This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Penetration Tester

JC280917
£45000 - £50000

Blackthorn Trace have partnered with a Security Risk Consultancy firm based in Central London to invite another talented Penetration Tester to join their growing team. Our client is looking for a confident Penetration Tester that can communicate effectively with their Clients. 

The Penetration Testing position is intended to perform and support the core components of our Clients product and services offerings. 

The location of this role is in Central London HQ as well as being based on Client sites. The new Penetration Tester will be expected to work under minimal supervision, alone and within a team and under deadlines. 


Responsibilities:
• Identify, exploit and document security flaws and vulnerabilities with attack simulations on multiple projects working against specific client focused scopes of work.
• Ability to test a variety of client form factors and technologies based on scopes of work.
• Ability to solve complex technical problems and articulate to non-IT personnel.
• Ability to effectively provide technical risk assessment of technologies in networks applications, wireless, social engineering, code reviews and war dialling.
• Ability to perform vulnerability assessments and penetration testing, utilizing tools commercial and open source tools.
• Perform, review and analyse security vulnerability data to identify applicability and false positives.
• Research and develop testing tools, techniques, and process improvements.
• Create risk based security code reviews (static & dynamic.)
• Conduct penetration testing in line with Open Web Application Security project.
• Mentor junior engineers to build their skills and contribution levels.
• Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.
• Support company through the testing and evaluation of new technologies and security controls.
• May require the performance of other essential functions depending upon work location or assignment.
Required Knowledge:
• Knowledge of security best practice guidelines, (ISO 17799, NIST, OWASP etc.)
• Relevant professional experience including working knowledge of the following.
• TCP/IP, HTML, XML, CGI, Python, Perl, Java, Java Script, C++, C#. .Net, networking including IP classes, subnets, multicast, NAT.
• WINS, DNS, and DHCP, Network troubleshooting.
• Microsoft OS, Active Directory and Server technologies.
• Encryption cracking tools
• Password cracking tools
• Remote access methods.
• Backup and disaster recovery methodologies.
• Patch management technologies and processes.
• Wireless protocols and services.
• Variety of testing tools such as: Paros, WebScarab, Burpsuite, Nessus, Appscan,
• Familiarity with UNIX a plus.


Required Skills:
• Design and testing experience related to security.
• Experience with security issues in large scale networks.
• Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software.
• Ability to grasp new technology concepts, quickly and assist others in understanding them as well.
• Senior-level documentation and project management skills.
• Ability to work in a team environment and interact with people.
• Strong verbal, communication and technical writing abilities.
• Project management skills.
• Possess strong leadership, coaching and mentoring skills.
• Occasional travel, possibly air travel.
• Ability to meet pressured deadlines and time constraints.


This job has now been filled but you may be interested in:

 

IAM Specialist

Do you want to join an award winning FinTech team that is challenging the way the world pays!? We are looking for an IAM Specialist/Developer who is proficient in using Java Script.

Our client has an important mission to change and connect the world. They value their teams and the tens of thousands of people that work for them by striving to make every effort to accommodate for every individuals needs.

The Role

  • You'll work with and take direction from IAM Security Architects to help achieve the goals of the Security Architecture and IAM Programs.
  • Design and will assist with the implementation and optimization of Identity and Access Management solutions for systems and infrastructure used by internal staff.
  • Review and evaluate solutions for enterprise and business use.
  • You'll be working on an array of technologies that may include:
  • Web Access Management using standard solutions such as CA SSO/SiteMinder, Oracle Access Manager, ForgeRock, etc.
  • Single Sign-on and Federation using standard protocols and frameworks such as Kerberos, SPNEGO, SAML 2.0, ADFS, OpenID Connect, etc.
  • Privileged Access Management using solutions such as CA PAM/Xceedium Gatekeeper, BeyondTrust PowerBroker, Dell Privilege Manager, Managed sudo, etc.
  • Two-Factor Authentication
  • Familiar with modern deployment - Docker, Mesos
  • Strong technical competency and experience in the IAM domain
  • Gained good experience as a solid hands-on programmer/developer with specialization in Java and J2EE. Bean Shell, knowledge of SailPoint Java Objects exposed through application
  • Gained solid experience in developing and customising any of the IAM solutions such as Sailpoint IIQ, OIM, TIM, Forgerock, etc...
  • Strong experience in IT Security/IAM and thereby able to demonstrate a high level of technical ability in implementation and design of the IAM solutions
  • Database: SQL (Strong SQL Skills)
  • Experience with LDAP and AD
  • Experience with Unix Systems (Solaris, AIX, Linux)
  • Experience with web technologies: XML, SPML, SOAP, REST, HTML, Web and Application Servers.

