Address
SalarySecurity Engineer
Please note - this position is based in the UK and we, unfortunately, are not able to provide visa sponsorship.
What we’re offering (we know, everyone jumps to this section first!)
- Salary of £45,000 - £65,000
- Share options so you benefit from our success
- 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want them ️
- Flexible working - some of us work from home, some in office (East London), and everything in between. We're flexible
- Training budget for one major certification / course per year
- Regular (optional) socials
As a small but growing team, we're flexible and offer a level of autonomy that allows you to make meaningful and lasting contributions to Intruder and our customers.
About Intruder
We make it easier to not get hacked.
Every day people sign up for online services, enter their personal data, and put themselves at risk of malicious actors. We work to enable these services to be better protected, making sure new vulnerabilities are found and closed rapidly before your data can be stolen.
We do this with a powerful but easy to use platform that is low on noise and high on trust, information, and context – so when we say it’s critical, companies know they have to act fast.
In the past 2 years, we have grown rapidly in product capability, customer base, revenue, and employee size. The next few years promise more of the same, with plenty of growth opportunities for us and our teams!
About the this position:
We are looking for a Security Engineer to help scan our customers for the latest critical vulnerabilities, write new vulnerability checks, and automate the penetration testing process at scale. This role is varied and includes:
- Writing new vulnerability detections with Nuclei, and curating crowd-sourced checks for inclusion into the Intruder platform
- Custom scanning of customer targets for emerging critical weaknesses: Rapid Response
- Writing technical content for our website about the latest vulnerabilities
- Automate the pentesting methodology to carry out checks at scale against multiple customers simultaneously
- Work on projects to research and provide evidence for novel improvements to the Intruder platform
- Providing technical assistance on client calls, and occasionally assisting at events
What we think you need to be successful:
- At least 2 years' industry experience in offensive security roles
- A technical academic background in software engineering or cyber security
- One or more of the following industry qualifications:
- Offensive Security Certified Professional (OSCP)
- Offensive Security Web Expert (OSWE)
- Offensive Security Evasion Techniques & Breaching Defences (OSEP)
- CREST Registered Penetration Tester (CRT)
- CREST Certified Web Application Tester (CCT APP)
- CREST Certified Infrastructure Tester (CCT INF)
- Experience in some or all of the following:
- Network penetration testing and a thorough understanding of network protocols
- Web application penetration testing and a thorough understanding of application layer vulnerabilities
- Automation of simple tasks and complex chains using Python, Ruby, or Golang
- Developing, extending, or modifying detection and fingerprinting code
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Strong knowledge of tools used for web application, and network security testing including commercial vulnerability scanning engines
- Cloud services, including how to interact with, and assess them for weaknesses
- Comfortability with client-facing calls in a consultancy setting
- Excellent technical writeup skills
Hiring Process:
- Company intro (30 minutes, remote): initial chat with People team for you to learn more about the role and tell us what you're looking for
- Security Intro (40 minutes, remote): introductory call to discuss your experience with a member of the Security team
- Technical Task: a mini project to complete in your own time, before the final interview
- Final Interview: (1 hour 30 minutes): final technical interview questions, and discussion of your technical task
