Location: TOP SECRET | Division: OFFENSIVE | Position type: PERM | Reports to: PENTESTING LEAD
Want to work for one of the largest financial services corporations as a penetration tester, testing your ability against one of the most formidable security systems in the world?
This is your opportunity to gain experience within a global financial services giant that is looking for experienced penetration testers to join their world-renowned team. Your focus would be conducting and deploying a range of penetration methods across; internal and external web, mobile and web service applications to find and exploit vulnerabilities.
- Code reviews, vulnerability assessments and penetration tests of web/mobile and web service applications.
- Create documentation of your findings and communicate them to; application developers and senior management in a non-technical manner.
- Utilize automated and manual techniques and tools to uncover security vulnerabilities within the system.
Your skill-set should include:
- Previous experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc).
- Knowledge of network and Web-related protocols/technologies
- Ability to demonstrate manual web application testing experience
- Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, Seeker etc.)
- Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)
- Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM would be advantageous
Qualifications/ examples preferred:
- CRT/ CCT
- GWAPT / GPEN
- Bachelors degree
Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.
PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.