed with engineering and business development teams for customer bids Lead security response to customer variation requests and ensure customer understanding of the impact of their request against new and existing security risks. Lead the delivery of design and build/operations and maintenance budget requirements for customer bids and variation requests. Ensures financial requirements for cyber resilience controls and security labour estimates are presented in cost models presented to senior leadership. Lead assurance to ensure security requirements are developed by DevOps, system engineers and other project team staff and are implemented according to cyber resilience engineering policies and customer needs and ensure that these requirements are supportable and clearly documented. Leads all security risk assessment/business impact analysis/audit for new and existing business applications or IT infrastructure and leads advice and guidance on the application and operation of physical, procedural and technical security controls within all engineering and IT solutions. Lead information security assurance within design gateways and service transition/change boards. Champion best practices for application and infrastructure/architecture design principles for the use of existing and new information security technologies across customer systems. Assure appropriate security support processes are delivered by projects to support service transition. Some manual handling may occasionally be required May be required to work on other sites and datacentres Comply with values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures. In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them. Minimum Job Requirements: Qualifications Essential: Degree or equivalent qualifications/experience Certification as an Information Security professional (eg IISP/CISA/CISM/CISSP/CCSP/ISA) Current driving licence Desirable: A university degree in a numerate subject (eg computer science, maths, engineering, natural science) Information privacy/data protection - CIPPE/+ CIPM HMG IA qualifications/CLAS; Crest-registered penetration tester and/or security architect ITIL v3/Prince2 foundation level/TOGAF Security and IT infrastructure/networking vendors' certifications Skills/Experience/Knowledge Essential: Solid exposure of taking a leading role in the establishment and implementation of security architecture, policies and procedures. Experience of secure development life cycles (SDLC) Good understanding of enterprise-scale security management process and infrastructure Exposure to current IT Security standards and regulations such as PCI-DSS, ISO 27001, SOX, DPA Exposure to enterprise IT infrastructure and tools (eg MS Windows Server, Cisco, Oracle Solaris, Linux) Superior network infrastructure and protocol knowledge Desirable: Experience of transactional revenue, Embedded, Smartcards and mobile payment systems Knowledge/experience of security architecture of major public cloud services eg Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers eg Okta Knowledge of cryptographic services Knowledge of wider security, audit, risk and compliance standards eg PCI-P2PE, PCI-POI-PTS, ISO 27701, ISO27005, ISO31000, NIST, GDPR and governance/risk/compliance tools Requirements analysis and tracing tools such as DOORS and SD Elements; OneTrust privacy tool Understanding of security within DevOps and waterfall project methods, product development Experience of application security testing tools and devops frameworks, eg SonarQube, JIRA, static & dynamic code analysis/fuzzing Development tools/environments; Java, Visual Studio, C# In depth understanding of information security control tools, eg Splunk, Crowdstrike, Trend Micro DeepSecurity, Imperva WAF, Tenable.IO/Nessus, TripWire, Cisco IPS, F5, Centrify Experience of quality management systems and external audit standards eg ISO 9001, ISAE3402
Dec 17, 2022
Full time
Security Architect - TOGAF - CISM - CISSP Security Architect - Remote Essential Job Duties and Responsibilities: Ensure customer security requirements and responses are developed with engineering and business development teams for customer bids Lead security response to customer variation requests and ensure customer understanding of the impact of their request against new and existing security risks. Lead the delivery of design and build/operations and maintenance budget requirements for customer bids and variation requests. Ensures financial requirements for cyber resilience controls and security labour estimates are presented in cost models presented to senior leadership. Lead assurance to ensure security requirements are developed by DevOps, system engineers and other project team staff and are implemented according to cyber resilience engineering policies and customer needs and ensure that these requirements are supportable and clearly documented. Leads all security risk assessment/business impact analysis/audit for new and existing business applications or IT infrastructure and leads advice and guidance on the application and operation of physical, procedural and technical security controls within all engineering and IT solutions. Lead information security assurance within design gateways and service transition/change boards. Champion best practices for application and infrastructure/architecture design principles for the use of existing and new information security technologies across customer systems. Assure appropriate security support processes are delivered by projects to support service transition. Some manual handling may occasionally be required May be required to work on other sites and datacentres Comply with values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures. In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them. Minimum Job Requirements: Qualifications Essential: Degree or equivalent qualifications/experience Certification as an Information Security professional (eg IISP/CISA/CISM/CISSP/CCSP/ISA) Current driving licence Desirable: A university degree in a numerate subject (eg computer science, maths, engineering, natural science) Information privacy/data protection - CIPPE/+ CIPM HMG IA qualifications/CLAS; Crest-registered penetration tester and/or security architect ITIL v3/Prince2 foundation level/TOGAF Security and IT infrastructure/networking vendors' certifications Skills/Experience/Knowledge Essential: Solid exposure of taking a leading role in the establishment and implementation of security architecture, policies and procedures. Experience of secure development life cycles (SDLC) Good understanding of enterprise-scale security management process and infrastructure Exposure to current IT Security standards and regulations such as PCI-DSS, ISO 27001, SOX, DPA Exposure to enterprise IT infrastructure and tools (eg MS Windows Server, Cisco, Oracle Solaris, Linux) Superior network infrastructure and protocol knowledge Desirable: Experience of transactional revenue, Embedded, Smartcards and mobile payment systems Knowledge/experience of security architecture of major public cloud services eg Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers eg Okta Knowledge of cryptographic services Knowledge of wider security, audit, risk and compliance standards eg PCI-P2PE, PCI-POI-PTS, ISO 27701, ISO27005, ISO31000, NIST, GDPR and governance/risk/compliance tools Requirements analysis and tracing tools such as DOORS and SD Elements; OneTrust privacy tool Understanding of security within DevOps and waterfall project methods, product development Experience of application security testing tools and devops frameworks, eg SonarQube, JIRA, static & dynamic code analysis/fuzzing Development tools/environments; Java, Visual Studio, C# In depth understanding of information security control tools, eg Splunk, Crowdstrike, Trend Micro DeepSecurity, Imperva WAF, Tenable.IO/Nessus, TripWire, Cisco IPS, F5, Centrify Experience of quality management systems and external audit standards eg ISO 9001, ISAE3402
AppCheck is a cyber security SaaS company based in the UK. We provide a cloud-based vulnerability scanning technology that allows companies to find security vulnerabilities in their web applications and hosted infrastructure, before hackers can find and exploit them (much like an automated penetration tester). We started in 2014 with 4 people, now with 70+ in total, and growing by at least 20 peopl click apply for full job details
Nov 30, 2022
Full time
AppCheck is a cyber security SaaS company based in the UK. We provide a cloud-based vulnerability scanning technology that allows companies to find security vulnerabilities in their web applications and hosted infrastructure, before hackers can find and exploit them (much like an automated penetration tester). We started in 2014 with 4 people, now with 70+ in total, and growing by at least 20 peopl click apply for full job details
