Web App Penetration Tester
Location: Top Secret | Division: Offensive | Position type: Full Time | Reports to: Security Lead
Want to work for one of the largest financial services corporations as a penetration tester, testing your ability against one of the most formidable security systems in the world?
This is your opportunity to gain experience within a global financial services giant that is looking for experienced (OSCP, CRT, GWAPT) penetration testers to join their world-renowned team. Your focus would be conducting and deploying a range of penetration methods across; internal and external web, mobile and web service applications to find and exploit vulnerabilities.
Code reviews, vulnerability assessments and penetration tests of web/mobile and web service applications.
Create documentation of your findings and communicate them to; application developers and senior management in a non-technical manner.
Utilize automated and manual techniques and tools to uncover security vulnerabilities within the system.
Your skill-set should include:
Previous experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc).
Knowledge of network and Web-related protocols/technologies
Ability to demonstrate manual web application testing experience
Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, Seeker etc.)
Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)
Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM would be advantageous
Qualifications/ examples preferred:
Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.
Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.
PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.