Bulletproof, an innovative and expanding Cyber Security specialist, is looking to recruit Penetration Testers/Senior Penetration Testers to join our growing UK team. Ideally OSCP or CREST CRT qualified (but not essential), we are looking for experienced Penetration Testers who are eager to provide a best-in-class service to our clients throughout the world. As a pivotal part of Bulletproof's service offerings, we are looking for Penetration Testers who have strong offensive technical skillsets, who can discover and exploit vulnerabilities and misconfigurations in a range of different environments, alongside having the ability to communicate issues clearly and concisely for customers. Focusing predominantly on testing web apps (although other Penetration Services are offered and provided), we offer a collaborative and best practise-sharing environment with a focus on working as a team.
We believe this is fantastic opportunity to be part of Bulletproof at a hugely exciting time. As a company, we are able deliver many types of testing, from 'vanilla' web application and infrastructure testing through to hardware assessments and red team engagements, and, as a Penetration Tester, you will be key in helping to deliver our services whilst providing an excellent Bulletproof experience. An overview of the main duties has been provided below:
• Perform formal and comprehensive penetration testing assessments, with a focus on web applications;
• Provide well-written, concise, technical and non-technical reports in English;
• Perform vulnerability assessments and provide findings with remediation actions;
• Support with various client pre-engagement interactions, including scoping activities and proposal drafting;
• Manage and deliver penetration testing project activities to deadlines;
• Research application and infrastructure components within the wider team to identify new vulnerabilities and follow responsible disclosure;
• Assist in scoping calls and discussions with customers to ensure that client needs are met.
Please note, travel to client sites may be required as part of this role.
Skillset, Experience and Qualifications;
• Proven industry experience in web application penetration testing;
• Strong understanding of OWASP, PTES and other penetration testing methodologies;
• Knowledge in testing mobile applications (iOS/Android);
• Knowledge of how modern web apps are designed, developed and deployed across different platforms;
• Experience in preparing and launching social engineering campaigns;
• Ability to program or script in your preferred language;
• Good understanding of network and OS principles;
• Relevant security qualifications (such as OSCP, CREST CRT, TIGER);
• Strong analytical skills;
• Excellent negotiating skills;
• Excellent written and spoken English.