30 Jun 2024 1511168 Senior Penetration Tester - MSSP £60,000 - £80,000 City of London

Job Description

We are seeking an experienced Penetration Tester to join our dynamic cybersecurity team. The ideal candidate will have a deep understanding of cybersecurity principles, advanced penetration testing techniques, and a proven track record of identifying and mitigating security vulnerabilities. This role involves conducting comprehensive security assessments, simulating cyber-attacks, and providing actionable recommendations to enhance our clients' security posture. If you are interested in this opportunity, we encourage you to apply today! Key Responsibilities: Conduct thorough penetration tests on various systems, networks, applications, and environments to identify security weaknesses. Simulate cyber-attacks to evaluate the effectiveness of security controls and identify potential entry points for malicious actors. Perform vulnerability assessments and security audits, including web application, network, mobile, and cloud security testing. Develop and execute comprehensive test plans and methodologies based on industry standards and best practices. Analyze and interpret test results, document findings in detailed reports, and provide actionable recommendations for remediation. Collaborate with clients to understand their security needs and provide tailored solutions. Stay up-to-date with the latest security trends, tools, techniques, and threats to ensure continuous improvement of testing methodologies. Assist in developing and delivering security training and awareness programs. Participate in incident response activities, providing expertise in forensic analysis and threat hunting as needed. Contribute to the development and refinement of internal penetration testing tools and processes. Qualifications: Advanced degrees and relevant certifications (e.g., OSCP, OSCE, CEH, CISSP) are highly desirable. Minimum of 5 years of hands-on experience in penetration testing and vulnerability assessment. Strong knowledge of common security frameworks and standards (e.g., OWASP, NIST, ISO 27001). Proficiency with penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap, Nessus, Kali Linux). In-depth understanding of network protocols, operating systems, and application security. Demonstrated experience with scripting and programming languages (e.g., Python, Bash, PowerShell). Excellent problem-solving skills and the ability to think critically and creatively to identify and exploit vulnerabilities. Strong communication skills, both written and verbal, with the ability to present complex technical information to non-technical stakeholders. High level of professionalism, integrity, and ethical conduct. Preferred Skills: Experience with Red Team operations and adversary simulation. Knowledge of cloud security (e.g., AWS, Azure, GCP) and container security (e.g., Docker, Kubernetes). Familiarity with threat intelligence and threat modeling. Experience with social engineering techniques and phishing campaigns. Benefits : Competitive salary and performance-based bonuses. Comprehensive health insurance plans. Opportunities for professional development and continuous learning. Flexible work hours and remote work options. Collaborative and inclusive work environment. #J-18808-Ljbffr