This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Penetration Tester

JC280917
£45000 - £50000

Blackthorn Trace have partnered with a Security Risk Consultancy firm based in Central London to invite another talented Penetration Tester to join their growing team. Our client is looking for a confident Penetration Tester that can communicate effectively with their Clients. 

The Penetration Testing position is intended to perform and support the core components of our Clients product and services offerings. 

The location of this role is in Central London HQ as well as being based on Client sites. The new Penetration Tester will be expected to work under minimal supervision, alone and within a team and under deadlines. 


Responsibilities:
• Identify, exploit and document security flaws and vulnerabilities with attack simulations on multiple projects working against specific client focused scopes of work.
• Ability to test a variety of client form factors and technologies based on scopes of work.
• Ability to solve complex technical problems and articulate to non-IT personnel.
• Ability to effectively provide technical risk assessment of technologies in networks applications, wireless, social engineering, code reviews and war dialling.
• Ability to perform vulnerability assessments and penetration testing, utilizing tools commercial and open source tools.
• Perform, review and analyse security vulnerability data to identify applicability and false positives.
• Research and develop testing tools, techniques, and process improvements.
• Create risk based security code reviews (static & dynamic.)
• Conduct penetration testing in line with Open Web Application Security project.
• Mentor junior engineers to build their skills and contribution levels.
• Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.
• Support company through the testing and evaluation of new technologies and security controls.
• May require the performance of other essential functions depending upon work location or assignment.
Required Knowledge:
• Knowledge of security best practice guidelines, (ISO 17799, NIST, OWASP etc.)
• Relevant professional experience including working knowledge of the following.
• TCP/IP, HTML, XML, CGI, Python, Perl, Java, Java Script, C++, C#. .Net, networking including IP classes, subnets, multicast, NAT.
• WINS, DNS, and DHCP, Network troubleshooting.
• Microsoft OS, Active Directory and Server technologies.
• Encryption cracking tools
• Password cracking tools
• Remote access methods.
• Backup and disaster recovery methodologies.
• Patch management technologies and processes.
• Wireless protocols and services.
• Variety of testing tools such as: Paros, WebScarab, Burpsuite, Nessus, Appscan,
• Familiarity with UNIX a plus.


Required Skills:
• Design and testing experience related to security.
• Experience with security issues in large scale networks.
• Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software.
• Ability to grasp new technology concepts, quickly and assist others in understanding them as well.
• Senior-level documentation and project management skills.
• Ability to work in a team environment and interact with people.
• Strong verbal, communication and technical writing abilities.
• Project management skills.
• Possess strong leadership, coaching and mentoring skills.
• Occasional travel, possibly air travel.
• Ability to meet pressured deadlines and time constraints.


This job has now been filled but you may be interested in:

 

Senior Cyber Security Consultant

If you have expertise in both IT and Cyber Security client facing roles this is your chance to be apart of a successful MSSP.

You will work in with your teams and clients to build up all the key elements of the company to develop their Cyber strength and to ensure your work is sustained.

You will have the opportunity to work on challenging projects, spanning all security domains for various end clients on a global scale. You must be willing to travel both nationally and internationally to meet with Clients if the need arises.

Individual learning plans and course funding is an incentive my client is not shy on throwing out. .

Key Responsibilities:

To manage and deliver cyber security projects. You will also lead engagements, manage project deliverables, timescales, budgets and client relationships.

To apply an excellent breadth of cyber security domain knowledge to consulting engagements, helping organisations to understand their cyber security challenges;

An ability to write reports to a high level is also required.


The successful candidate will:

  • Maintain a strong understanding of all information security domains;
  • Have comprehensive knowledge of industry standards such as NIST 800-53, SANS 20 CSC, ISO 2700 Series, PCI DSS, GDPR;
  • Possess strong presentation and communication skills and be comfortable discussing cyber security topics with non-technical and business audiences;
  • Have a good grasp of IT and information security technologies and products;
  • Able to interface with clients of all levels;
  • Be proactive, flexible and willing to travel globally.

Qualifications and certifications

  • 2 years of cyber security consulting experience (client facing);
  • CISSP required;
  • Security certifications (CISM, CISA, CRISC, CCISO etc.) are desirable.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

IAM Architect - Consultancy - London

We are working with a global Consultancy who are hiring an IAM Architect to support their enterprise clients implement new IAM solutions.