If you want to be apart of a team who can fund and develop your ideas and provide you with industry recognised training then apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Threat Hunter

My client provides an elite threat detection capability to a large array of clients using the latest tooling to help detect and respond to the latest threats. Using these tools provides my client with the capability to detect both internal and external threats.

This is your chance to provide an elite threat detection service to a broad spectrum of clients, whilst due to the rapid growth of my client you will be exposing yourself to a level of career progression that is hard to match.

The Role

As a Cyber Security Analyst you will have the ability to monitor the networks for threats and report your findings to all audiences.

You will be expected to monitor the client's assets and environments using our high end security tools. Identifying, analysing and alerting the client's to existing and emerging threat actors, the following will be the main focus of the role:

  • Perform detailed network analysis to identify potential threat actors.
  • Create clear, concise and analytical reports on threats.
  • Keep on top of current threats and informing Clients of the risk.

Key Skills

You will need to be a quick thinker who can quickly analyze threats and the impact they will have. You will have the ability to think of ways to prevent the future attacks and to be one step ahead of the threat at all times.

  • Knowledge of current Cyber Threats.
  • Understanding of typical malware functionality and capabilities.
  • Understanding of tools used with Blue Teams.
  • Packet Capture experience.
  • Familiarity with typical security technologies such as firewalls and SIEM tools.
  • An understanding of large scale networking technologies.
  • Windows and Linux exposure.
  • Scripting exposure - Python and Bash.

If you can demonstrate that you have the knowledge of current Cyber Threats, and the ability to discuss Cyber Security concepts revolving around Network IDS and malware then apply now to be apart of this professional team!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Cyber Security Analyst

The role

Our client a leading provider of professional services is looking for an experienced Cyber/ Information Security professional that will complement our existing team, and who will be responsible for the delivery of key security initiatives and activities.

Key Responsibilities

  • You will act as the primary contact for all security related incidents
  • Engage with business stakeholders to maintain information security across the business
  • Prepare accurate reports for all levels in a language and tone appropriate for the audience
  • Maintain awareness of developments in the information security industry
  • Assist the organisation in securely delivering existing and new solutions to the market
  • Assist CTI in obtaining and maintaining certifications (ISO 27001)
  • Assist the organisation in adhering to regulatory requirements (GDPR)
  • Assist in the organisation in due diligence responses
  • Conduct due diligence on potential partners and new solutions
  • Identify security control gaps and implement solutions
  • Work with 3rdparty SOC
  • Point of contact for suspected incidents
  • Provide business context and ensure they are kept up to date with environment changes
  • Continuous focus on tuning and automation of alerts
  • Act as security representative at the Change Advisory Board
  • Act as a consultant to our Infrastructure team during projects and proposed changes

Required skills

  • Security Architecture design and implementation
  • Experience developing MSSP SOC
  • Incident Detection/Response experience
  • Experience working with a SIEM solution
  • Exposure to SIEM & Vulnerability management solutions
  • Strong Active Directory experience
  • Securing Windows environments (desktop/server)
  • 3 years' experience in an Information Security role
  • Strong knowledge of network security within a corporate environment
  • Experience working in an ITIL environment

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Palo Alto Engineer

 

Are you an experienced Palo Alto engineer looking to help drive my client from being a Palo Gold Partner to a Paulo Platinum partner?

 

This role will enable you to use your entire skill set from Installation and configuration to low level and technical design whilst playing an integral part of the Engineering team. You will be a passionate individual who is willing to help train other members of the team and to help keep my client on its impressive trajectory to success.

