CBSbutler Holdings Limited trading as CBSbutler
Basingstoke, Hampshire
Cyber Security Assurance Consultant - DV Cleared Rate : 550 - 650 a day (Inside IR35) Location : Basingstoke (Hybrid) Duration: Initially 6 months Clearance: DV Clearance required The company: Global IT Consultancy delivering digital transformation to Defence and National Security end clients. Overview: As Security Assurance Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable)
Jun 10, 2025
Contractor
Cyber Security Assurance Consultant - DV Cleared Rate : 550 - 650 a day (Inside IR35) Location : Basingstoke (Hybrid) Duration: Initially 6 months Clearance: DV Clearance required The company: Global IT Consultancy delivering digital transformation to Defence and National Security end clients. Overview: As Security Assurance Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable)
Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant / IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will also include the delivery of security training and content and supporting the promotion of a positive security culture. The role requires close collaboration with Security Architects, Testers, Engineers and senior stakeholders to achieve the balance between delivering security assured products and supporting speed of delivery. Reports to Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable) Key skills Compliance Security Architecture Security Assessment Security Audit Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Jun 10, 2025
Contractor
Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant / IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will also include the delivery of security training and content and supporting the promotion of a positive security culture. The role requires close collaboration with Security Architects, Testers, Engineers and senior stakeholders to achieve the balance between delivering security assured products and supporting speed of delivery. Reports to Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable) Key skills Compliance Security Architecture Security Assessment Security Audit Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Role Summary: Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear communication, timely delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering attacks and advanced penetration tactics. Post-initial access, perform internal testing to escalate privileges and gain high-level access. Document methodologies and outcomes, providing actionable insights for enhancing security. Technical Proficiencies: Python/Scripting: Demonstrate a high level of proficiency in Python, essential for writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments. Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding file permissions, managing services, and using Linux/Windows-based security tools. Knowledge of Linux/Windows is vital for testing and exploiting Unix/Windows-based applications and servers. Burp Suite Expertise: Exhibit expertise in using Burp Suite, a leading tool for web application security testing. This includes leveraging its various features for intercepting traffic, conducting automated scans, manipulating requests and responses, and identifying vulnerabilities in web applications. Nmap and Enumeration Tools: Skilled in using Nmap for network scanning and enumeration. This involves not just running scans but interpreting results to identify open ports, services, and potential vulnerabilities. Familiarity with other enumeration tools that help in discovering and mapping network and system details is also important. Active Directory Analysis/Impacket: Proficient in analyzing Active Directory environments using tools like Impacket. This includes understanding AD architecture, identifying misconfigurations, and exploiting them. Skills in leveraging Impacket for tasks like network relays, password spraying, and gaining elevated privileges are crucial for penetrating Windows environments. We're Seeking: Qualifications: A degree in Computer Science, Engineering, Mathematics, or Physics. Experience Level: Open to graduates/juniors and above. The more experience in red teaming, the better. Skills: Exceptional problem-solving abilities, with a flair for thinking on your feet and tackling constantly evolving threats creatively. Attributes: Motivated, passionate, determined, and an avid learner. We value self-starters with proven experience who are driven to learn. Communication: Strong interpersonal and communication skills are essential for effective team collaboration, which is a key aspect of our work culture GCS is acting as an Employment Agency in relation to this vacancy.
Jun 05, 2025
Full time
Role Summary: Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear communication, timely delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering attacks and advanced penetration tactics. Post-initial access, perform internal testing to escalate privileges and gain high-level access. Document methodologies and outcomes, providing actionable insights for enhancing security. Technical Proficiencies: Python/Scripting: Demonstrate a high level of proficiency in Python, essential for writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments. Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding file permissions, managing services, and using Linux/Windows-based security tools. Knowledge of Linux/Windows is vital for testing and exploiting Unix/Windows-based applications and servers. Burp Suite Expertise: Exhibit expertise in using Burp Suite, a leading tool for web application security testing. This includes leveraging its various features for intercepting traffic, conducting automated scans, manipulating requests and responses, and identifying vulnerabilities in web applications. Nmap and Enumeration Tools: Skilled in using Nmap for network scanning and enumeration. This involves not just running scans but interpreting results to identify open ports, services, and potential vulnerabilities. Familiarity with other enumeration tools that help in discovering and mapping network and system details is also important. Active Directory Analysis/Impacket: Proficient in analyzing Active Directory environments using tools like Impacket. This includes understanding AD architecture, identifying misconfigurations, and exploiting them. Skills in leveraging Impacket for tasks like network relays, password spraying, and gaining elevated privileges are crucial for penetrating Windows environments. We're Seeking: Qualifications: A degree in Computer Science, Engineering, Mathematics, or Physics. Experience Level: Open to graduates/juniors and above. The more experience in red teaming, the better. Skills: Exceptional problem-solving abilities, with a flair for thinking on your feet and tackling constantly evolving threats creatively. Attributes: Motivated, passionate, determined, and an avid learner. We value self-starters with proven experience who are driven to learn. Communication: Strong interpersonal and communication skills are essential for effective team collaboration, which is a key aspect of our work culture GCS is acting as an Employment Agency in relation to this vacancy.
