Expert Penetration Tester
This is a rewarding career that requires experience as an expert penetration tester. The ideal candidate will drive simplification and velocity in delivery through disciplined execution focus.
You'll join a high-performing team, working with talented individuals who are customer-obsessed. They prioritise the needs and satisfaction of the customer above all else.
Key Responsibilities:
* Provide penetration testing services to a wide range of products and services, identifying security weaknesses and exposures that pose a risk to the enterprise.
* Work with project stakeholders to identify assets and define test scopes by evaluating the breadth and depth on which testing should take place based on varying factors.
* Execute penetration tests, either in a team or individually, to identify vulnerabilities and weaknesses that could impact bank systems; including testing of web applications, mobile applications, web APIs, Infrastructure, Cloud technologies, and hardware.
* Triage vulnerabilities and justify risk in alignment with common vulnerability scoring systems, considering the environment and context.
* Work with larger technical programs across the organisation to understand and construct testing requirements;
* Assist with other offensive security activities within the team and self-manage security testing projects from end-to-end.
Requirements:
* Passion for security and ethical hacking, always looking for new tools and techniques to learn about - channelling this passion into penetration testing.
* Proven experience working in a similar role, ideally within a large complex organisation.
* Collaborative approach - enjoy working in a team of like-minded professionals, always looking to work with, learn from, and share knowledge to those around you.
* Understanding of the importance of clearly communicating vulnerabilities and their potential impacts - utilising your written and verbal communication skills to excel at this.
* Experience testing various technologies and platforms, including but not limited to; Web applications, web APIs, mobile applications (iOS, Android), network and server technologies, cloud services (AWS, Azure), and hardware;
* Experience writing and conveying complex security findings through reports;
* Undergraduate degree in technical field (Computer Science, Software Engineer, Cyber Security);
* Standard Industry certifications such as OSCP, CREST (CRT, CCT) or equivalent.