Penetration Tester, Home Based

Recruiter
Hedgehog Security Ltd
Location
Tean
Posted
10 Feb 2018
Closes
15 Feb 2018
Contract Type
Permanent
Hours
Full Time

Hedgehog Security is recruiting for a qualified, experienced penetration tester to be based from home but may include up to 60% of the year travelling globally. The penetration tester will report to our team leader who is based in the UK and our management team, meeting daily in our digital office. The right candidate will be offered excellent career progression and growth in one of the industry's leading independently owned cyber security companies.

Benefits of working at Hedgehog include:

  • Bonus's based on our Technical Quest boosters
  • Generous holiday allowance of up to 30 days.
  • Research and lab time for that security project you have in mind. We provide paid time to finish it; and explore options for further research.
  • Speaking opportunities happen all the time. You will work with the marketing team to help you get established. We would expect you to present on a regular basis to the community.
  • Each of our testers is assigned to an ongoing professional training programme, agreed upon commencement and each year thereafter.
  • You are expected to make a visible presence at industry conferences, such as OWASP, Black Hat and DefCon.
  • Flexible benefits such as pension, health, gym membership, cycle to work scheme, season ticket loans, company car scheme.
  • Access to the Hedgehog motorsport team, with social weekends away at various race circuits competing at grass roots levels through to professional levels.

Responsibilities

As a Penetration Tester you will join a highly experienced team that delivers work on client projects in UK, Gibraltar, and throughout Europe. Your responsibilities will include:

  • Delivering a range of black-box, grey-box and / or white-box penetration testing to clients.
  • Working on projects in web, mobile application testing, infrastructure testing, phishing and social testing.
  • Delivering reports to clients that highlight areas of identified weaknesses.
  • Providing advice to clients on technical-remediation routes.
  • Delivering all projects to the very high standards our clients expect.
  • Work with other members of the team to share knowledge and experience, and to find creative ways of solving technical issues.
  • Attending project commencement calls and meetings to finalise the scope for upcoming projects.
  • Experience of delivering hands-on web / mobile application and infrastructure testing.
  • Demonstrable experience of security research and exploit creation.
  • Initiative and problem-solving skills.
  • Highly responsive with an ability to handle escalations quickly and professionally.
  • Possess a creative approach to performing thorough proven-method tests.
  • Have the ability to work towards client-led or internal deadlines.
  • A Full knowledge of OWASP Top 10 and SANS CWE Top 25; and how to exploit vulnerable systems in each of these categories.
  • Have minimum of 2+ years’ professional experience.
  • A willingness to travel.

Essential Requirements

  • Excellent verbal and written communication skills, and the ability to write strong technical reports.
  • In-depth security knowledge of both Windows and Linux platforms.
  • Experience of delivering hands-on web / mobile application and infrastructure testing.
  • Initiative and problem-solving skills.
  • Be OSCP and CREST CRT qualified.
  • Highly responsive with an ability to handle escalations quickly and professionally.
  • Possess a creative approach to performing thorough proven-method tests.
  • Have the ability to work towards client-led or internal deadlines.
  • A Full knowledge of OWASP Top 10 and SANS CWE Top 25 and how to exploit vulnerable systems in each of these categories.
  • Have minimum of 2+ years’ professional experience.
  • A willingness to travel.
  • You will need very strong communication skills including:
  • An articulate and confident presentation style.
  • Ability to explain how exploits were carried out, and how a client should remediate.

Desirable Requirements

  • Ideally you will be fluent with programming skills and have strong knowledge of ASP .net, PHP, Java, Python, Objective C and C#.
  • Strong database (MS SQL, MySQL) and web server (IIS, Apache) skills.
  • Experience of testing a variety of platforms including iOS, Android, Windows and Linux.
  • API testing.
  • Any experience of research, authoring, public-speaking or intelligence analysis.

Other Information

Hedgehog supports forces veterans and blue light service leavers and is an equal opportunities employer.

Similar jobs

Similar jobs