Overview Bulletproof is growing our Information Security consultancy team and is looking for an ISO27001 subject matter expert with experience of delivering consultancy around all the topic, including gap analysis, audits, implementations projects and ad hoc Information Security queries, to a wide variety of customers. You should have an excellent understanding of ISO27001 with knowledge on other Information Security standards and frameworks being advantageous, such as SOC 2 or PCI DSS. You should apply if you enjoy working in a fast-paced, innovative business with an exciting brand that has fun and creative ideas and are looking to disrupt the security market. Please note that this role may require travel to customer sites depending on the request of our customers and your geographical location. This is an opportunity to be part of an exciting and fast-growing security company who has engineered its own innovative products from the ground up. We want to bring someone into the team to help find new ways to globally share our vision to use technology and most importantly talented people to solve businesses most difficult security challenges. Responsibilities Being a subject matter expert for ISO27001 Project Manage your own time effectively to maximise productivity and client delivery. Delivery of Information Security services to a wide variety of customers Managing and supporting VCISO customers Conducting ISO27001 gap analyses/audits. Conducting implementation projects on the above. Supporting VCISO customers with ad-hoc advice and guidance. Reviewing and writing client Information Security documentation Keeping careful logs of client interactions Delivery of Information Security awareness training and incident response tabletops to customers Supporting the Sales Team on scoping calls Support marketing activities where required e.g., writing content. Contribute to the development and improvement of the Bulletproof Information Security documentation set. Recognise and manage upsell opportunities within existing customers. Taking on various administration tasks Supporting the recruitment of and the development of new Team members Skills required People management skills Excellent written and verbal communication skills, including a good telephone manner Excellent knowledge of ISO27001 with a proven track history of managing projects in these areas with a range of different customers. Strong research skills to be able to keep on top of changes in standards. Knowledge of other international information security standards (desirable) Customer management skills, particularly in relation to setting and managing customer expectations. Ability to manage multiple client projects effectively Ability to assimilate information about customers quickly Ability to work autonomously with little supervision. Good MS Office skills, particularly Word, Excel and PowerPoint Proof-reading/ reviewing skills. Exceptional tracking and recording skills (experience using advantageous) Required qualifications / ExpErience Minimum of 3 years' experience in an Information Security role handling ISO27001. Qualifications that would be advantageous for this role would include: ISO27001 Lead Implementor, ISO27001 Lead Auditor The candidate should have a project management qualification or extensive project management experience. Personal Attributes Creative Confident speaker and presenter Innovative Honour commitments Integrity Support your team Collegiate approach to team-working Positive can-do attitude Analytical with exceptional problem-solving skills Able plan and manage time effectively Able to think laterally Accurate in approach with strong attention to detail Self-motivated and committed to driving own development Ability to stay calm under pressure Passionate about data privacy topics Willingness to learn Willingness to support, coach and help to develop more junior Team members Benefits 25 days annual holiday An additional day's annual holiday for your birthday Company pension Childcare Vouchers Subsidized gym membership Perkbox employee benefits platform Frequent team events Relaxed working environment Private Healthcare Flexible working policy Commission based bonus scheme Company Overview We believe that our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data. Key to our success is our in-house UK Security Operations Centre staffed 24/7 by our highly trained penetration testers, security analysts and compliance experts. Bulletproof's most popular services include: Penetration testing Social Engineering Red Team Proactive Monitoring Training SMB/SME cyber security products Compliance Services Bulletproof is the dedicated cybersecurity arm of the ServerChoice Group, an organisation with over 10 years' experience in providing secure online services, so you can be sure you're joining a well-established, growing organisation. Please note that as part of the recruitment process a criminal records check will be carried out by an authorised third party.
Jun 04, 2025
Full time
Overview Bulletproof is growing our Information Security consultancy team and is looking for an ISO27001 subject matter expert with experience of delivering consultancy around all the topic, including gap analysis, audits, implementations projects and ad hoc Information Security queries, to a wide variety of customers. You should have an excellent understanding of ISO27001 with knowledge on other Information Security standards and frameworks being advantageous, such as SOC 2 or PCI DSS. You should apply if you enjoy working in a fast-paced, innovative business with an exciting brand that has fun and creative ideas and are looking to disrupt the security market. Please note that this role may require travel to customer sites depending on the request of our customers and your geographical location. This is an opportunity to be part of an exciting and fast-growing security company who has engineered its own innovative products from the ground up. We want to bring someone into the team to help find new ways to globally share our vision to use technology and most importantly talented people to solve businesses most difficult security challenges. Responsibilities Being a subject matter expert for ISO27001 Project Manage your own time effectively to maximise productivity and client delivery. Delivery of Information Security services to a wide variety of customers Managing and supporting VCISO customers Conducting ISO27001 gap analyses/audits. Conducting implementation projects on the above. Supporting VCISO customers with ad-hoc advice and guidance. Reviewing and writing client Information Security documentation Keeping careful logs of client interactions Delivery of Information Security awareness training and incident response tabletops to customers Supporting the Sales Team on scoping calls Support marketing activities where required e.g., writing content. Contribute to the development and improvement of the Bulletproof Information Security documentation set. Recognise and manage upsell opportunities within existing customers. Taking on various administration tasks Supporting the recruitment of and the development of new Team members Skills required People management skills Excellent written and verbal communication skills, including a good telephone manner Excellent knowledge of ISO27001 with a proven track history of managing projects in these areas with a range of different customers. Strong research skills to be able to keep on top of changes in standards. Knowledge of other international information security standards (desirable) Customer management skills, particularly in relation to setting and managing customer expectations. Ability to manage multiple client projects effectively Ability to assimilate information about customers quickly Ability to work autonomously with little supervision. Good MS Office skills, particularly Word, Excel and PowerPoint Proof-reading/ reviewing skills. Exceptional tracking and recording skills (experience using advantageous) Required qualifications / ExpErience Minimum of 3 years' experience in an Information Security role handling ISO27001. Qualifications that would be advantageous for this role would include: ISO27001 Lead Implementor, ISO27001 Lead Auditor The candidate should have a project management qualification or extensive project management experience. Personal Attributes Creative Confident speaker and presenter Innovative Honour commitments Integrity Support your team Collegiate approach to team-working Positive can-do attitude Analytical with exceptional problem-solving skills Able plan and manage time effectively Able to think laterally Accurate in approach with strong attention to detail Self-motivated and committed to driving own development Ability to stay calm under pressure Passionate about data privacy topics Willingness to learn Willingness to support, coach and help to develop more junior Team members Benefits 25 days annual holiday An additional day's annual holiday for your birthday Company pension Childcare Vouchers Subsidized gym membership Perkbox employee benefits platform Frequent team events Relaxed working environment Private Healthcare Flexible working policy Commission based bonus scheme Company Overview We believe that our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data. Key to our success is our in-house UK Security Operations Centre staffed 24/7 by our highly trained penetration testers, security analysts and compliance experts. Bulletproof's most popular services include: Penetration testing Social Engineering Red Team Proactive Monitoring Training SMB/SME cyber security products Compliance Services Bulletproof is the dedicated cybersecurity arm of the ServerChoice Group, an organisation with over 10 years' experience in providing secure online services, so you can be sure you're joining a well-established, growing organisation. Please note that as part of the recruitment process a criminal records check will be carried out by an authorised third party.
