Penetration Tester

Penetration TesterBelfastUp to GBP73,000

The CompanyThis leading international Professional Services group operating in Europe, Asia and the Middle East, boasts a strong track record of delivering high quality services to a blue–chip portfolio of clients in some of the fastest growing markets in the world. Ongoing expansion has created a new opportunity for an experienced Penetration Tester. This is a creative and innovative role to drive the team and upskill and empower colleagues to utilise new systems.

Key Responsibilities of the Penetration Tester

• Serve as the subject matter expert within the Firms VAPT team
• Critically analyze proposed and existing solutions for adherence to recognized standards of secure system design, including requirements resulting from the ISMS Policy, client contracts, the regulatory environment, and professional obligation
• Architect, implement, and support assessment solutions identified as necessary for the protection of Firm assets
• Provide effective oversight and guidance for other VAPT team members
• Continually evaluate relevant products, tools, scripts, and techniques that improve existing assessment capabilities
• Prioritize assessments to maximize risk reduction efforts relative to business impact and resource availability
• Develop comprehensive and understandable assessment reports that effectively summarize findings and recommendations
• Assist constituents with remediation activities by acting in a consulting role, retesting as needed

Skills & Attributes of the Penetration Tester

• Extensive experience with common automated VAPT tools such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave
• Proficiency with other common attack tools and frameworks such as Wireshark, Kali, and Metasploit, etc.
• Proficiency with mobile platform security technology, including vulnerability identification and exploitation tools as well as mobile platform security best practices, frameworks, etc.
• Ability to validate the presence of identified vulnerabilities with accuracy
• Expert understanding of security concepts, technologies, controls, and best practices
• Working knowledge of information security frameworks such as ISO27001, NIST, and CIS
• Ability to synthesize contract language and convert such language to controls
• Authoritative understanding of security threats, qualitative and quantitative risk valuation models, and effective tools, tactics, and techniques for risk reduction
• Expertise with risk management principles in the context of application assessments
• Authoritative understanding of underlying application technologies to assist with robust assessment strategy
• Authoritative understanding of principles, theories, techniques, and methods of information system analysis and programming, particularly secure coding practices
• Thorough knowledge of data processing and data communications concepts and services
• Working knowledge of encryption technologies and standards, both at–rest and in–flight
• Expert analysis skills, including the gathering and analyzing of facts, formulating objective conclusions modified by subjective and experience–based qualifiers when appropriate, defining problems, and promoting solutions
• Ability to adapt, integrate, and modify existing programs or vendor–supplied package programs for use with existing information systems
• Proficient in the delivery of training and informational sessions to technical and non–technical constituencies
• Expert analytical skills, including the gathering and analyzing of facts, formulating objective conclusions modified by subjective and experience–based qualifiers when appropriate, defining problems, and promoting solutions
• GPEN, OSCP, GWASP, GMOB or equivalent preferred (CISSP, SSCP, CISM, CRISC, CISA, or CGEIT optional)

Applications can only be considered from those eligible to live & work in the UK without restriction.

Harcourt Matthews is acting as an Employment Agency in relation to this vacancy. Our divisions include: Legal Operations (Legal Tech and Legal Project Management, LPM, Operations Project Managers, Change, Innovation and Process Improvement); Accounting & Finance (Part and fully qualified Accountants); Pricing & Strategy; Pfi/PPP & FM.

Harcourt Matthews is committed to diversity and inclusion. We value and encourage applications from all ethnicities and welcome everyone regardless of social background, disability, gender identity, and orientation. Diversity benefits us all and challenges our assumptions.

Ref: BHJOB3543_5729