 

Job Role

  • Maintain the clients security devices and upgrade when necessary
  • Provide support to project managers on security deployments
  • Suggest and details design changes as and when needed
  • Documentation for the customers installations and provide continue service advice
  • Pro-actively review and maintain client infrastructure
  • To be able to troubleshoot during emergency situations
  • Providing support for other members of the team
  • To provide pre-sales support and design rollout

 

 

Skill Set

  • PA Networks Certified Network Security Engineer 7-8 and CCNA certified
  • Palo Alto security installation and support
  • Data knowledge,routing and Networking protocols (BGP, OSPF and EIGRP, MPLS, VRF, SIP, Traffic Shaping / QoS)
  • Palo Alto and Cisco Command line
  • Familiarity with Data Centre environment and hosted deployments/cloud
  • Client Support both remotely and face to face
  • Wireshark experience or similar product
  • A high level of Palo Alto expertise in design, configuration, migrations, tuning and customization of features
  • Thorough knowledge of Panorama, WildFire, Global Protect, and other Palo Alto features including and not limited to SSL decryption

 

Desirable

  • Knowledge of Avaya and/or Mitel phone solutions
  • Experience of the Python programming language

 

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Senior Security Architect

Are you looking for a position of importance? My client is looking for a Senior Security Architect to help provide resilience across their Cyber teams to ensure they maintain operational capability in the current security landscape.

This role you will be reporting to the Director of Security Architecture and Engineering and you will be responsible for the growth and management of my client's architecture enterprise. You will use your expertise to help support the Architecture goals of the business.

The Role

  • You will work in close proximity to other security teams to help establish system boundaries and weaknesses, current or potential risks and their impact.
  • Ensure principles that support the current life Cycle
  • Support the development of risk management processes and program protection planning
  • Implement service management concepts for networks and related
  • Apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology
  • Develop and apply cyber security, privacy principles, and organizational requirements.
  • Develop cross domain solutions for multi-level security systems that support confidentiality, integrity, and availability requirements.
  • Collaborate in the development of cloud service models and effectively communicate possible limitations for an incident response Network Security
  • Apply network security architecture concepts including topology, protocols, components, and principles
  • Collaborate with the appropriate entities to determine how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes
  • Assist in the development of network design processes, to include communication of security objectives, with consideration to operational objectives, and trade-offs.
  • Perform capabilities and requirements analysis.
  • Develop information security rules and enterprise security requirements that describe baseline and target architectures.
  • Translate operational requirements into protection needs
  • Determine and communicate cyber threats and vulnerabilities, and any operational impacts of cyber security lapses
  • Implement vulnerability assessment tools
  • Apply Personally Identifiable Information data security standards in accordance with laws, regulations, policies, and ethics as they relate to cyber security and privacy.

This is a unique opportunity to be apart of a global organisation and help implement changes that will secure the future of not only the Architecture team but of the entire enterprise. If this sounds like you apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

DevOps Engineer (Developer)

Blackthorn Trace is working with an independent energy regulator to find a DevOps Engineer to play a vital part in maintaining, running and supporting their Azure cloud based infrastructure. Their infrastructure is used for development and test operations in addition to developing and implementing a strategy to create an automated pipeline for the business critical schemes. This opportunity will allow you to demonstrate your knowledge in managing an IaaS/PaaS Azure platform and ways of automating deployments to platforms such as Powershell and the Azure APIs.

Key responsibilities

  • Participate in the planning of work within an agile development environment.
  • Design, build and maintain complex cloud based infrastructure and the relevant automated tooling.
  • Operational management and support of cloud infrastructure.
  • Maintenance and infrastructural support for a range of legacy applications.
  • Testing, debugging and troubleshooting of platform level problems.
  • Work with developers to ensure services are appropriately configured for deployment, running and monitoring through an automated process.
  • Work with developers to test, debug and troubleshoot application issues and problems within the cloud environments.
  • Prioritise and deliver recommendations and improvements in response to infrastructure based incidents.
  • Be creative and bring fresh ideas for designing new and user-friendly solutions.
  • Advise on product architecture from a deployment perspective. DevOps Engineer (Infrastructure)

Specific skills and capabilities

  • Must have a previous Software Development background, preferably in .Net
  • Excellent knowledge of the Azure infrastructure including IaaS and IaaC
  • Experience in deploying MVC and NodeJS applications and micro services
  • Experience deploying Database changes
  • Understanding of scripting tools (i.e. Powershell) that can assist in automation of key infrastructure tasks.
  • Strong experience using the Azure DevOps/TeamCity/Jenkins/TFS build management and CI server.
  • Experience of using Git/bitbucket
  • Experience supporting and maintaining a complex, multi-server, microservice driven environment.
  • DevOps experience with Terraform and ARM Templates.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.