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, CREST Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP networking (firewalls, routing, etc.). Coding/scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today! JBRP1_UKTJ
Feb 21, 2025
Full time
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, CREST Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP networking (firewalls, routing, etc.). Coding/scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today! JBRP1_UKTJ
Network Tester SC CLEARED ESSENTIAL We are seeking a highly skilled Network Testing Specialist to lead an extensive testing programme across the companies networks. You will have a strong technical background and proven experience in running comprehensive network testing programmes on complex networks. Key Responsibilities: Develop and execute test strategies, test plans, and test cases/specifications for various testing types including: Performance Testing Security/Penetration Testing Failure Mode Testing Operational Readiness Testing SLA Testing (availability, capacity, etc.) Collaborate with cross-functional teams to ensure thorough testing coverage and effective issue resolution. Analyze test results, identify issues, and provide detailed reports and recommendations. Ensure compliance with industry standards and best practices. Required Skills and Experience: Extensive experience in network testing, particularly on complex networks. Strong technical understanding and expertise in network testing methodologies and tools. Ability to draft detailed test strategies, plans, and specifications. Excellent problem-solving skills and attention to detail. Strong communication and collaboration skills. Security Clearance (SC) is essential
Feb 21, 2025
Contractor
Network Tester SC CLEARED ESSENTIAL We are seeking a highly skilled Network Testing Specialist to lead an extensive testing programme across the companies networks. You will have a strong technical background and proven experience in running comprehensive network testing programmes on complex networks. Key Responsibilities: Develop and execute test strategies, test plans, and test cases/specifications for various testing types including: Performance Testing Security/Penetration Testing Failure Mode Testing Operational Readiness Testing SLA Testing (availability, capacity, etc.) Collaborate with cross-functional teams to ensure thorough testing coverage and effective issue resolution. Analyze test results, identify issues, and provide detailed reports and recommendations. Ensure compliance with industry standards and best practices. Required Skills and Experience: Extensive experience in network testing, particularly on complex networks. Strong technical understanding and expertise in network testing methodologies and tools. Ability to draft detailed test strategies, plans, and specifications. Excellent problem-solving skills and attention to detail. Strong communication and collaboration skills. Security Clearance (SC) is essential
Overview As a Penetration Tester Team Lead, you will be responsible for the day-to-day management of a small team of Penetration Testers, including coaching, guiding, and mentoring. In addition to this, you will perform formal and comprehensive penetration testing assessments, including producing full written reports to appropriate standards and within agreed deadlines. Furthermore, you will support recruitment, quality assurance of reports, and client pre-engagement activities such as scoping and proposal drafting. Additional management time of one day a week will be assigned to help support management activities. Supervisory Responsibilities The Penetration Tester Team Lead will be responsible for the day-to-day management of a team of Penetration Testers, including coaching, guiding, and mentoring. Responsibilities Manage, coach, guide, and mentor a team of Penetration Testers; Complete performance reviews, including 1-2-1s, and support with appropriate follow-up actions; Work with the Penetration Testing Managers to support continuous improvement, efficiency, and effectiveness of the team; Support the Service Delivery team in assigning penetration testing projects; Assist the Marketing team with content development (including blogs, social media posts, and articles) to raise the profile of Bulletproof's Penetration Testing services; Support the Sales & Pre-sales teams with client pre-engagement interactions, including scoping call activities and proposal drafting; Assist in the recruitment pipeline, reviewing candidate submissions, CTF results, and conducting interviews; Manage the QA process to ensure high-quality client reports are delivered in accordance with applicable Service Level Agreements (SLA); Perform formal and comprehensive application, infrastructure, and other penetration testing assessments as required; Conduct vulnerability assessments and provide findings with remediation actions; Deliver well-written, concise, technical and non-technical reports in English; Manage and deliver penetration testing project activities within deadlines; Perform any other appropriate job duties in line with the associated skill and experience of the post holder. Skills and Experience Required Proven industry experience in penetration testing; Previous management or mentoring experience is advantageous but not essential as full support will be provided; Strong understanding of multiple penetration testing fields & frameworks, including OWASP, PTES, and other methodologies; Experience testing web and mobile applications (iOS/Android); Experience reviewing infrastructure and associated technologies (such as AD & network controls/devices); Experience reviewing cloud platforms; Experience preparing and launching social engineering campaigns; Knowledge of how modern solutions are designed, developed, and deployed across different platforms; Ability to program or script in your preferred language; Relevant security qualifications (such as OSCP, OSCE, CREST CRT, CREST CCT); Good knowledge and understanding of network and OS principles; Good knowledge of various operating systems; Good knowledge of virtualization. Personal Attributes Excellent spoken and written English communication skills with strong attention to detail and accuracy; A passion for security and networks; Analytical and problem-solving skills with a can-do attitude and the ability to think laterally and creatively; Self-motivated with a commitment to continued development; Ability to work independently and as part of a team; Influencing and negotiation skills with the ability to build relationships at all levels; Willingness to learn. Benefits 25 days annual holiday; An additional day's annual holiday for your birthday; Company Pension contribution; Subsidized gym membership; Perkbox employee benefits platform; Frequent team events; Private Healthcare (individual cover only); Learning Allowance Benefit - a reimbursable benefit of £100 per annum for personal career development; Flexible working policy. Company Overview Bulletproof is a trusted provider of innovative cyber security and people-powered solutions. Our cyber security services are the best way to stay ahead of hackers, take control of infrastructure, and protect business-critical data. We provide a full spectrum of cyber security services including CREST-certified penetration testing, 24/7 threat monitoring, compliance support, and security training to help organizations protect against today's evolving threat landscape. Please note that as part of the recruitment process, a criminal records check will be carried out by an authorized third party.
