We are looking for a penetration tester to lead our Network, WebApp, mobile and wireless testing services.

As well as servicing our current broad customer base we seek someone to help us develop this part of the business, to add new capabilities and to support our Incident Response product CyberCPR.

We seek a person with one or more of the following:

  • CREST/TIGER or CHECK Team Leader (CTL) (or a CTM someone willing to get certified)
  • Or OSCE/GXPN certified and willing to get CTM/CTL (we will also consider OSCP/GPEN).
  • Or no certs but the ability to demonstrate the required self-acquired knowledge and willing to show us at the interview test network (and the willingness to get CTM/CTL).

You should be comfortable with:

  • both automated testing and manual verification and testing.
  • writing scripts to improve your testing and these should be in PowerShell, BASH, Python, Perl, C.
  • Burpsuite Pro would be a significant advantage but experience with other web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Accuntix, NTO Spider etc.) would be desirable.
  • Penetration testing on mobile platforms such as IOS, Android, Windows and RIM.
  • Vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc).

We don’t care about age, gender, dress sense J we only care that you are passionate about your testing and that you are able to work in the UK – We have a preference for UK nationals as we are sometimes asked to provide those on certain contracts; but let’s have a chat.

You will be given a high degree of autotomy so you should be a self starter and able to meet with clients and develop the offering. This will include an element of attending sales calls and site meetings.  We are not looking for 85% + utilisation, but an integral member of the team and company so you can plan on getting some of that family time back and not being on the road every day (#winning)

About the job:

With the ability to work from home (in the UK) or our offices in Cheltenham or Cardiff, we are flexible around you and the workload.  As a boutique company we have some interesting clients but not so many that you will spend all your time testing.  We allow time each week for personal development at an individual level (pluralsight) or via SANS or other training providers.

Previous experience as a Penetration Tester is mandatory, the offered pay will reflect certifications held and the individuals previous testing experience (ranging from £40,000 to £69,000).

Package includes company pension, 30 days holiday, pluralsight membership and paid for attendance at cyber/hacking conferences world wide.

Finally, the successful candidate will be required to undergo standard and most likely MOD clearance.