Penetration Tester - London, United Kingdom - Infoplus Technologies

Infoplus Technologies

Verified Company

London, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Job Description:
Penetration Tester

Mandatory Certifications:
OSCP or CREST or both

Responsibilities:

As a penetration tester, you'll need to:

Understand complex computer systems and technical cyber security terms
Work with clients to determine their requirements from the test, for example, the number and type of systems they would like testing
Plan and create penetration methods, scripts, and tests
Carry out remote testing of a client's network or onsite testing of their infrastructure to expose weaknesses in security
Simulate security breaches to test a system's relative security
Create reports and recommendations from your findings, including the security issues uncovered and level of risk
Advise on methods to fix or lower security risks to systems
Present your findings, risks and conclusions to management and other relevant parties

- consider the impact your 'attack' will have on the business and its users

Understand how the flaws that you identify could affect a business, or business function, if they're not fixed.
Demonstrates extensive expertise in information security, penetration testing, and engineering practices
Present written findings to teams, providing details of the vulnerabilities discovered recommended remediation steps
Analyze, disassemble, and reverse engineer code to discern weaknesses for exploitation
Document technical issues identified during security assessments and incidents and write reports
Follow up on implementation of corrective actions from assessments and incidents
Research security threats and attack vectors
Be creative in approaches to solving problems
Independently plan and execute penetration tests that maximize the learning opportunity and value of those tests without putting the business at risk
Work with Development Managers to prioritize and execute remediation plans
Networks and infrastructures
Windows, Linux, and Mac operating systems
Embedded computer systems
SCADA (supervisory control and data acquisition) control systems
Internet of Things (IoTs).
Physical security assessments
Conducting security audits
Analyzing security policies
Writing security assessment reports