Feb 20, 2025
Full time
Overview As a Penetration Tester Team Lead, you will be responsible for the day-to-day management of a small team of Penetration Testers, including coaching, guiding, and mentoring. In addition to this, you will perform formal and comprehensive penetration testing assessments, including producing full written reports to appropriate standards and within agreed deadlines. Furthermore, you will support recruitment, quality assurance of reports, and client pre-engagement activities such as scoping and proposal drafting. Additional management time of one day a week will be assigned to help support management activities. Supervisory Responsibilities The Penetration Tester Team Lead will be responsible for the day-to-day management of a team of Penetration Testers, including coaching, guiding, and mentoring. Responsibilities Manage, coach, guide, and mentor a team of Penetration Testers; Complete performance reviews, including 1-2-1s, and support with appropriate follow-up actions; Work with the Penetration Testing Managers to support continuous improvement, efficiency, and effectiveness of the team; Support the Service Delivery team in assigning penetration testing projects; Assist the Marketing team with content development (including blogs, social media posts, and articles) to raise the profile of Bulletproof's Penetration Testing services; Support the Sales & Pre-sales teams with client pre-engagement interactions, including scoping call activities and proposal drafting; Assist in the recruitment pipeline, reviewing candidate submissions, CTF results, and conducting interviews; Manage the QA process to ensure high-quality client reports are delivered in accordance with applicable Service Level Agreements (SLA); Perform formal and comprehensive application, infrastructure, and other penetration testing assessments as required; Conduct vulnerability assessments and provide findings with remediation actions; Deliver well-written, concise, technical and non-technical reports in English; Manage and deliver penetration testing project activities within deadlines; Perform any other appropriate job duties in line with the associated skill and experience of the post holder. Skills and Experience Required Proven industry experience in penetration testing; Previous management or mentoring experience is advantageous but not essential as full support will be provided; Strong understanding of multiple penetration testing fields & frameworks, including OWASP, PTES, and other methodologies; Experience testing web and mobile applications (iOS/Android); Experience reviewing infrastructure and associated technologies (such as AD & network controls/devices); Experience reviewing cloud platforms; Experience preparing and launching social engineering campaigns; Knowledge of how modern solutions are designed, developed, and deployed across different platforms; Ability to program or script in your preferred language; Relevant security qualifications (such as OSCP, OSCE, CREST CRT, CREST CCT); Good knowledge and understanding of network and OS principles; Good knowledge of various operating systems; Good knowledge of virtualization. Personal Attributes Excellent spoken and written English communication skills with strong attention to detail and accuracy; A passion for security and networks; Analytical and problem-solving skills with a can-do attitude and the ability to think laterally and creatively; Self-motivated with a commitment to continued development; Ability to work independently and as part of a team; Influencing and negotiation skills with the ability to build relationships at all levels; Willingness to learn. Benefits 25 days annual holiday; An additional day's annual holiday for your birthday; Company Pension contribution; Subsidized gym membership; Perkbox employee benefits platform; Frequent team events; Private Healthcare (individual cover only); Learning Allowance Benefit - a reimbursable benefit of £100 per annum for personal career development; Flexible working policy. Company Overview Bulletproof is a trusted provider of innovative cyber security and people-powered solutions. Our cyber security services are the best way to stay ahead of hackers, take control of infrastructure, and protect business-critical data. We provide a full spectrum of cyber security services including CREST-certified penetration testing, 24/7 threat monitoring, compliance support, and security training to help organizations protect against today's evolving threat landscape. Please note that as part of the recruitment process, a criminal records check will be carried out by an authorized third party.
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer asalary of £35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further. JBRP1_UKTJ
Feb 20, 2025
Full time
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer asalary of £35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further. JBRP1_UKTJ
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, Crest Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP Networking (Firewalls, routing, etc.). Coding/Scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T). Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today!
Feb 20, 2025
Full time
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, Crest Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP Networking (Firewalls, routing, etc.). Coding/Scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T). Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today!
Role: Penetration Tester Location: London Salary: 55,000 Are you passionate about cybersecurity and eager to put your skills to the test? We're looking for a Penetration Tester to join our growing team and help identify vulnerabilities before malicious actors can exploit them working for a leading managed security service provider. About the Role: As a Penetration Tester, you'll simulate real-world cyber-attacks to assess the security of our clients' systems, networks, and applications. Your goal will be to uncover weaknesses and provide actionable recommendations for enhancing security. What You'll Do: Conduct penetration testing on a variety of systems (web applications, networks, and mobile apps). Identify and exploit vulnerabilities to assess the security posture of our clients. Collaborate with security teams to patch vulnerabilities and strengthen defenses. Prepare detailed reports outlining findings and provide remediation steps. Stay up-to-date with the latest cybersecurity threats and industry best practices. Who You Are: Proficient in penetration testing methodologies and tools (e.g., Kali Linux, Burp Suite, Metasploit). Strong understanding of common vulnerabilities (OWASP Top 10, CVE databases). Hands-on experience with web application and network security testing. Strong problem-solving skills and the ability to think like an attacker. Excellent communication skills to present findings clearly to technical and non-technical teams. Certifications like OSCP, CEH, or similar are a plus. Why Join Us: Competitive salary and benefits. Opportunity to work with cutting-edge cybersecurity technologies. Collaborative, inclusive work environment with career growth opportunities. Impactful work protecting organizations from cyber threats. If you're ready to help safeguard the digital world, we want to hear from you. Apply today and be part of our mission to create safer online environments for all! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Feb 15, 2025
Full time
Role: Penetration Tester Location: London Salary: 55,000 Are you passionate about cybersecurity and eager to put your skills to the test? We're looking for a Penetration Tester to join our growing team and help identify vulnerabilities before malicious actors can exploit them working for a leading managed security service provider. About the Role: As a Penetration Tester, you'll simulate real-world cyber-attacks to assess the security of our clients' systems, networks, and applications. Your goal will be to uncover weaknesses and provide actionable recommendations for enhancing security. What You'll Do: Conduct penetration testing on a variety of systems (web applications, networks, and mobile apps). Identify and exploit vulnerabilities to assess the security posture of our clients. Collaborate with security teams to patch vulnerabilities and strengthen defenses. Prepare detailed reports outlining findings and provide remediation steps. Stay up-to-date with the latest cybersecurity threats and industry best practices. Who You Are: Proficient in penetration testing methodologies and tools (e.g., Kali Linux, Burp Suite, Metasploit). Strong understanding of common vulnerabilities (OWASP Top 10, CVE databases). Hands-on experience with web application and network security testing. Strong problem-solving skills and the ability to think like an attacker. Excellent communication skills to present findings clearly to technical and non-technical teams. Certifications like OSCP, CEH, or similar are a plus. Why Join Us: Competitive salary and benefits. Opportunity to work with cutting-edge cybersecurity technologies. Collaborative, inclusive work environment with career growth opportunities. Impactful work protecting organizations from cyber threats. If you're ready to help safeguard the digital world, we want to hear from you. Apply today and be part of our mission to create safer online environments for all! In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy.
