Our Client is the largest specialist IT security consultancy in the country. They secure the networks, infrastructures and information of some of the leading companies in both Ireland and the UK. Their team is expanding all the time even though they take a very long time in matching new individuals to the company ethos. They are passionate about what they do, so too must any new recruits. Our Client is currently expanding at a rapid rate – could you be the newest member to their team? They are fun and dynamic and believe in constant learning and development. Progression is a typical buzz word within the organisation.
This is a technical role with our client where you will be working within a team of security consultants who are designing, implementing and supporting security solutions to our client's customer base. You will be primarily responsible for providing penetration testing services of technology infrastructure to customers and will also deliver security auditing and reporting on various client systems such as firewalls (network, database and web application), content delivery systems, content filtering, and authentication systems.
What you will bring to our clients:
The role will entail providing accurate assessment of a client’s requirements, development and presentation of proposed services, delivery of testing services and clear unambiguous reporting of findings to the customer. There is also a requirement for effective interaction with other members of the team and customers to collectively provide solutions to technical issues and (where appropriate) mentor other staff members.
- Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our clients
- Review and define requirements for information security solutions
- Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
- Participate in Security Assessments of networks, systems and applications
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
- Liaise with customers and define testing requirements and parameters, documenting an effort estimation, terms of engagement and final report.
- Present findings and recommendations to clients
The role requires flexibility and the ability to work extra hours when the business calls for it.
- The prospective candidate will be expected to participate in on-going technical certifications for the benefit both of the business and for self-development.
- Travel (national and international) may be required as part of this role, and as such a clean driving license and access to a car are essential.
What you will bring to us:
The following qualities will be necessary for the role:
- Three years in a Penetration Testing role with experience of multi sector organisations
- The ability to demonstrate a dynamic interest in solving technical issues; analytical ability to break down problems into constituent parts; flexibility to handle several technical issues simultaneously.
- To show an active interest in the area of information security and to be an active member of the InfoSec community
- The ability to communicate well and demonstrate a good understanding of customer issues together with the aptitude to develop a natural empathy with customers in relation to their business requirements.
- Strong report writing capability and the ability to adapt your writing style to different audiences
- The ability to work in a team environment and on your own initiative and the desire to work on escalated issues from other team members.
- Experience with at least two of the following tools: Python, Perl/Ruby, Burpsuite/ZAP, Linux, Nessus, Qualys, Nexpose. • Knowledge of the OWASP Top Ten vulnerabilities
What would be nice to have:
- CISSP, CISA, CEH, OSCP or other information security certifications
- Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE • Vulnerability and threat management experience
- Experience with various security tools and products (Fortify, AppScan, etc)
- Good understanding of the components of a secure DLC/SDLC
- Vulnerability Analysis and application reversing skills
- Understanding of Cryptography principles
What They will provide for you:
- Opportunity to gain experience and knowledge in a key field of expertise
- Exposure to many sectors like Financial Services, and the SME sector
- Further educational and training to enhance your skillset
- They empower you to make your own Information Security or IT history by working with some of our market leading clients
- A team of highly experienced technology and security professionals to work with and support you.
- A leadership team who have a worthwhile mission and who excel at that mission.
- A chance to work with one of the market leaders in Information Security companies (Winner of the AIB Enterprise of the Year Award 2013, Nominated for EY, EOY 2015)
- A company that is going from strength to strength with significant growth plans that They are achieving.