The candidate should have good knowledge on the SailPoint IIQ, Oracle IAM 11g / 12g product suite with at least 14 years' of experience in IAM field. The candidate should have done 5 to 6 of end to end IAM solution implementation at least one in 11g. As an IAM architect, you should have good exposure to all the Oracle IAM product suite, CA IAM product suite and IBM IAM product suite.

As Identity & Access Management Architect, you will participate in projects at the following levels:

  • Implementation, Design and Architect of complex IAM solutions for large scale customers across various industry verticals
  • Understanding the business requirements in terms of Access and Identify Management
  • Design of the right strategic enterprise solution architecture in terms of application , data and security
  • Collaborate with Infrastructure designers
  • Document the Architecture solution
  • Evaluate the low level design document
  • Supervise and own the solution implementation in terms of install, configure and integration of SailPoint, Oracle IAM 11g / 12g product suite (OHS, Webgate, OAM, OIM, OID), CA IAM Product Suite, IBM ISAM / ISIM, PING Identity Product Suite with in scope target applications.
  • Guide the team in trouble shooting the issues faced during the product implementation.
  • Demonstrate the capabilities in understanding the clients' business environment and map the requirements into IAM solutions and proactively suggest alternatives as and when required

Required Skills

  • Experience inArchitecting, Designing and Implementation of at least two of the following Oracle Identity and Access Management Solutions:
    • SailPoint IIQ
    • Oracle Identity Manager 11g/12g
    • Oracle Access Manager 11g/12g

  • Excellent knowledge and understanding of other IAM products:
  • CA SiteMinder
  • CA Identity Manager
  • IBM Security Access Manager (ISAM)
  • IBM Security Identity Manager (ISIM)

  • Excellent knowledge and understanding ofLDAP concepts and working experience with at least few of the following directories:
    • Oracle Internet Directory/Oracle Virtual Directory
    • Sun Directory Server
    • Active Directory
    • Tivoli Directory Server
    • Novell Directory Server
    • CA Directory

  • Should have the ability to understand customer scenario and requirements (may include integration situations) and be capable of suggesting solutions.
  • Create HLD & LLD documentation
  • Should have good knowledge on current IDM, Strong Authentication and PKI (Public Key Infrastructure) technologies and products
  • Should be familiar with RFI & RFP process and have experience in creating solution response based on RFP needs.

Qualifications:

  • Many years of strong IAM implementation experience
  • Masters in computer science
  • Strong oral, written communications skills
  • Customer Facing Exposure is must
  • CISSP certification is a bonus
  • Open to travel requirements

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Senior CTI Analyst - London

We are working with a leading start up Cyber Threat Intelligence Consultancy who due to consistent commercial wins are expanding. Based in London, the successful candidate will play a key role in gathering information on Cyber threats and turning it into actionable intelligence, enabling clients to better protect themselves.

Tasks will include:

  • Project managing bespoke engagements for clients
  • Shaping client requirements into appropriate outputs at all stages of the intelligence cycle
  • Taking responsibility for overseeing various aspects of our intelligence subscription service
  • Proactively identifying new opportunities to develop our subscription and bespoke services
  • Peer reviewing content produced by team members to enhance the quality of outputs
  • Contributing to the development of our technical collection infrastructure

There will also be considerable flexibility for the right candidate to go beyond this remit and shape the role in the pursuit of the company's goals, in the way they see fit.

Experience

  • Have several years experience in cyber threat intelligence, including experience managing the production of bespoke deliverables
  • Understand the commercial aspects of delivering
  • Be able to use their initiative and understanding to manage their own research efforts, and those of other team members
  • Communicate efficiently, both verbally and in writing. Additional languages are also desirable, especially where specifically relevant to areas of heightened cyber threat
  • Maintain excellent standards in their work and show a high degree of attention to detail
  • Be competent with the Microsoft Office suite.
  • Experience with additional research tools and software related to intelligence collection and analysis is also desirable.
  • Experience with programming in any scripting language is also desirable.
  • Have relevant formal qualifications (i.e. SANS, CCTIM, CISSP)

If you believe this is an opportunity where you can excel and grow personally and professionally then apply within for a confidential chat with one of our Consultants.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Cloud Infrastructure Engineer

Cloud Infrastructure Engineer.

Our client, a global leader and Pioneer for nearly four decades within their market are looking for a Cloud Infrastructure Engineer to join their Cloud & Infrastructure team supporting their migration onto the cloud.