Tob Title: Penetration Tester - CRT or CSTM cert required Salary: £40,000 - £55,000 (Depending on Experience) Location: Primarily remote, with occasional onsite requirements Eligibility for SC Clearance: Non-negotiable Sponsorship: Not available About the Role: We are seeking a talented and certified Penetration Tester to join our client in the Computer and Network Security industry. As a key member, you will be responsible for identifying vulnerabilities in systems, networks, and applications through penetration testing. This role is mainly remote, with occasional onsite requirements for certain projects and collaborations. Essential Qualifications & Experience: CRT or CSTM certification is required. Hands-on experience with CHECK tools is a bonus but not mandatory. Strong understanding of penetration testing methodologies, vulnerability scanning, and security risk analysis. Familiarity with various operating systems, networking protocols, and cybersecurity tools. Excellent problem-solving and communication skills. Ability to work independently in a remote environment and manage tasks efficiently. Key Responsibilities: Conduct penetration tests on systems, networks, and applications to identify potential security vulnerabilities. Work with development and IT teams to implement fixes for identified security flaws. Perform vulnerability assessments and risk analysis to evaluate the security posture of the organisation. Provide comprehensive reports detailing test findings and actionable recommendations for improving security. Stay up to date with the latest security threats and penetration testing techniques. Collaborate with internal teams to ensure security best practices are followed. Eligibility Requirements: Must be eligible for SC clearance (Security Check). No sponsorship available for this position. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.
Feb 14, 2025
Full time
Tob Title: Penetration Tester - CRT or CSTM cert required Salary: £40,000 - £55,000 (Depending on Experience) Location: Primarily remote, with occasional onsite requirements Eligibility for SC Clearance: Non-negotiable Sponsorship: Not available About the Role: We are seeking a talented and certified Penetration Tester to join our client in the Computer and Network Security industry. As a key member, you will be responsible for identifying vulnerabilities in systems, networks, and applications through penetration testing. This role is mainly remote, with occasional onsite requirements for certain projects and collaborations. Essential Qualifications & Experience: CRT or CSTM certification is required. Hands-on experience with CHECK tools is a bonus but not mandatory. Strong understanding of penetration testing methodologies, vulnerability scanning, and security risk analysis. Familiarity with various operating systems, networking protocols, and cybersecurity tools. Excellent problem-solving and communication skills. Ability to work independently in a remote environment and manage tasks efficiently. Key Responsibilities: Conduct penetration tests on systems, networks, and applications to identify potential security vulnerabilities. Work with development and IT teams to implement fixes for identified security flaws. Perform vulnerability assessments and risk analysis to evaluate the security posture of the organisation. Provide comprehensive reports detailing test findings and actionable recommendations for improving security. Stay up to date with the latest security threats and penetration testing techniques. Collaborate with internal teams to ensure security best practices are followed. Eligibility Requirements: Must be eligible for SC clearance (Security Check). No sponsorship available for this position. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer a salary of 35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further.
Feb 06, 2025
Full time
A Scottish-based Cyber Security Consultancy are looking for a Lead Cyber Assessor (or Penetration Tester) to join their remote team as they enter a really exciting period of growth - Fully Remote working from within the UK available. They've been operating for a couple of years now and are already starting to establish themselves in their industry, they currently trade with over 160 clients worldwide in cyber consultancy and Cyber Essentials Plus assessments. They have pretty big growth plans for the next few years, so it's a really exciting time to join. You'll work alongside the Managing Director and will be given a lot of responsibility in your role, as you'll be tasked to work directly with their extensive client list to fully understand their needs from discovery to delivery. With the growth plans the organisation have, and their current set-up it's genuinely a great opportunity to really develop your skills and experience within the security world, and you'll be in an ideal position for pretty rapid career progression over the next few years. A big focus of this role involves engaging directly with organisations to carry out Cyber Essentials Plus assessments, Security Audits and Penetration Testing to assess their security foundation and identify areas of vulnerability. You'll then be tasked to provide effective recommendations based on your knowledge and experience which would improve their security posture. You'll ideally have prior experience with most of the following; Performing Cyber Essentials Plus (CE+) Assessments Penetration Testing (Burp Suite, Metasploit, Nmap, Nessus etc) Producing Reports on Security Vulnerabilities and Providing Recommendations Advising Clients on Ways to Achieve/Maintain Cyber Essentials and Cyber Essentials Plus Certifications What would really make someone stand out for this position is Cyber Essentials certifications (CSTM/CSTL, CEH, OSCP etc ) as it's such a big part of the role, they're also more than happy to help employee's progress their expertise in this area with further accreditation. This role would really suit an ambitious individual that's looking for a challenging role where they can ultimately take ownership of full projects pretty early on and drive these independently. They're able to offer fully remote working for this role, providing you're based within the UK (and planning to stay within the UK). They'll provide you with all the necessary equipment needed to help you thrive and perform at your very best, and they're keen to maintain a healthy work/life balance. In return they're able to offer a salary of 35-40k + benefits for this role, with the opportunity for career progression and security accreditations. They have pretty ambitions plans for the next few years, as this role is a key part of their strategy for growth - so they'll be lots of opportunities to grow here as well. If you're keen to find out more please apply, and feel free to reach out to Lewis Paterson at Cathcart Technology on LinkedIn or email to discuss further.
