Security Testing Consultant

  • Salary: GBP40000 - GBP60000 per annum
  • Location: London, England, United Kingdom
  • Job Type: Full time
  • Company: JCW Search

An Information Security and Risk Management company in London are looking to hire a Security Testing Consultant to provide security vulnerability assessment and penetration testing.

Responsibilities:

  • Identify, exploit and document security flaws and vulnerabilities with attack simulations on multiple projects working against specific client focused scopes of work.
  • Ability to flow from black box to grey box to white box tests dependent on client needs.
  • Ability to test a variety of client form factors and technologies based on scopes of work.
  • Ability to solve complex technical problems and articulate to non-IT personnel.
  • Ability to effectively provide technical risk assessment of technologies in networks applications, wireless, social engineering, code reviews and war dialling.
  • Ability to perform vulnerability assessments and penetration testing, utilizing tools commercial and open source tools.
  • Perform, review and analyse security vulnerability data to identify applicability and false positives.
  • Research and develop testing tools, techniques, and process improvements.
  • Create risk based security code reviews (static & dynamic.)
  • Conduct penetration testing in line with Open Web application Security project.
  • Mentor junior engineers to build their skills and contribution levels.
  • Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.
  • Support company through the testing and evaluation of new technologies and security controls.
  • Assist and support Risk Factory Security Staff as they perform vulnerability, network and network security assessments.
  • May require the performance of other essential functions depending upon work location or assignment.

Required Knowledge:

  • Knowledge and understanding of basic information security principles.
  • Knowledge of security best practice guidelines, (ISO 17799, NIST, OWASP etc.)
  • Relevant professional experience including working knowledge of the following.
  • TCP/IP, HTML, XML, CGI, Python, Perl, Java, Java Script, C++, C#. .Net, networking including IP classes, subnets, multicast, NAT.
  • WINS, DNS, and DHCP, Network troubleshooting.
  • Microsoft OS, Active Directory and Server technologies.
  • Encryption cracking tools
  • Password cracking tools
  • Remote access methods.
  • Backup and disaster recovery methodologies.
  • Patch management technologies and processes.
  • Wireless protocols and services.
  • Variety of testing tools such as: Paros, WebScarab, Burpsuite, Nessus, Appscan,
  • Familiarity with UNIX a plus.

Required Skills:

  • Design and testing experience related to security.
  • Experience with security issues in large scale networks.
  • Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software.
  • Ability to grasp new technology concepts, quickly and assist others in understanding them as well.
  • Senior-level documentation and project management skills.
  • Ability to work in a team environment and interact with people.
  • Strong verbal, communication and technical writing abilities.
  • Project management skills.
  • Possess strong leadership, coaching and mentoring skills.
  • Occasional travel, possibly air travel.
  • Ability to meet pressured deadlines and time constraints.

Education, Training & Experience:

  • Computer Security, Computer Science or Technical degree equivalent. (GIAC, CEH.)
  • Five+ years information security technology experience.
  • Five+ years' computer and network security experience.
  • Five+ years' experience managing client projects.
  • Five+ years' information consulting experience.

  • Risk Management, Regulatory Compliance & Audit Recruitment
  • Visit us at our website www.jcwresourcing.com