London Jobs |
Manchester Jobs |
Liverpool Jobs |
Nottingham Jobs |
Birmingham Jobs |
Cambridge Jobs |
Glasgow Jobs |
Bristol Jobs |
Wales Jobs |
London Jobs |
Manchester Jobs |
Liverpool Jobs |
Nottingham Jobs |
Birmingham Jobs |
Cambridge Jobs |
Glasgow Jobs |
Bristol Jobs |
Wales Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | Greater Manchester |
Education | Not Mentioned |
Salary | Competitive salary |
Industry | Not Mentioned |
Functional Area | Not Mentioned |
Job Type | Permanent, full-time |
A leading Independent IT Infrastructure and Services Consultancy is seeking an Application Security and Penetration Tester to lead penetration tests for a London based financial services customer. 12 month contract, remote working currently, Inside IR35Must have an excellent understanding of the Secure Software Development Lifecycle having defined and carried out security activities throughout each of the development phases, including activities such as specifying security/logging requirements, security code review (manual and automated) and application penetration testing for multiple clients. The candidate must possess the ability to assess complex designs, understand the security risks and propose suitable mitigation for security weaknesses, whether during the design or implementation phases using a variety of standard techniques. Ability to undertake Assumed Compromise / Internet based attacks, vulnerability identification and remediation efforts. Must be a self-starter and able to engage with stakeholders across the business, liaising with stakeholders to organise and resolve penetration test defects - prioritising vulnerabilities based on outstanding risk severity Qualifications / Experience Highly experienced in Application Security and Penetration Testing. Candidate ideally holds UK CESG CHECK Team Leader qualifications, Candidate would also ideally be CREST Registered Tester, Penetration Testing qualification. BEST Red Team exercises in relation regulation Infrastructure / Assumed Compromise / Application (web mobile) Penetration Testing. OSINT / External perimeter monitoring. Threat Hunting. Identify weaknesses and vulnerabilities within a new application. Carry out Risk Assessment/Triage and remediation of vulnerabilities. Proposed solutions to Head of Technology/Stakeholders (Devops) to facilitate vulnerabilities resolution.Retested / Analysed resultant Risk posture.Managing and executing Penetration Testing engagement.Scope writing. Web Application Testing.Various Web Application penetration tests. Vulnerability Management. Mobile Application Testing (iOS / Android) Infrastructure Penetration Testing both remotely and onsite. API/Endpoint Security Testing. Web Application Penetration Testing. PCI-DSS Web Application Testing Familiarity with OWASP ASVS. Detailed knowledge of Firewalls and Intrusion Detection Systems. Independent, unbiased IA advice and training. Detailed knowledge of TCP/IP protocol suite.