Role Summary: Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear communication, timely delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering attacks and advanced penetration tactics. Post-initial access, perform internal testing to escalate privileges and gain high-level access. Document methodologies and outcomes, providing actionable insights for enhancing security. Technical Proficiencies: Python/Scripting: Demonstrate a high level of proficiency in Python, essential for writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments. Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding file permissions, managing services, and using Linux/Windows-based security tools. Knowledge of Linux/Windows is vital for testing and exploiting Unix/Windows-based applications and servers. Burp Suite Expertise: Exhibit expertise in using Burp Suite, a leading tool for web application security testing. This includes leveraging its various features for intercepting traffic, conducting automated scans, manipulating requests and responses, and identifying vulnerabilities in web applications. Nmap and Enumeration Tools: Skilled in using Nmap for network scanning and enumeration. This involves not just running scans but interpreting results to identify open ports, services, and potential vulnerabilities. Familiarity with other enumeration tools that help in discovering and mapping network and system details is also important. Active Directory Analysis/Impacket: Proficient in analyzing Active Directory environments using tools like Impacket. This includes understanding AD architecture, identifying misconfigurations, and exploiting them. Skills in leveraging Impacket for tasks like network relays, password spraying, and gaining elevated privileges are crucial for penetrating Windows environments. We're Seeking: Qualifications: A degree in Computer Science, Engineering, Mathematics, or Physics. Experience Level: Open to graduates/juniors and above. The more experience in red teaming, the better. Skills: Exceptional problem-solving abilities, with a flair for thinking on your feet and tackling constantly evolving threats creatively. Attributes: Motivated, passionate, determined, and an avid learner. We value self-starters with proven experience who are driven to learn. Communication: Strong interpersonal and communication skills are essential for effective team collaboration, which is a key aspect of our work culture GCS is acting as an Employment Agency in relation to this vacancy.
Jan 29, 2025
Full time
Role Summary: Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear communication, timely delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering attacks and advanced penetration tactics. Post-initial access, perform internal testing to escalate privileges and gain high-level access. Document methodologies and outcomes, providing actionable insights for enhancing security. Technical Proficiencies: Python/Scripting: Demonstrate a high level of proficiency in Python, essential for writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments. Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding file permissions, managing services, and using Linux/Windows-based security tools. Knowledge of Linux/Windows is vital for testing and exploiting Unix/Windows-based applications and servers. Burp Suite Expertise: Exhibit expertise in using Burp Suite, a leading tool for web application security testing. This includes leveraging its various features for intercepting traffic, conducting automated scans, manipulating requests and responses, and identifying vulnerabilities in web applications. Nmap and Enumeration Tools: Skilled in using Nmap for network scanning and enumeration. This involves not just running scans but interpreting results to identify open ports, services, and potential vulnerabilities. Familiarity with other enumeration tools that help in discovering and mapping network and system details is also important. Active Directory Analysis/Impacket: Proficient in analyzing Active Directory environments using tools like Impacket. This includes understanding AD architecture, identifying misconfigurations, and exploiting them. Skills in leveraging Impacket for tasks like network relays, password spraying, and gaining elevated privileges are crucial for penetrating Windows environments. We're Seeking: Qualifications: A degree in Computer Science, Engineering, Mathematics, or Physics. Experience Level: Open to graduates/juniors and above. The more experience in red teaming, the better. Skills: Exceptional problem-solving abilities, with a flair for thinking on your feet and tackling constantly evolving threats creatively. Attributes: Motivated, passionate, determined, and an avid learner. We value self-starters with proven experience who are driven to learn. Communication: Strong interpersonal and communication skills are essential for effective team collaboration, which is a key aspect of our work culture GCS is acting as an Employment Agency in relation to this vacancy.
Senior Security Test Consultant - Penetration Tester - OSCP Salary: Up to £72,000 + Private Health + Excellent Pension + Benefits + Flexi/Home Working + Full Travel Expenses Note: Sorry no sponsorship is available for this role. We are proud to collaborate with a leading Security Tech Company based in London, seeking experienced Senior Security Consultants to join their dedicated Cyber Testing Team click apply for full job details
Feb 01, 2024
Full time
Senior Security Test Consultant - Penetration Tester - OSCP Salary: Up to £72,000 + Private Health + Excellent Pension + Benefits + Flexi/Home Working + Full Travel Expenses Note: Sorry no sponsorship is available for this role. We are proud to collaborate with a leading Security Tech Company based in London, seeking experienced Senior Security Consultants to join their dedicated Cyber Testing Team click apply for full job details
Pentest CHECK Team Lead required by our client, a well-established cyber-security firm looking to expand. This is for a permanent role, but some ad-hoc working may also be on offer if that would be more suited to your current lifestyle. This role can be worked from multiple locations, with client sites across the UK. Salary banding is Our client are specifically looking for CHECK Team Leads in either Web Application or Infrastructure. The salary level for the CHECK Team Lead is approximately £60k to £70k. To find out more about the company and the role, please get in touch with Dave a IT Recruitment Solutions today. CTL, CHECK Team Lead, Pentest, Pentesting, Pentester, Penetration Testing
Jan 26, 2024
Full time
Pentest CHECK Team Lead required by our client, a well-established cyber-security firm looking to expand. This is for a permanent role, but some ad-hoc working may also be on offer if that would be more suited to your current lifestyle. This role can be worked from multiple locations, with client sites across the UK. Salary banding is Our client are specifically looking for CHECK Team Leads in either Web Application or Infrastructure. The salary level for the CHECK Team Lead is approximately £60k to £70k. To find out more about the company and the role, please get in touch with Dave a IT Recruitment Solutions today. CTL, CHECK Team Lead, Pentest, Pentesting, Pentester, Penetration Testing
We are currently working with a well-established consultancy with big plans for 2024 as they're looking to hire multiple experienced CRT Certified Penetration Testers to support upcoming projects. The company is Crest accredited and you will get the opportunity to work on a wide scope of engagements and with businesses in a variety of industries. Salary: £45,000 - £60,000 per annum Location: Remote + National Client Site Travel Penetration Tester - Responsibilities: Lead/support a variety of penetration testing engagements with a focus on excellent client delivery Manage projects, workload and training effectively Producing informative, and detail reports Involved in scoping calls for testing engagements Stay updated on cybersecurity threats and industry best practices. Penetration Tester - Requirements: Must possess CRT certification 2+ years experience in a Pen Testing role is necessary Other relevant industry certifications such as OSCP, OSEP, CSTM, CTM Must possess active, or be eligible for, SC Clearance Excellent report writing abilities and a high standard of written English Enthusiasm, dedication and keen interest in professional development This is a great opportunity for an experienced Pen Tester to join an already established offensive security practice - with the chance to work on new, fresh and exciting engagements. If you want to further enhance your skill set, develop professionally and upskill in any particular area of Pen Testing - be sure to apply and reach out. Lawrence Harvey is acting as an Employment Business in regards to this position.
