Penetration Tester - Information Security

Gerrard White
30 Sep 2017
03 Nov 2017
Contract Type
Full Time
Penetration Tester - Major UK Insurer - Perm
This is a fantastic opportunity for an experienced Penetration Tester to join one of the most trusted names in UK insurance, within their threat intelligence team.
Working with a business where employees and customers are always at the core of their values and practices, you will be offered excellent opportunities to develop and progress your career, alongside a competitive salary and benefits package.
Job Description
Reporting into the Security Testing Manager you will be responsible for identifying and assessing security vulnerabilities across a range of technology systems within an enterprise scale business. Your work will be in line with the businesses methodologies, policies, and industry regulated frameworks.

This role acts as a technical authority which provides assurance that security is built in by design.

Your duties as a penetration tester will include but not be limited to the following:
·Responsible for scoping and execution of penetration tests against a variety of technologies including web application, mobile and infrastructure.
·Collaborating with a variety of internal stakeholders (security consultants, project managers, development teams, security architects, technical SME's) to deliver high quality penetration tests
·The production of penetration test reports which highlight and clearly articulate vulnerabilities and weaknesses to stakeholders in non-technical language.
·Developing testing plans to successfully conduct application testing, infrastructure testing, scenario based testing, process testing, social engineering consistently throughout business
·Reporting on and suggesting fixes to vulnerabilities identified.
·Managing remediation of vulnerabilities with Business owners, 3rd party vendors and internal resources.
·Identifying potential network, system, application and physical security vulnerabilities.
·Researching existing exploit code and developing mitigation strategies evaluation and implementation.
·Identifying and maintaining standards and procedures for the use of tools for approved internal testing purposes.
·Collaborating on current and emerging security threat trends with the Security Testing Team Leader, Senior Penetration testers and the Threat Analysts, use this intelligence in preparation of future test strategies.
·Responsible for collaborating with Threat Analysts to define scenario based testing covering people, process and technology.

The Successful Pen Tester
I am looking for an experienced Penetration Tester who is technically astute, and possesses a passion for information security, and mitigating vulnerabilities within a business.

You will have a background in identifying, and documenting issues that arise from security assessments

You will also have experience with:

·Web application and infrastructure penetration testing
·Common web application issues such as SOLi and XSS.
·Scanning tools such as nmap, Nessus, and Burpsuite
·Knowledge of Unix, Windows security configurations and vulnerabilities
·Understanding of security benchmarks such as OWASP, CIS
·Network protocols, TCP/IP Dynamic Host Configuration, DNS, and Directory Services
·Common Network Tools, such as ping, nslookup, traceroute
·System admin, network, and operating system techniques

You must be a first class communicator with the ability to confidently interact with senior stakeholders, and third party suppliers, translating technical information in an understandable way.

What's on Offer for the successful Penetration Tester
Competitive base salary depending on experience, coupled with an excellent benefits package and bonus.

This job was originally posted as