Northampton Square, London EC1V 0HB, UK
Robert Walters
An International Investment Bank in London is looking for a Penetration Tester to join their growing team.
About the Penetration Tester Role:
An experienced Penetration Tester based in London to join their application security and penetration testing team.
As a senior team member you will be expected to contribute both on an individual application basis as well as a global strategic basis to raise the application security posture across the organisation. You will be required to identify application security vulnerabilities in a range of technologies including web and mobile through a combination of security assessment techniques: manual penetration testing, code-review, SAST, DAST, IAST. Moreover, you will work collaboratively with development teams to proactively build security within their software delivery pipeline.
Key Accountabilities and Skills required:
Support security assessment coverage across the client
Work with global team and external entities to deliver Security services
Analyse and review security issues identified
Supplement automated assessment techniques with manual security assessment approaches
Communicate security issues identified and mitigation/remediation options to development community
Generation of reports and follow up on issues until closure
Develop and deploy tools, techniques and capabilities to enhance ability to deploy, scan and assess the global estate
Develop automation scripts to enhance and automate the process
Research new and emerging threats, counter controls and technologies affecting various platforms
Innovate in collaboration with security focused development teams to implement and enhance proprietary the client's security technologies
Critical Requirements:
Work independently or lead any size team of application security specialists/penetration testers
Have superior time management and organisational skills to undertake multiple critical supportive and advisory tasks concurrently
Maintain a wide breadth of penetration testing and software security skills to a significant degree of depth
Have a superior ability to articulate technical concepts to non-technical business owners and management
Understand the business context/significance of application security controls and penetration testing findings
Possess an entrepreneurial attitude to excel in loosely defined scenarios
Technical Knowledge:
Strong web application testing/penetration testing/code-review experience
Thorough knowledge of application security assessment techniques and their relative merits, including: SAST, DAST, IAST and manual assessment
Understanding of Application security issues, coding standards, strong communication skills and ability to articulate them to developers and project managers
Understanding of the security mechanisms associated with Applications, operating systems, networks and databases
Awareness of emerging Application Security technologies
Knowledge of multiple programming languages: Objective C, Java(J2EE/Android), C#.NET, C/++/JNI
Experience working with web and mobile development projects as a developer or security subject matter expert
Wider SDL activities such as threat modelling and design review
Familiarity with web application multi-tier architectures and operation
Working knowledge of cryptographic concepts and familiarity with best practice application within a development environment
Demonstrated ability to solve complex technical problems
Able to explain security functionality from first principles
Experience in reverse engineering or dis-assembly
Physical security knowledge and experience is considered beneficial but not require.
With a background in Penetration Testing this area you will be well used to working in a team that delivers results and performs well under pressure.
If you are driven, determined and want to join a company that has the backing of some of the brightest minds in their respective industry then this role is for you.
Apply for this role in London today or call me to find out more.