Jan 26, 2024
Full time
We are currently working with a well-established consultancy with big plans for 2024 as they're looking to hire multiple experienced CRT Certified Penetration Testers to support upcoming projects. The company is Crest accredited and you will get the opportunity to work on a wide scope of engagements and with businesses in a variety of industries. Salary: £45,000 - £60,000 per annum Location: Remote + National Client Site Travel Penetration Tester - Responsibilities: Lead/support a variety of penetration testing engagements with a focus on excellent client delivery Manage projects, workload and training effectively Producing informative, and detail reports Involved in scoping calls for testing engagements Stay updated on cybersecurity threats and industry best practices. Penetration Tester - Requirements: Must possess CRT certification 2+ years experience in a Pen Testing role is necessary Other relevant industry certifications such as OSCP, OSEP, CSTM, CTM Must possess active, or be eligible for, SC Clearance Excellent report writing abilities and a high standard of written English Enthusiasm, dedication and keen interest in professional development This is a great opportunity for an experienced Pen Tester to join an already established offensive security practice - with the chance to work on new, fresh and exciting engagements. If you want to further enhance your skill set, develop professionally and upskill in any particular area of Pen Testing - be sure to apply and reach out. Lawrence Harvey is acting as an Employment Business in regards to this position.
Security Architect - TOGAF - CISM - CISSP Security Architect - Remote Essential Job Duties and Responsibilities: Ensure customer security requirements and responses are developed with engineering and business development teams for customer bids Lead security response to customer variation requests and ensure customer understanding of the impact of their request against new and existing security risks. Lead the delivery of design and build/operations and maintenance budget requirements for customer bids and variation requests. Ensures financial requirements for cyber resilience controls and security labour estimates are presented in cost models presented to senior leadership. Lead assurance to ensure security requirements are developed by DevOps, system engineers and other project team staff and are implemented according to cyber resilience engineering policies and customer needs and ensure that these requirements are supportable and clearly documented. Leads all security risk assessment/business impact analysis/audit for new and existing business applications or IT infrastructure and leads advice and guidance on the application and operation of physical, procedural and technical security controls within all engineering and IT solutions. Lead information security assurance within design gateways and service transition/change boards. Champion best practices for application and infrastructure/architecture design principles for the use of existing and new information security technologies across customer systems. Assure appropriate security support processes are delivered by projects to support service transition. Some manual handling may occasionally be required May be required to work on other sites and datacentres Comply with values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures. In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them. Minimum Job Requirements: Qualifications Essential: Degree or equivalent qualifications/experience Certification as an Information Security professional (eg IISP/CISA/CISM/CISSP/CCSP/ISA) Current driving licence Desirable: A university degree in a numerate subject (eg computer science, maths, engineering, natural science) Information privacy/data protection - CIPPE/+ CIPM HMG IA qualifications/CLAS; Crest-registered penetration tester and/or security architect ITIL v3/Prince2 foundation level/TOGAF Security and IT infrastructure/networking vendors' certifications Skills/Experience/Knowledge Essential: Solid exposure of taking a leading role in the establishment and implementation of security architecture, policies and procedures. Experience of secure development life cycles (SDLC) Good understanding of enterprise-scale security management process and infrastructure Exposure to current IT Security standards and regulations such as PCI-DSS, ISO 27001, SOX, DPA Exposure to enterprise IT infrastructure and tools (eg MS Windows Server, Cisco, Oracle Solaris, Linux) Superior network infrastructure and protocol knowledge Desirable: Experience of transactional revenue, Embedded, Smartcards and mobile payment systems Knowledge/experience of security architecture of major public cloud services eg Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers eg Okta Knowledge of cryptographic services Knowledge of wider security, audit, risk and compliance standards eg PCI-P2PE, PCI-POI-PTS, ISO 27701, ISO27005, ISO31000, NIST, GDPR and governance/risk/compliance tools Requirements analysis and tracing tools such as DOORS and SD Elements; OneTrust privacy tool Understanding of security within DevOps and waterfall project methods, product development Experience of application security testing tools and devops frameworks, eg SonarQube, JIRA, static & dynamic code analysis/fuzzing Development tools/environments; Java, Visual Studio, C# In depth understanding of information security control tools, eg Splunk, Crowdstrike, Trend Micro DeepSecurity, Imperva WAF, Tenable.IO/Nessus, TripWire, Cisco IPS, F5, Centrify Experience of quality management systems and external audit standards eg ISO 9001, ISAE3402
Dec 17, 2022
Full time
Security Architect - TOGAF - CISM - CISSP Security Architect - Remote Essential Job Duties and Responsibilities: Ensure customer security requirements and responses are developed with engineering and business development teams for customer bids Lead security response to customer variation requests and ensure customer understanding of the impact of their request against new and existing security risks. Lead the delivery of design and build/operations and maintenance budget requirements for customer bids and variation requests. Ensures financial requirements for cyber resilience controls and security labour estimates are presented in cost models presented to senior leadership. Lead assurance to ensure security requirements are developed by DevOps, system engineers and other project team staff and are implemented according to cyber resilience engineering policies and customer needs and ensure that these requirements are supportable and clearly documented. Leads all security risk assessment/business impact analysis/audit for new and existing business applications or IT infrastructure and leads advice and guidance on the application and operation of physical, procedural and technical security controls within all engineering and IT solutions. Lead information security assurance within design gateways and service transition/change boards. Champion best practices for application and infrastructure/architecture design principles for the use of existing and new information security technologies across customer systems. Assure appropriate security support processes are delivered by projects to support service transition. Some manual handling may occasionally be required May be required to work on other sites and datacentres Comply with values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures. In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them. Minimum Job Requirements: Qualifications Essential: Degree or equivalent qualifications/experience Certification as an Information Security professional (eg IISP/CISA/CISM/CISSP/CCSP/ISA) Current driving licence Desirable: A university degree in a numerate subject (eg computer science, maths, engineering, natural science) Information privacy/data protection - CIPPE/+ CIPM HMG IA qualifications/CLAS; Crest-registered penetration tester and/or security architect ITIL v3/Prince2 foundation level/TOGAF Security and IT infrastructure/networking vendors' certifications Skills/Experience/Knowledge Essential: Solid exposure of taking a leading role in the establishment and implementation of security architecture, policies and procedures. Experience of secure development life cycles (SDLC) Good understanding of enterprise-scale security management process and infrastructure Exposure to current IT Security standards and regulations such as PCI-DSS, ISO 27001, SOX, DPA Exposure to enterprise IT infrastructure and tools (eg MS Windows Server, Cisco, Oracle Solaris, Linux) Superior network infrastructure and protocol knowledge Desirable: Experience of transactional revenue, Embedded, Smartcards and mobile payment systems Knowledge/experience of security architecture of major public cloud services eg Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers eg Okta Knowledge of cryptographic services Knowledge of wider security, audit, risk and compliance standards eg PCI-P2PE, PCI-POI-PTS, ISO 27701, ISO27005, ISO31000, NIST, GDPR and governance/risk/compliance tools Requirements analysis and tracing tools such as DOORS and SD Elements; OneTrust privacy tool Understanding of security within DevOps and waterfall project methods, product development Experience of application security testing tools and devops frameworks, eg SonarQube, JIRA, static & dynamic code analysis/fuzzing Development tools/environments; Java, Visual Studio, C# In depth understanding of information security control tools, eg Splunk, Crowdstrike, Trend Micro DeepSecurity, Imperva WAF, Tenable.IO/Nessus, TripWire, Cisco IPS, F5, Centrify Experience of quality management systems and external audit standards eg ISO 9001, ISAE3402
