Penetration Tester
  • United Kingdom London
  • RemoteWorker UK
1 year before
31.01.2024
Protect and Defend
Vulnerability Assessment and Management
Job Description

Penetration Tester Remote (UK) £35,000 - £65,000 The Company: Forward Role are working alongside a UK-based cybersecurity company that provides an innovative vulnerability scanner and management platform to help businesses stay secure. Their platform offers continuous vulnerability scanning and actionable reports that allow businesses to identify, prioritize and remediate security risks in their networks, web applications, and cloud infrastructure. They are now seeking a highly skilled Penetration Tester to join their team. As a Penetration Tester, you will be responsible for performing a variety of tests including web apps, APIs, cloud and external infrastructure to identify vulnerabilities and potential security risks. You will be working on their core service, a vulnerability scanning tool, helping in its development through private bug bouties and security research. You will also be conducting pen tests on our customers, identifying areas of weakness and providing actionable recommendations to improve their security posture. This is a fully remote position open to candidates living in the UK, giving you the flexibility to work from the comfort of your own home. This is a great opportunity to step away from full on consultancy work and have a hybrid role that will keep your brain sharp and engaged. Requirements: Minimum of double digit pen test experience with a focus on web apps, APIs, cloud, and external infrastructure. OSCP, CREST CRT or equivalent certifications. Excellent communication and interpersonal skills. Strong problem-solving skills. Ability to work independently and as part of a team. Benefits include a competitive salary, full medical coverage, and EMI options. Sound good? Apply now As an industry leading, nationwide Marketing, Digital, Analytics, IT and Design recruitment agency, we are continually receiving new assignments to work on, so keep a close eye on our website, Facebook, LinkedIn and Twitter pages for a full list of current permanent and interim opportunities as well as marketplace news and fun stuff. Forward Role is operating as an employment agency.


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0009   Knowledge of application vulnerabilities.
  • K0044   Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0342   Knowledge of penetration testing principles, tools, and techniques.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)

Required Skills
  • S0001   Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • S0051   Skill in the use of penetration testing tools and techniques.
  • S0081   Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
  • S0137   Skill in conducting application vulnerability assessments.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities
  • A0001  Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).