They're looking for an experienced infrastructure engineer with an in depth understanding of cloud services, mainly AWS. This opportunity will require and allow you to utilise your experience with overseeing infrastructure hosted by VMware, AWS and additional cloud platforms. The successful candidate will play a pivotal part in the adoption and transformation to the cloud, whilst supporting the migration to virtual machine in VSphere to AWS or additional cloud platforms. The versatility in this role will require experience working with project teams delivering engineering and operational support.

Required Knowledge and skills:

  • Technical expertise in VMWare vSphere 6.x
  • Expert technical expertise in Storage systems management - NetApp
  • Experience engineering and managing fiber channel SAN environments
  • Strong Linux infrastructure background and hands on exposure to Cloud and automation technologies.
  • Automation experience leveraging tools such as Puppet, Ansible, Salt, or SCCM
  • Professional scripting experience with languages such as PowerShell, Python, and BASH
  • Vendor certifications from VMware, Red Hat, and NetApp are a plus
  • A proficiency in Linux systems administration and server configuration (e.g. CentOS/RHEL)

Desirable Knowledge and Skills:

  • Ansible, CloudFormation or Chef
  • OpenShift
  • ITIL Certifications - Foundation & Service Operations
  • Knowledge / experience of GCP, Azure
  • Server Capacity Management
  • Any Cloud certifications
  • Confluence / SharePoint
  • Hyper-converged platforms such as Nutanix
  • Networking

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

SOC Analyst - Insurance- London

We are working with a leading Insurance group who are looking to add to their Cyber Security capability in London. The SOC Analyst will work closely with the Information Security Officer, Infrastructure team and outsourced MSSP. You will have autonomy and be looked towards to help build the Cyber capability for the UK, with a look forward to building a team in the future.

Key Responsibilities

  • Monitor Security Operations Centre (SOC) generated security events and alerts
  • Perform initial analysis to determine security events and alerts requiring immediate response and escalation
  • Triage confirmed security events and alerts, in coordination with Tier 2 and Tier 3 network and infrastructure engineers, following documented procedures
  • Develop processes and response procedures to improve overall SOC functions
  • Develop, refine, maintain, and regularly test the Incident Response Plan
  • Monitor external data sources to maintain currency of information security threat condition and determine which security issues may have an impact on the enterprise
  • Maintain both internal and external vulnerability scanning tools and report on their findings

Technical Skills

  • Strong understanding of security and network incident response protocols
  • Good understanding of malware, including APT and other emerging threats
  • Strong understanding of information security principles as it relates to system, network, internet security (i.e. ports, protocols, system hardening and system functions analysis)
  • Indicators of Compromise, understanding malware analysis, VA scanners, SIEM tools
  • Sound understanding of networking administration and troubleshooting (e.g. TCP/IP, WAN/LAN and WiFi)
  • Good understanding of firewalls and IDS/IPS systems
  • Good understanding Citrix platform
  • Good understanding of Active Directory
  • Intermediate understanding of virtualization
  • Intermediate understanding of databases (SQL in particular)

Qualifications

  • Desirable qualifications for the role include CompTIA A , CompTIA A , Network , Security , Certified Ethical Hacker (CEH), GIAC, GCIH, CISSP)

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

SOC Analyst

This is your chance to take the next step into a more senior position. Working as an Integral member in my clients SOC you will be able to use SIEM tools to monitor and investigate client's security environments. You will place an emphasis on vulnerability assessments and remediation.

The role

  • Analysis and investigation of alerts from SIEM and AI tools
  • Vulnerability Scanning, reporting and prioritising
  • Utilise Intrusion Prevention solutions to monitor and alert on potential breaches.
  • Creation of custom IPS signature on occasion.
  • Use packet-capture tools
  • Use Threat Intelligence Services to identify potential new threats and develop new mitigation's.
  • Working with customer security teams to detect, contain and eradicate threats.
  • An understanding of Penetration Testing.

  • You will be Analytical, Inquisitive and have a strong passion for Cyber Security.
  • You will have the ability to lead.
  • Have a passion for self development and development of your team.

This is a good opportunity to be involved in one of the fastest growing MSSP's in Central London.

You will have the chance to test and develop your skills whilst mentoring the junior members of the team.

If this role sounds like you then go ahead and apply now.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.