Our security consultants are responsible for leading and delivering their own penetration testing security engagements with our clients. This includes the full lifecycle of an engagement from kick off call, testing, report creation, report delivery to debrief.
In your role you will
- Deliver penetration testing and other related security activities. These security activities will include performing engagement kick off calls, wash up calls, email responses and debrief for each assigned client engagement.
- Write full and thorough reports for each engagement that show rapid and constant improvement, incorporating feedback from quality reviews.
- Assist in Security Testing related presales activities, providing technical assessment of scope, principal security concerns and testing methodology to Account Manager.
- Develop client relationships and ensure we deliver professional consultative style engagements at all times.
- When requested, provide technical analysis of current IT Security related events, especially for the purpose of media coverage.
- Be a continuous learner, keeping up to date on a wide variety of IT Security related skills and industry knowledge.
- Mentor less experienced security consultants where appropriate and/or requested.
There is no fixed set of skills required to be a successful candidate. However, the more of the following attributes you can demonstrate to us, the more likely you will be to end up with a job offer.
- Penetration testing experience. You should be comfortable with App, Inf and Mobile testing.
- Cloud penetration testing skills are a big plus.
- You love getting involved in deep technical challenges, while at the same time being able to abstract and explain the most complex issues to a C level exec.
- In depth knowledge and understanding of applications and networking.
- An ability to teach and mentor other members of the team is a distinct advantage
- Exploit creation, scripting and reverse engineering are a distinct advantage.
- You code open source tools, contribute to security blogs, and participate in CTFs.
- A thirst for knowledge and a constant desire to push yourself to the max.
There are no formal requirements for any qualifications or certifications. We’re not looking for badge collectors; we look far deeper than that. However, one or more of the following may serve as an distinct advantage.
- A BS degree (or equivalent) in a technical discipline.
- CCSK / CCSP / CISSP
- AWS Security Specialty / Azure AZ-500
- CREST Registered Tester or CREST Certified Tester.
- Tiger Scheme and other equivalents equally considered.
- Offensive Security (e.g. OSCP), GIAC and other industry recognized certifications will also be well received.