Job description

Overview

As a Penetration Tester you will perform formal and comprehensive penetration testing assessments, including producing full written reports to appropriate standards and within agreed deadlines. In addition, you will support with client pre-engagement activities, including scoping and proposal drafting, as well as researching application and infrastructure vulnerabilities, following responsible disclosure, and sharing such findings within the team.

Responsibilities

Please note that as part of this role, a dedicated period of time per month working US hours (09:00 – 17:00 EST) will be required.

Perform formal and comprehensive application, infrastructure and other penetration testing assessments where appropriate and required;

Provide well-written, concise, technical and non-technical reports in English;

Perform vulnerability assessments and provide findings with remediation actions;

Support with various client pre-engagement interactions, including scoping activities and proposal drafting;

Manage and deliver penetration testing project activities within strict deadlines;

Research application and infrastructure components within the wider team to identify new vulnerabilities and follow responsible disclosure;

Assist in scoping calls and discussions with customers to ensure that client needs are met;

Any other appropriate job duties in line with the associated skill and experience of the post holder.

Skills and experience required

Proven industry experience in application penetration testing;
Strong understanding of OWASP, PTES and other penetration testing methodologies;
Strong knowledge in testing mobile applications (iOS/Android);
Knowledge of how modern web apps are designed, developed and deployed across different platforms;

Strong knowledge in preparing and launching social engineering campaigns;
Ability to program or script in your preferred language;
Relevant security qualifications (such as OSCP, CREST CRT);
Good knowledge and understanding of network and OS principles;
Good knowledge of various operating systems;
Good knowledge of virtualisation.

Personal Attributes

Excellent spoken and written communication skills with strong attention-to-detail and accuracy;
A passion for security and networks;
Analytical and problem-solving skills with a can-do attitude and the ability to think laterally;
Self-motivation with a commitment to continued development;
Ability to work independently and as part of a team;
Influencing and negotiation skills with the ability to build relationships at all levels;
Willingness to learn.

Benefits

25 days annual holiday (UK and US)/21 days privilege leave (India)
An additional day’s annual holiday for your birthday
Company Pension (UK)/Provident Fund (India)/401k (US) contribution
Subsidized gym membership
Perkbox employee benefits platform
Frequent team events
Private Healthcare (individual cover only)
Learning Allowance Benefit – a reimbursable benefit of £100 per annum (or equivalent) for you to spend towards your personal career development
Flexible working policy

Bulletproof

YOUR BEST DEFENCE AGAINST CYBER THREATS

Bulletproof’s innovative cyber security & compliance services are the best way to stay ahead of the hackers, manage risk, and protect your critical business data. Bulletproof’s core belief is driving innovation through our range of services to deliver true value. We operate in the UK market as Bulletproof, and internationally via our sister brand Target Defense.

Bulletproof’s services are split across three core areas:

Cyber Security
Data Protection
Information Security

Key to our success is our friendly and knowledgeable staff, across service delivery and internal teams. We deeply value our team and make sure everyone’s experts in their individual disciplines, holding relevant qualifications and certifications.

Please note that as part of the recruitment process a criminal records check will be carried out by an authorised third party.

Required profile