Senior Consultant, Security Testing (United Kingdom) We're hiring! This is an exciting opportunity for candidates with substantial experience in Penetration Testing, looking to take the next step up to further develop their skills an become a subject matter expert in the field. You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development. Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open-source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere. In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We are also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. About the role As a Senior Consultant, you can expect to get involved in: Application penetration testing and application source code review. Secure Development Lifecycle consultancy and advisory. Vulnerability and penetration assessments on Internet exposed and internal systems. Applying and developing appropriate exploits to gain access and expand access to remote systems. Documenting technical issues identified during security assessments. Interface with clients when working on engagements on-site. Mentoring more junior colleagues and supporting managers whenever necessary. Perform peer review and quality checks on work product from other colleagues. Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications. About you The following qualifications are expected from potential applicants: At least 3 years of experience in performing application and/or infrastructure penetration testing independently. Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java. Familiarity with threat modelling and security design review methodologies. A good understanding of Unix, Windows and network security. Degree from an accredited University or equivalent. CREST Certified Tester (CCT) or equivalent. Excellent written and communication skills in English. Ability to work both independently and in a team environment. Passion for technology and a drive for self-learning, paired with good customer facing skills. Currently resident within the European Union, or not requiring work permit sponsorship. The following items are not required but would be considered a differentiator: Additional security and penetration testing certifications. Degree in Computer Science, Information Systems, Engineering or related major. Experience working as part of an enterprise development team. Experience developing custom scripts or tools used for vulnerability scanning and identification. Fluency in an additional Western European language, other than English. Salary and Benefits This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you can choose additional benefits, including healthcare, childcare vouchers, and additional holiday. About Cyber Solutions Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents. About Aon Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement, and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance
Sep 21, 2022
Full time
Senior Consultant, Security Testing (United Kingdom) We're hiring! This is an exciting opportunity for candidates with substantial experience in Penetration Testing, looking to take the next step up to further develop their skills an become a subject matter expert in the field. You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development. Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open-source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere. In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We are also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. About the role As a Senior Consultant, you can expect to get involved in: Application penetration testing and application source code review. Secure Development Lifecycle consultancy and advisory. Vulnerability and penetration assessments on Internet exposed and internal systems. Applying and developing appropriate exploits to gain access and expand access to remote systems. Documenting technical issues identified during security assessments. Interface with clients when working on engagements on-site. Mentoring more junior colleagues and supporting managers whenever necessary. Perform peer review and quality checks on work product from other colleagues. Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications. About you The following qualifications are expected from potential applicants: At least 3 years of experience in performing application and/or infrastructure penetration testing independently. Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java. Familiarity with threat modelling and security design review methodologies. A good understanding of Unix, Windows and network security. Degree from an accredited University or equivalent. CREST Certified Tester (CCT) or equivalent. Excellent written and communication skills in English. Ability to work both independently and in a team environment. Passion for technology and a drive for self-learning, paired with good customer facing skills. Currently resident within the European Union, or not requiring work permit sponsorship. The following items are not required but would be considered a differentiator: Additional security and penetration testing certifications. Degree in Computer Science, Information Systems, Engineering or related major. Experience working as part of an enterprise development team. Experience developing custom scripts or tools used for vulnerability scanning and identification. Fluency in an additional Western European language, other than English. Salary and Benefits This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you can choose additional benefits, including healthcare, childcare vouchers, and additional holiday. About Cyber Solutions Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents. About Aon Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement, and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance
Excellent opportunity for a Penetration Tester to join a highly-regarded global cyber security consultancy who have been thought leaders in the information security sector since 2009. Role Info: Penetration Tester / Cyber Security Consultant UK Home based with travel to client sites as required up to £95,000 + Benefits Product / Service: Head quartered in London, UK, we provide a range of cyber securit...... click apply for full job details
Aug 30, 2022
Full time
Excellent opportunity for a Penetration Tester to join a highly-regarded global cyber security consultancy who have been thought leaders in the information security sector since 2009. Role Info: Penetration Tester / Cyber Security Consultant UK Home based with travel to client sites as required up to £95,000 + Benefits Product / Service: Head quartered in London, UK, we provide a range of cyber securit...... click apply for full job details
Excellent opportunity for a Penetration Tester to join a highly-regarded global cyber security consultancy who have been thought leaders in the information security sector since 2009. Role Info: Penetration Tester / Cyber Security Consultant UK Home based with travel to client sites as required up to £95,000 + Benefits Product / Service: Head quartered in London, UK, we provide a range of cyber securit...... click apply for full job details
Aug 30, 2022
Full time
Excellent opportunity for a Penetration Tester to join a highly-regarded global cyber security consultancy who have been thought leaders in the information security sector since 2009. Role Info: Penetration Tester / Cyber Security Consultant UK Home based with travel to client sites as required up to £95,000 + Benefits Product / Service: Head quartered in London, UK, we provide a range of cyber securit...... click apply for full job details
