Penetration Tester


Managing this Role

Matthew Hockey

Associate Consultant - Cyber Specialist 0207 759 7878

Coming from a financial services background, Matt has a clear understanding of the information security compliance processes. Along with his strong passion for up and coming technology, most recently creating a AI chat-bot,  puts him in a unique position to effectively source market leading cyber security candidates.


Seniority: Junior - Mid Level

Job Type: Permanent

Geographical coverage: London

Market: Technical Engineering with Security Operations and Architecture

Web App Penetration Tester

Location: Top Secret | Division: Offensive | Position type: Full Time | Reports to: Security Lead

Want to work for one of the largest financial services corporations as a penetration tester, testing your ability against one of the most formidable security systems in the world?

This is your opportunity to gain experience within a global financial services giant that is looking for experienced (OSCP, CRT, GWAPT) penetration testers to join their world-renowned team. Your focus would be conducting and deploying a range of penetration methods across; internal and external web, mobile and web service applications to find and exploit vulnerabilities.

Opportunity responsibilities:

Code reviews, vulnerability assessments and penetration tests of web/mobile and web service applications.
Create documentation of your findings and communicate them to; application developers and senior management in a non-technical manner.
Utilize automated and manual techniques and tools to uncover security vulnerabilities within the system.

Your skill-set should include:

Previous experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc).
Knowledge of network and Web-related protocols/technologies
Ability to demonstrate manual web application testing experience
Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, Seeker etc.)
Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)
Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM would be advantageous
Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C would be advantageous

Qualifications/ examples preferred:

Burpsuite portfolio
Bachelors degree

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.