Salary: £75,000 + bonus, pension and benefits
A world leading consultancy providing advisory, technology, risk, analytics, tax and audit services to organisations globally.
They believe in connecting across businesses, industries and sectors, and private and have a track record delivering that goal.
The company specializes in supporting dynamic businesses on rapid growth trajectories and proudly delivers best in class services, rigorously upholding its standards of excellence
The Service - Vulnerability Assessment and Penetration Testing
Working with clients as trusted advisors to understand key risks and exposures, both in their own IT infrastructure and IT service providers. Providing expert contributions to national security policy, identifying zero-day exploits in major vendor products, and securing national governments’ online health, e-voting and financial applications.
Reports based on automated tools alone are not sufficient to gain a complete picture of the security threats facing an organisation. Effective vulnerability assessments need supporting analysis and SME for meaningful results. We evaluate the severity of vulnerabilities in the context of the organisation’s risk profile. Providing our clients with a clear direction towards mitigating the highest and most concerning vulnerabilities.
Our services include:
- technical vulnerability assessments
- application and infrastructure penetration testing
- social engineering and open source intelligence assessments
- identify flaws in technology architecture and design
- find security errors in application and software code
- determine vulnerabilities in process, policies and personnel
As a Pentest expert, take ownership of consultancy pieces and Red Team assignments in a way that exceeds client expectations, whilst taking responsibility for managing and developing team members.
- Conduct world class pentesting on-site with clients
- Infrastructure testing: Located inside the target network and see what systems we can exploit from a network perspective a knowledge of network services. Being familiar with tools such as nmap, Nessus, metasploit, etc will help in this regard.
- Application testing: Identifying weaknesses in web (and mobile) applications. We look for issues typically categorised within the OWASP Top 10 such as XSS, SQLi, CSRF, Session hijacking and command injection a knowledge of web applications and web development languages helps during this type of testing and familiarisation with tools such as burpsuite and w3af
- Wireless Testing: Wireless audits includes a review of client provided wireless access points, ensuring that correct practices are followed in the deployment of 802.1x connectivity and the detection and location of rogue access points that may be planted within a client environment. Tools include: kismet, aircrack, wifite, etc.
- Lockdown Testing: Given a client workstation or system and it’s our job it to see if we can breakout of the locked down user environment. This is often also called kiosk testing and the idea is to see what a normal user can do outside of their expected functionality with the ultimate goals being that of accessing data and/or resources they would not have legitimate access to otherwise. Typically we find that a knowledge of scripting languages such as powershell, VBS, Bash, general operating systems and system administration helps the most in this area.
- Firewall and Switch reviews: This is where we review both the permitted rules that can traverse a firewall/switch as well as looking into the build state of the firewall to ensure it follows best industry practice. A familiarity with network topics including routing along with common services helps in this area not forgetting knowledge of firewall solutions themselves, Cisco, Juniper, Nokia, Fortinet, etc and while we do make use of automated tools in order to speed up reviewing times on the whole it requires manual work and an analytical mind to decipher most large rulesets.
- Attend external events to create networks and potential new opportunities
- Helps to develop new products and services
- Design and manage all Security Test Execution in appropriate phases in the SDLC
- Provide advanced threat analysis and pre- and post-attack analysis of sophisticated cyber attacks
- Act as an 'ambassador' of the firm, through awareness of the wide range of services the firm offers and suggest innovative products, whilst pro-actively identifying cross selling opportunities
- Extensive hands-on Penetration Testing (Pen Test, PenTest) against corporate environments
- Offensive security techniques
- Personal passion for technology and pentesting
- Network and application testing
- Previous Experience of using web vulnerability scanning tools
- Infrastructure & Architecture Analysis
- Consultancy experience
- Financial services experience
- CREST Accredited
- CAST / OSCP / OSCE
- HP Fortify, Checkmarx, BlackDuck