Job description

Perform internal assessments remotely without the need for an onsite engineer utilising SecureGateway which is delivered as either an appliance or downloadable VMWare image Join The Pentest People Team Here at Pentest People, we’re often on the search for new individuals to join the team. Our consultant team is full of likeminded people that all share a passion for cybersecurity and more specifically ethical hacking. If you’ve recently finished higher education, looking for an apprenticeship or even a complete change in career then take a look at our vacancy. Pentest People are a CREST accredited company and a Check Service Provider for its Penetration Testing services and have also attained the NCSC Cyber Essentials andCyber Essentials Plus, as well as being placed on the G-Cloud framework. Pentest People are also certificated to ISO:9001 and ISO:27001. We Have Many Employee Benefits Why Should You Join The Pentest People Team? Exciting & Thrilling Work Working with Pentest People allows you to explore the world of ethical hacking, one that is constantly changing with new technology and techniques. Social & Enjoyable Team We pride ourselves on the team we’ve built at Pentest People and offer a very relaxed and social work environment. Career Development Its one of our primary objectives to train and develop members of the team, allowing you to develop your skills through your time at Pentest People. Security Consultant - Non Graduates Job type: Full time Location: Leeds offices Description: Pentest People are looking for enthusiastic security consultants to join our fast-growing consultancy, based in Leeds. A typical day in the life of a security consultant would involve testing applications/infrastructures and assisting sales with scoping and writing reports. We are looking to speak to security consultants, cybersecurity graduates or those with relevant work experience. Pentest People cover a wide range of services from applications (web, mobile, API), infrastructure, social engineering (phishing, vishing, physical intrusion) and cloud testing. We offer consultants the opportunity to test over all areas but typically specialise in one. Bonus points for bringing vulnerable applications or virtual machines that you have created yourself to the interview! Be creative, show us something that you are interested in... It should be noted that an excellent level of written English is absolutely essential for this role. Responsibilities: Performing Penetration Tests Writing High Quality Reports Scoping Work Client Interaction Cultural & work environment Your diary will be constantly changing in a high paced work environment. In non-covid times, infrastructure testers are likely to be travelling regularly around the UK and sometimes abroad. Some travel is also required for application specialists. You will be offered support from all consultants, and you will be expected to do the same once you have experience. Love talking about the latest vulnerabilities, showing off new tools that you have created, and an endless supply of memes? You will fit in well at Pentest People. Profiles: Already work in security? This is what we expect your profile to look like. Experience in one, or both of the following areas: Application Testing Fluent with burp suite professional An understanding of core networking protocols (TCP/IP, UDP, SSH, FTP etc.) Confident with creating basic CRUD (create, read, update, delete) style applications using HTML, CSS, Javascript and any preferred backend language. Ability or willingness to learn scripting in one or more of the following languages: Ruby,Python, Go Excellent written skills CTM/CTL desirable Infrastructure Testing Proven experience with Windows/Linux Operating systems and applications Experience with specific testing tools such as nmap/metasploit/kali linux suite of tools etc Understanding of networking including subnets Willingness to learn enumeration and exploitation techniques as part of a network security assessment Excellent written skills CTM/CTL desirable Currently, work in technology but no experience penetrating testing? This is a non-exhaustive list of profiles that we look for. You are still expected to have good working knowledge of security practice and principles in your specialist area. Application Testing Web Developers Software Developers DBA Infrastructure Testing Sys Admins Infrastructure Engineers Security Analysts Don’t work in technology but want to change careers? We are willing to consider applicants with no previous technology experience or entry-level roles. These candidates are expected to be able to demonstrate a high aptitude of knowledge in either infrastructure or application technologies and a desire to learn. OSCP is one way to achieve this.