UK Cyber Senior Consultant

  • Aon
  • Sep 21, 2022
Full time Executive

Job Description

Senior Consultant, Security Testing (United Kingdom)
We're hiring!
This is an exciting opportunity for candidates with substantial experience in Penetration Testing, looking to take the next step up to further develop their skills an become a subject matter expert in the field.
You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development.
Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open-source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere.
In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We are also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme.
About the role
As a Senior Consultant, you can expect to get involved in:
  • Application penetration testing and application source code review.
  • Secure Development Lifecycle consultancy and advisory.
  • Vulnerability and penetration assessments on Internet exposed and internal systems.
  • Applying and developing appropriate exploits to gain access and expand access to remote systems.
  • Documenting technical issues identified during security assessments.
  • Interface with clients when working on engagements on-site.
  • Mentoring more junior colleagues and supporting managers whenever necessary.
  • Perform peer review and quality checks on work product from other colleagues.
  • Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications.

About you
The following qualifications are expected from potential applicants:
  • At least 3 years of experience in performing application and/or infrastructure penetration testing independently.
  • Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java.
  • Familiarity with threat modelling and security design review methodologies.
  • A good understanding of Unix, Windows and network security.
  • Degree from an accredited University or equivalent.
  • CREST Certified Tester (CCT) or equivalent.
  • Excellent written and communication skills in English.
  • Ability to work both independently and in a team environment.
  • Passion for technology and a drive for self-learning, paired with good customer facing skills.
  • Currently resident within the European Union, or not requiring work permit sponsorship.
The following items are not required but would be considered a differentiator:
  • Additional security and penetration testing certifications.
  • Degree in Computer Science, Information Systems, Engineering or related major.
  • Experience working as part of an enterprise development team.
  • Experience developing custom scripts or tools used for vulnerability scanning and identification.
  • Fluency in an additional Western European language, other than English.
Salary and Benefits
This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you can choose additional benefits, including healthcare, childcare vouchers, and additional holiday.
About Cyber Solutions
Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.
About Aon
Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement, and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance