Penetration Tester

14 Apr 2018
14 May 2018
Contract Type
Full Time
Sec-1 Ltd’s Penetration Testing team is composed of highly skilled penetration testers with a real passion for improving network and application security posture by demonstrating how systems can be compromised. Team members work on everything from client projects to community work, dealing with large corporate penetration tests to gaining credit for published advisories. Our team needs to grow, we are producing amazing results that make a real difference, and if you can help make this difference you should come join us too.
As a Penetration Tester with Sec-1 Ltd, your primary objective will be to gather knowledge and experience so that you can attain industry certifications such as CREST Practitioner Security Analyst and/or CREST Registered Tester. Early stages of your role will involve the delivering of Cyber Essentials certification and shadowing senior penetration testers on their work. You will compose your findings in a concise report and interact closely with customers to help with remediation.
  • Achieve CREST Practitioner Security Analyst
  • Performing remote and onsite auditing for Cyber Essentials
  • Shadow senior penetration testers on application security assessments against a wide range of web application technologies
  • Shadow senior penetration testers on infrastructure security assessments against a wide range of operating systems and network devices
  • Shadow senior penetration testers on wireless security assessments against a wide range of wireless devices
  • Undertaking information security assignments and other projects as required
  • Communicating within Sec-1 and with clients, both orally and in writing
  • Assisting with the development and growth of the Sec-1 team and services
  • Assisting with the development and maintenance of a competency framework/assault course to aid in team development
  • Assisting with the development of cutting edge training material for internal and external delivery
  • Contribute to the writing and publishing of Sec-1 whitepapers and advisories

To be considered for this position meeting the following requirements are essential:
  • Have good all round technical knowledge and a detailed understanding of networking protocols
  • Have experience of at least one scripting language such as Ruby, Python or Perl
  • Able to manually exploit basic infrastructure vulnerabilities and escalate privileges
  • Able to manually and proficiently exploit basic web application vulnerabilities
  • Able to contribute to the development of subject matter expertise of focused capabilities in a broad range of topics
  • Have a working knowledge of common programming languages such as C, C++, C#, Java
  • Be proficient in conducting infrastructure security assessments against Windows and Unix based networks
  • Able to write exploit code / assessment tools for common vulnerabilities
  • Have an understanding of mobile application testing and methodologies
ACADEMICBachelor’s degree in information security/ethical hacking , Or;
  • 1+ years information technology experience
  • 1+ years computer and network security experience
  • 1+ years experience managing client projects
  • 1+ years information security consulting experience

  • Willing to travel and conduct information security and penetration testing work out of normal office hours as and when required by our clients
  • Client facing, able to confidently and professionally represent the company
  • Must be self-motivated and able to work in an independent manner
  • Full UK Driving License
  • Excellent written and oral communications skills

  • CREST Practitioner Security Analyst or equivalent
  • CESG CHECK Certification
  • Eligibility for clearance
  • CISSP, CISA, CEH, OSCP or other reputable information security certifications

The duties of this position will be performed from our office in Leeds, from customer sites, or from a home location (conditions apply), and will require driving to a customer location and some out of hours work. The candidate will be expected to work alone, around others, under minimal supervision and under deadlines.

This job was originally posted as

Similar jobs

Similar jobs