Penetration Tester

Penetration Tester (infrastructure)

Job Summary
A large security services organisation is looking for Penetration Testers who want to progress professionally to the next level. You would be joining a team committed to protecting communities, businesses, and some of the critical infrastructures of the UK. You will be tasked with carrying out a variety of security assessments mostly remote but with the occasional travel to client sites. Tasked with conducting structured programs of security testing, consultancy and research, you will also be required to deliver detailed reports that highlight engagement outcomes, risk assessments, and remediation priorities.

Required experiences:
This role requires a person who can demonstrate the following capabilities:

• Cyber Scheme Team Member (CSTM) or Crest Registered Penetration Tester (CRT)
• Demonstrate infrastructure testing experience
• Knowledge of Cybersecurity practices, threat and vulnerability management and incident response methodologies.
• Windows Operating systems and Active Director experience
• Be able to exploit common vulnerabilities across a windows operating environment including on prem and cloud architectures.
• BS/BA degree or equivalent experience.
• Minimum 5 years UK residency.
• Full driving licence.
• Must hold a minimum of security clearance.

Preferred experiences:

• Relevant security qualifications, for example OSCP, Crest CRT, OSEP, CCT INF
• Knowledge of at least one of the following programming languages: PowerShell, Python, Ruby, Perl, C, C++, C#, Go, or Java.
• Agile experience and knowledge of the common frameworks is highly desired.
• Knowledge of Windows/Linux/Unix/Mac operating systems
• OS and software vulnerability and exploitation techniques.
• Knowledge of Check Penetration Testing methodology and hold either (CSTM or CRT) or have the ability to attain this within initial 6 months of undertaking this role.
• Working knowledge of commercial and open-source offensive security tools for reconnaissance, scanning, exploitation, and post exploitation (eg Metasploit, Burp Suite, Nmap).
• Networking fundamentals including (all OSI layers, protocols and network services).
• Knowledge of common Active Directory attacks and the ability to articulate in written and verbal form; steps to reproduce and take corrective actions.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.