Penetration Tester / Security Consultant /£40,000 - 45,000 per annum / London
Access Consulting are currently working with an IT Solutions Provider who are seeking a Penetration Tester / Security Consultant to join the team.
Ideally my client is looking for a consultant who is OSCP certified with 2/3 years pen testing experience in a consultancy, however they are willing to pay for the successful candidate to go through the OSCP training labs in the first 6 months of employment.
My client is a Microsoft Gold Partner who have quadrupled in size over the last two years. They create an environment that is designed to help you stay current with all the latest leading edge technologies. They have a long list of technical achievements and are leaders in their field.
Directly reporting to the Security Architect, the successful candidate will have the following responsibilities;
Conduct penetration testing and vulnerability scanning as required
Conducting gap analysis and compliance auditing for the new GDPR regulation and other GRC standards and frameworks;
Operational support for vulnerability management and continuous monitoring systems and incident management procedures;
Work closely with enterprise and security architects, other functional-area architects, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements;
Assist project team's compliance with enterprise and IT security policies, SDLC designs, industry regulations, and best practices;
Contribute to the alignment of security governance with ISO27001 and GDPR compliance and any other
Embrace a culture of continuous service improvement and service excellence;
Good experience with infrastructure & web penetration testing using manual approach and automated tools, such as using Kali, Metasploit, Core Impact, Nessus, Burp Suite, among others.
Knowledge of a broad range of security technologies, including NextGen Firewalls, DLP, IDS/ IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management;
OSCP certification would be an advantage or other Professional Accreditation's such as CREST, SSCP, CISA, CISSP etc
2-5 years in the Information Security industry;
Good knowledge of the Data Protection Act 1998, the new GDPR regulation, and ISO27001;
Experience with logging and alerting platforms, including SIEM integration;/Exp
For the successful candidate who measures up, you will be in for an exciting ride with an organisation that is growing year on year.
For a confidential discussion on the role please apply via the details provided.