Web App Penetration Tester

BPTA.09.MH_1568903392
Negotiable

Managing this Role

Matthew Hockey

Associate Consultant - Cyber Specialist 0207 759 7878

Coming from a financial services background, Matt has a clear understanding of the information security compliance processes. Along with his strong passion for up and coming technology, most recently creating a AI chat-bot,  puts him in a unique position to effectively source market leading cyber security candidates.

 

Seniority: Junior - Mid Level

Job Type: Permanent

Geographical coverage: London

Market: Technical Engineering with Security Operations and Architecture

Location: North England/ Dublin | Division: Offensive | Position type: Full Time | Reports to: Security Lead

Do you want to work for one of the largest financial services corporations as a penetration tester, testing your ability against one of the most formidable security systems in the world?

This is your opportunity to gain experience within a global financial services giant that is looking for experienced (OSCP, CRT, GWAPT) penetration testers to join their world-renowned team. Your focus would be conducting and deploying a range of penetration methods across; internal and external web, mobile and web service applications to find and exploit vulnerabilities.

Roles and Responsibilities:

  • Code reviews, vulnerability assessments and penetration tests of web/mobile and web service applications
  • Create documentation of your findings and communicate them to; application developers and senior management in a non-technical manner
  • Utilise automated and manual techniques and tools to uncover security vulnerabilities within the system

Skills and Requirements:

  • Previous experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc)
  • Knowledge of network and Web-related protocols/technologies
  • Ability to demonstrate manual web application testing experience
  • Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, Seeker etc.)
  • Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)
  • Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM would be advantageous
  • Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C would be advantageous

Qualifications/examples preferred:

  • OSCP
  • CREST
  • Burpsuite portfolio
  • Bachelors degree

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.