Penetration testing service

• Providing Web, infrastructure and application level penetration testing, including but not limited to COTS software and NOTS/GOTS software (NATO/Government off the Shelf), following clearly defined methodologies;
• Participating in kick-off meetings with stakeholders and technical points of contact in order to identify requirements for testing;
• Following the documented procedures and workflows outlined by the technical leads.).

• Extensive knowledge and experience (at least 3 years) in Web application penetration testing;
• Extensive knowledge and experience (at least 3 years) in assessing security vulnerabilities within OS, software, protocols & networks;
• Ability to evaluate risks and formulate mitigation plans.

Desirable:

• Professional qualifications: OSCP, OSCE, OSWE, GPEN, CREST Certified Web Application Tester, GXPN, GWAPT or equivalent;
• Familiarity with risk analysis methodologies;
• Prior experience of working in an international environment comprising both military and civilian elements).