Penetration Tester

Posted 3 hours 16 minutes ago by Anglia IT Recruitment

Permanent
Part Time
Other
Not Specified, United Kingdom
Job Description
Job Details
  • Role: Penetration Tester
  • Location: Remote
  • Duration: 12 months rolling - renewing until 2028
  • Rate: €75 per hour (Outside IR35)
  • Clearance: SC or Nato Secret.
  • Languages: English - Essential
Role
  • Providing Web, infrastructure and application-level penetration testing, including but not limited to COTS software and following clearly defined methodologies.
  • Participating in kick off meetings with stakeholders and technical points of contact in order to identify requirements for testing.
  • Following the documented procedures and workflows outlined by the technical leads.
  • Attending team meetings if required.
  • Briefing, at both executive and technical levels, on security reports and testing outcome, including at flag officer level.
  • In case of new vulnerabilities detected for COTS software, following the Responsible Disclosure Process and following up with vendors and stakeholders.
  • Providing security design reviews to ensure compliance with NATO policies and directives.
  • In coordination with the Technical Lead of the Penetration testing team, ensuring proactive collaboration and coordination with internal and external stakeholders.
  • Staying abreast of technological developments relevant to the area of work.
  • Performing any other duties as may be required.
Skills

Extensive knowledge and experience (at least 3 years) in the following areas:

  • Web application penetration testing
  • IT infrastructure penetration testing
  • Network security architecture design
  • Assessing security vulnerabilities within OS, software, protocols & networks
  • Researching and evaluating security products & technologies
  • Knowledge in system and network administration of UNIX and Windows systems
  • Use of penetration testing tools, techniques, and recognized testing methodologies
  • Scripting skills in at least one of the following: Python, Go, PowerShell, shell (bash, ksh, csh)
  • Technical knowledge in system and network security, authentication and security protocols, cryptography, application security, as well as malware infection techniques and protection technologies.

Candidates must hold or be willing to undergo SC or Nato Secret Clearance.