Pentester

iSTORM® is a CREST accredited Penetration Testing company based in Stratford upon Avon.

Due to continued growth we are scaling up our operations and wish to recruit a Pentester on a full time basis.

As a penetration tester for iSTORM®, you will be expected to conduct formal tests and simulated attacks on web-based applications, networks, and other types of computer systems on a regular basis.

You will be able to use your technical skills along with industry applications / processes to identify weaknesses and report on the findings. This is a customer facing role and you will be dealing with a range of internal and external clients, it is important that anyone in this role is comfortable with dealing with these clients as well as the technical aspects of the role.

Ideally we are looking for someone who can be office based some of the time but is also happy to work remotely. Culture is an important part of our business and we want you to feel part of the team!

Duties to include but not restricted to:

·Carry out application, network, systems and infrastructure penetration tests

·Review physical security, perform social engineering tests and phishing tests where appropriate

·Evaluate and select from a range of penetration testing tools

·Keep up to date with latest testing and ethical hacking methods

·Create Scope of Works documents for penetration tests

·Deploy the testing methodology and collect data

·Report on findings to a range of stakeholders

·Make suggestions for security improvements

·Enhance existing methodology material

Do you have experience in Scripting?, ·Good understanding of network protocols

·Solid technical skills in both information security architecture and penetration testing

·Project planning skills

·A solid understanding of ethical hacking

·Scripting and programming experience is beneficial

·Ability to explain findings to non-technical professionals

·Excellent report writing and presentation skills

·Customer facing skills

·Able to work independently but also as part of a team

·Work with the engineering manager to develop new products and services

·Outstanding organisational and data analytics skills

·Comfortable working in a fast-paced environment

Qualifications:

·CREST CRT or CREST CCT

·Other recognised security testing certifications such as (CHECK, TIGER, OSCP, GIAC)

Relevant Experience:

·Previous penetration testing experience of systems, web-based applications and networks.

·Solid knowledge and experience of using a variety of penetration testing or threat modelling tools including open source and commercial

·Experience of threat reporting and assessing vulnerabilities

·Scripting skills are desirable