Senior Security Consultant (Penetration Tester)
Integrity360 is the largest specialist IT security consultancy in the country. We secure the networks, infrastructures and information of some of the leading companies in both Ireland and the UK. We are passionate about what we do, so too must be any of our new recruits. Integrity360 is currently expanding at a rapid rate – could you be the newest member to our team? We are fun and dynamic and believe in constant learning and development. Progression is a typical buzz word within the organisation. #Whatsthecatch
This is a technical role with Integrity360 where you will be working within a team of security consultants who are designing, implementing and supporting security solutions to the Integrity360 customer base. You will be primarily responsible for providing vulnerability assessments, network, application and mobile penetration tests and red team services to customers and will also deliver security auditing and reporting on various customer systems such as servers, workstations, firewalls, routers, Active Directory, databases and web servers.
The successful candidate will be able to perform the following tasks:
- Perform a broad range of complex penetration tests that demonstrate an analytical and systematic approach
- Write good technical test reports in English.
- Communicate penetration test results to both technical and non-technical audiences, facilitating collaboration between stakeholders where necessary
- Scope penetration tests accurately, allocating resources and ensuring personal compliance with relevant legislation and standards
- Work autonomously and under general direction, delivering accurate technical results in accordance with a scope and test plan
- Apply knowledge of configuration errors, vulnerabilities and coding flaws to create and execute a series of tests to validate the security of a system or product
- Influence peers and customers by delivering presentations, papers and reports
- Mentor junior team members
- Possess a good understanding of technology and actively maintain awareness of developments in the penetration testing and information security fields
- Participate in technical and/or professional development activities beyond their own team, sharing knowledge with colleagues to improve the penetration testing service
Fanatical customer service isn’t just something we offer, it’s really what makes us who we are here at Integrity360. It’s the desire to do more than our clients expect us to do. Exceed their expectations. It’s our need to make a difference in the challenges our clients face – no matter how big or small. We have found that when it comes to customer service, a little fanaticism goes a long way.
Driving excellence through all our behaviours and actions to deliver an enhanced experience for our internal and external customers.
The successful candidate will embody excellent customer service skills as a fundamental basic or their core skillset. All candidates will be asked during the recruitment process to demonstrate a time when they delivered a customersService experience that could be described as fanatical.
What you will bring to our clients:
The role will entail providing accurate assessments of a clients’ requirements, development and presentation of proposed services, delivery of testing services and clear unambiguous reporting of findings to the customer. There is also a requirement for effective interaction with other members of the team and customers to collectively provide solutions to technical issues and (where appropriate) mentor other staff members.
- Strong inter-personal skills, especially in handling contacts of all types and at all levels.
- Strong written, verbal and presentation skills
- Maintain a detailed knowledge of own area of expertise, including awareness of current developments.
- Develop an awareness, and in some cases detailed knowledge, of areas outside own area of expertise as appropriate.
- Take innovative approaches to problem solving and devise creative solutions.
- Convey a level of confidence and professionalism, positively influencing and persuading others to take a course of specific action when there is no direct command.
- Provide mentoring and management of junior staff on projects, supporting staff development.
The role requires flexibility and the ability to work extra hours when the business calls for it.
- The prospective candidate will be expected to participate in on-going technical certifications for the benefit both of the business and for self-development.
- Travel (national and international) may be required as part of this role, and as such a clean driving licence and access to a car are essential.
What you will bring to us
The following qualities will be necessary for the role:
- Five years in a penetration testing role with experience of multi sector organisations
- The ability to demonstrate a dynamic interest in solving technical issues; analytical ability to break down problems into constituent parts; flexibility to handle several technical issues simultaneously.
- To show an active interest in the area of information security and to be an active member of the InfoSec community
- The ability to communicate well and demonstrate a good understanding of customer issues together with the aptitude to develop a natural empathy with customers in relation to their business requirements.
- The ability to work in a team environment and on your own initiative and the desire to work on escalated issues from other team members.
- Experience with the following tools: Linux, Python, Perl, Burpsuite/ZAP, Nmap, Nessus, Qualys, Metasploit.
- Knowledge of the OWASP Top Ten vulnerabilities
What would be nice to have:
- Information security certifications:
- oOffensive Security Certified Professional (OSCP)
- oCyber Scheme Team Member
- oTiger Scheme Qualified Security Team Member
- oCREST Registered Tester
- oISC2 Certified Information Systems Security Professional (CISSP)
- oBCS Chartered IT Professional (CITP)
- oMembership of British Computer Society (MBCS)
- oGCHQ Senior Penetration Tester
- Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE
- Vulnerability and threat management experience
- Experience with various security tools and products (Fortify, AppScan, etc.)
- Good understanding of the components of a secure DLC/SDLC
- Vulnerability analysis and application reversing skills
- Understanding of cryptography principles
What we will provide for you:
- Opportunity to gain experience and knowledge in a key field of expertise
- Exposure to many sectors like Financial Services, and the SME sector
- Further educational and training to enhance your skillset
- We empower you to make your own Information Security or IT history by working with some of our market leading clients
- A team of highly experienced technology and security professionals to work with and support you.
- A leadership team who have a worthwhile mission and who excel at that mission.
- A chance to work with one of the market leaders in Information Security companies (Winner of the AIB Enterprise of the Year Award 2013, Nominated for EY, EOY 2015)
- A company that is going from strength to strength with significant growth plans that we are achieving.