PenTester (Remote) - WebApp
Full time
at Cyber Search Partners
in
Online
Posted on January 15, 2025
Job details
Penetration Tester (Web/API)
- Please note: this role requires you to be UK-based already with full right to work and live in the UK
- Salary up to £50k base + benefits
- Perform formal and comprehensive application and other penetration testing assessments where appropriate and required;
- Provide well-written, concise, technical and non-technical reports in English;
- Perform vulnerability/attack surface assessments and provide findings with remediation actions;
- Support with various client pre-engagement interactions, including scoping activities and proposal drafting;
- Manage and deliver penetration testing project activities within strict deadlines;
- Research new technologies, security topics and vulnerabilities within the wider team to identify new vulnerabilities and follow responsible disclosure;
- Coach and mentor Graduate and Junior penetration testers where appropriate;
- Support the Marketing team with the development of content (including, but not limited to: Blogs, Social Media Posts, and Articles) to help raise the profile of Penetration Testing and other services;
- Support the QA process to ensure high quality client reports are delivered in accordance with applicable Service Level Agreement (SLA);
- Any other appropriate job duties in line with the associated skill and experience of the post holder.
- Proven industry experience in web/API/mobile/thick client application penetration testing;
- Deep knowledge of various Operating Systems and network principles.
- Strong understanding of OWASP, PTES and MITRE ATT&CK framework;
- Knowledge of how modern solutions are designed and deployed across different platforms;
- Ability to program or script in your preferred language.
- Relevant security qualifications (such as OSCP, CREST CRT, OSWE, CCT APP);
- Experience leading penetration testing projects and acting as a lead technical point of contact.
- Knowledge of assessing cloud and/or hybrid environments (AWS and Azure);
- Knowledge of performing source code reviews in a language of your preference and expertise;
- Knowledge in preparing and launching social engineering campaigns;
- Involvement in previous research projects, tool development and training delivery.
- Excellent spoken and written communication skills with strong attention-to-detail and accuracy;
- A passion for security and networks;
- Analytical and problem-solving skills with a can-do attitude and the ability to think laterally;
- Self-motivation with a commitment to continued development;
- Ability to work independently and as part of a team;
- Influencing and negotiation skills with the ability to build relationships at all levels;
- Willingness to learn.
- 25 days annual holiday;
- An additional day’s annual holiday for your birthday;
- Company Pension contribution;
- Generous uncapped bonus scheme;
- Subsidized gym membership;
- Perkbox employee benefits platform;
- Frequent team events;
- Private Healthcare (individual cover only);
- Financial support to study for and achieve additional penetration testing qualifications;
- Additional Learning Allowance Benefit;
- Flexible working policy.
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
