Junior Penetration Tester

30 Nov 2017
08 Dec 2017
Contract Type
Full Time

Claranet is a dynamic company in the corporate IT sector that is growing both organically and through acquisition. Claranet’s strategy is to build long-term, trusted relationships with its customers by delivering market-leading, integrated managed services. Sec-1 is a Claranet Group Company, established since 2001 and now providing professional standard Information Security Solutions to over 600 customers across Public and Private sectors.

Sec-1 Ltd’s Penetration Testing team is composed of highly skilled penetration testers with a real passion for improving system security posture by demonstrating how they can be broken. Team members work on everything from client projects to community work dealing with large corporate penetration tests to gaining credit for published advisories. Our team needs to grow, we are producing amazing results that make a real difference, and if you can help make this difference you should come join us too.

Sec-1 Ltd are looking to hire a Junior Penetration Tester to work in the Vulnerability Verification Team of their Managed Scanning Service. The Managed Scanning Service is a consultant led automated vulnerability scanning service which aims to continually monitor clients external attack surface for new vulnerabilities and proactively inform clients of discovered issues.


- Pre-engagement activities including scoping assessments and working with clients to determine their scanning requirements and restrictions
- Identify new targets for scanning and changes and identify changes within a target environment over time.
- Take scanner output and process this into a detailed analysis of the issue, exposure for the affected business and develop proof of concept exploits for detected issues.
- Communicate discovered issues to the client in a detailed, accurate and manageable way by means of vulnerability notifications and monthly vulnerability digests.

Sec-1 is not simply looking for someone to run a vulnerability scanner but is looking for a Junior Penetration Tester who will be able to take scanner output and develop this into full proof-of-concept exploits with detailed analysis, steps to recreate and remediation information.

The candidate should be passionate about developing a career in Information Security, specifically around Penetration Testing and Security Assessment.


Desirable Skills
- Strong knowledge of Web Application vulnerability exploitation, including but not limited to the OWASP Top 10
- Experience with Burp Suite Pro, SQLMap, Metasploit, Nmap
- Experience with live Bug Bounties, or vulnerable systems such as DVWA or WebGoat
- Knowledge of a scripting language such as Python, Ruby, or PowerShell

Desirable Certifications
- OSCP – Offensive Security Certified Professional
- CREST CPSA – Practitioner Security Analyst
- GWAPT – GIAC Web Application Penetration Tester
- A related Bachelor’s degree

This job was originally posted as www.totaljobs.com/job/77804467