Skip to main content
Ethical Hacker image

Job description

The ethical hacker will be performing penetration testing or vulnerability assessment of web applications, mobile applications, thick clients, and performing code reviews for multi-protocol enterprise systems.

Duties

  • Performing a variety of security testing assignments, including red teaming, infrastructure and applications;
  • Defining the scope for security testing assignments;
  • Managing complex multi-faceted security testing assignments;
  • Developing and quality assuring security test reports;
  • Working with clients to develop appropriate remediation plans;
  • Supporting senior members of staff in the sale of security testing assignments;
  • Providing thought leadership and direction for the Information Security practice on malware, attack vectors and methods to protect against threats;
  • Helping recruit, retain and develop the Information Security team by bringing superior leadership skills;
  • Teaming up with colleagues in other lines of services in support of client needs for Information Security services;
  • Working either as senior subject matter experts in their field and/or manage teams in delivering client excellence.

Requirements and skills

  • Good understanding of Unix, Windows and network security skills.
  • Ability to work both independently and perform as a leader in a team environment.
  • Offensive Security Certified Professional (OSCP), CREST Registered Tester (CRT) or industry equivalent.
  • Degree from an accredited University or equivalent.
  • The following skills are not required from applicants but would be considered a differentiator:
  • CREST recognised penetration testing certification/accreditation (CREST Certified Tester (CCT) or CHECK Team Leader (CTL).
  • Degree in Computer Science, Information Systems, Engineering or related major.
  • Experience developing custom scripts or tools used for vulnerability scanning and identification.
  • Familiarity with threat modelling and security design review methodologies;
  • Support team technical development (e.g. through service development or research) and contribute to company technical processes overall.
  • Experience with red teaming tests, physical security testing, phishing and social engineering techniques.
  • Experience with sales, scoping and client/project management.
  • Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java.

Education

  • Bachelor Degree in Information Technology/Computer Science or 5 years of hands on testing experience
  • The following certification are a plus: OSCP, OSCE, GIAC (GPEN,GWAPT,GXPN,GCIH,GMOB,GSSP), CEH
  • Excellent written and communication skills in English.