The Security Tester will work within 7 Elements’ busy technical team delivering hands on manual based security testing. The main focus of the role is to deliver highly technical and effective security engagements through hands on systematic and innovative testing. The Security Tester will be responsible for leading teams on client engagements as well as working on their own.
This role is ideal for an experienced tester who combines technical delivery with a strong and demonstrable ability to translate technical issues into clear business related impact. Ideally the individual will be working towards CREST Certified Web Application Tester or CREST Certified Infrastructure Tester or equivalent.
We pride ourselves on our expertise in technical information assurance, as such the candidate must have a high level of technical ability and share our passion for information security. The individual will be experienced within the delivery of manual based security testing and combined with their problem solving abilities, the output from a range of tools and their own knowledge of networking and systems, be capable of finding vulnerabilities that would or could not be identified by automated tools.
Exceptional customer service and putting the client at the heart of everything that we do is integral to the way we do business. As such the candidate will have a strong customer focus and naturally go the extra mile.
The individual will also have the ability to understand the consequence and relative importance of findings within the context of the system under test. They will be able to understand the broader threat environment and using this knowledge articulate findings and key risks, clearly and concisely. The individual will be able to deliver key messages to different audiences, from technical development teams to senior non-technical management teams.
· Deep understanding of technical security testing (see technical ability and knowledge).
· Ability to adapt to fast changing priorities and retain focus.
· Excellent time management, communication, presentation, negotiation and decision making skills.
· Excellent verbal and written communication, and presentation skills with the ability to interact with technical and non-technical groups.
· Strong report-writing skills and the ability to articulate findings and key risks, clearly and concisely, within a given format.
Technical Ability and Knowledge
· Proven history in the delivery of manual penetration testing (Application and Infrastructure).
· A solid understanding of TCP/IP and networking concepts.
· Extensive knowledge in the testing of Web-based applications.
· Knowledge or experience of security build reviews for all common operating systems (e.g. Windows, Redhat, Solaris).
· Comfortable with programming in at least one of the following, C/C++, Java, Visual Basic, Python and Ruby.
· Deep knowledge of databases, including security considerations and database hardening techniques.
· Solid technical understanding of web applications, including web server design and implementation.
Salary dependent on experience and additional benefits will include pension and generous holiday allowance.
If you share our vision and can deliver to the highest standard, we’d be delighted to hear from you. To apply please send a copy of your CV to [email protected]