Careers at Pentest

We are looking for an experienced penetration tester, with a minimum of 3 years experience delivering commercial engagements. You must hold a current CREST CCT certification to be considered.

You will be working within the Penetration Testing Team, undertaking penetration testing and red teaming engagements across the full spectrum of possible targets and for a growing portfolio of global clients.

Your work will involve:

• Working with clients to understand their requirements, providing expert services to meet these needs
• Accurately scoping engagements and supporting our account management team in the development of client proposals
• Planning and executing tests
• Documenting your methodologies
• Performing penetration tests on computer systems, networks and applications
• Performing physical security assessments of systems, servers and other network devices to identify areas that require physical protection
• Creating new testing methods and writing scripts to identify vulnerabilities
• Pinpointing methods and entry points that attackers may use to exploit vulnerabilities or weaknesses
• Searching for weaknesses in common software, web applications and proprietary systems
• Researching, evaluating, documenting and discussing findings with IT teams and management
• Creating detailed technical reports about your findings, including evidence of exploitation and POC’s
• Providing post-test support to clients
• Reviewing and providing feedback for information security fixes
• Establishing improvements for existing security services, including hardware, software, policies and procedures
• Identifying areas where improvements could be achieved
• Being sensitive to corporate considerations when performing testing (i.e. minimise downtime and loss of employee productivity)
• Staying updated on the latest threat actor TTPs and security threats

You will require working knowledge of the following scripting languages:

• Python
• Powershell
• Bash

Experience with network OS, Windows/ Linux/ MacOS, communications protocols, firewalls, IPS/IDS systems, virtual environments, data encryption, and mobile penetration testing of IOS/Android systems.

Knowledge of common pen test and application security tools, such as:

• Kali
• Metasploit
• Burpsuite
• Wireshark
• Nipper
• Nmap
• Nessus, and others

To excel in this role, you will need a wide range of skills, which include:

• Coding skills required to infiltrate any system
• Comprehensive knowledge of computer security, including forensics, systems analysis and more
• Insight into how hackers exploit the human element to gain unauthorised access to secure systems
• Clear understanding of how computer security breaches can disrupt business, including the financial and managerial implications
• Exceptional problem-solving skills
• Communications skills to document and share your findings

How to apply

Please send an email to contact@pentest.co.uk attaching pdf copies of both your CV and CREST CCT certificate, using the subject line ‘Information Security Consultant Job Application’.

Good luck!