- Vulnerability & penetration testing, Qualys, Nessus, AWS, Azure, Windows, Linux
About Our Client
Our client is a global media group offering consultancy services. They are keen promoters of Diversity, Inclusion, and Mental Health. There are a number of initiatives set up by the client to help drive a collaborative and positive working culture.
Penetration Tester - Cyber Security Consultant - Media Responsibilities
- Plan and execute qualitative penetration testing against business applications (Web, API, Mobile and Workstations), networks, infrastructures (On premise, AWS and Azure) leveraging a blend of manual and automated techniques.
- Conduct Cloud security configuration reviews (Azure and AWS)
- Support the development of statement of works documents for penetration testing engagements both scheduled and ad-hoc, across both application and infrastructure estates.
- Produce post-test reports and conduct QA reviews of other people's reports prior to issue.
- Conduct infrastructure and application vulnerability research, scanning and assessment using both tooling and manual techniques, and provide support to product, developers and infrastructure teams in order to understand prioritise and remediate vulnerabilities that are discovered.
- Undertake threat modelling for e.g. zero-day exposures including impact analysis, working with the business and technology teams to build and action prioritised remediation plans as required
- Work with the development squads to implement application security testing into their development pipelines either via waterfall or continuous integration/development (CI/CD)
- Help to create and maintain operational process documentation such as report templates or playbooks.
- Provide technical advice and guidance on penetration testing and vulnerability assessment to stakeholders across the organisation.
The Successful Applicant
Penetration Tester - Cyber Security Consultant - Media Skills/Experience
- A strong understanding of the security fundamentals of a modern business.
- Experience of planning and executing penetration tests against a diverse range of applications and infrastructures running both on-premise and in-cloud, across multiple platforms including AWS, Azure, Windows and Linux
- Demonstrable knowledge of penetration testing frameworks such as OSSTMM, OWASP and NIST 800-115
- Experience in deployment and/or operation of infrastructure and application vulnerability management solutions such as Qualys and Nessus.
- Knowledge of application development (DevOps) custom and practice
What's on Offer
Penetration Tester - Cyber Security Consultant - Media
Based primarily in London with some remote working offered
Competitive salary based on experience