Source Technology

Source Technology London, UK
19/10/2018
Full time
Senior Penetration Tester - West London - £65k A British telecommunications company is currently looking for a Senior Level Penetration Tester to join their technical team. As a Penetration Tester you will play a key role in protecting key information assets as well as being responsible for conducting various security assessments, educating the business on the inherent risks and providing hardening and mitigation strategies As a member of the Information Security team, the Penetration Tester will be required to be a thought leader within selected information security practices, have proven experience in development and maintenance of security operations, and have a strong understanding of technology risks with an ability to identify mitigating controls. Job responsibilities: Web-based and mobile application penetration tests Network penetration tests Logical security audits Hands-on technical security evaluations and remediation advice Develop subject matter expertise in application security, wireless security or database and development security Assignments & Skills: The ability to perform and manage application security assessments Penetration testing Data leakage Network and system forensics Testing the design and effectiveness of security controls of Internet systems, networks and applications. Team Overview: IS Security is responsible for Threat Assessment and Incident Response for the company's Technology Infrastructure. In addition the team is responsible for the development and compliance maintenance of Policies, Standards and business cases to manage the risks posed to the company technology. The department is also responsible for ensuring Programme delivery is compliant against these standards and Policies through project consultancy. Key responsibilities: Performing penetration tests and vulnerability assessments on company assets and where necessary 3rd Parties. Web Application Penetration Testing -End User Environment Performing application security penetration and vulnerability testing against applications. Testing a diverse range of Applications, Devices and systems. Manual Web App testing for SQL injection, XSS, CSRF, Broken Auth & Session Management, Buffer overflows, OWASP top 10 etc. Mobile Application Security testing of Android & IOS Devices Work with developers. Have a direct impact on projects and applications. Identify issues and enhance security. Respond to cutting edge threats facing the business. Simulate real life Hacking attacks Performing research as necessary on reported issues and emerging risks to identify best-practice solutions. Recommending and scoping technical solutions not already in place in addressing security vulnerabilities. Acting as a coach and mentor to other team members, sharing knowledge associated with tools and practices utilised for data leakage protection, vulnerability assessments, and risk remediation. Participate in the leadership and on-going research and development of a penetration testing lab and processes. Provide value added, high impact IT and security consulting services to the diverse business. Candidate requirements Essential: 5+ years of experience performing network, web / application and wireless penetration testing including exploitation. Technical certifications such as: OSCP, OSCE, GWAPT, GPEN, GCIH, CISSP, CISA, CISM, CEH. CISSP or CISMP or equivalent Demonstrable skills in common types of penetration testing such as web/application and infrastructure testing, wireless network testing, VoIP, firewall rule set review. Hands-on experience with software security testing and common testing tools like Appscan, WebInspect, Fortify, etc Experienced with tools such as Burp/Paros/Proxy tools, nmap, Nessus, Metasploit, Backtrack, Kali, SQL Ninja and various hacking tools. Experience with penetration testing frameworks Ability to do manual penetration testing/validation and not rely on automated scanners. Desirable: CHECK, CREST, TIGET SST PCI/DSS Reverse engineering, binary analysis, antivirus avoidance, and exploit development. Advanced understanding of security architecture and related components. Advanced understanding of Application Security and techniques to mitigate threats in application code and functions. Proven experience across consultancy, service provider and end user environments. Location: West London Salary: £65k Apply with your CV to be considered.
Source Technology Cheltenham, UK
19/10/2018
Full time
Senior Penetration Tester - up to £100k An exciting, well established and market leading Security consultancy are looking for experienced Penetration Tester with a deep passion for Information Security to join their growing team. This awards winning provider of cyber security, compliance, infrastructure and incident response services to organisations globally always go the extra mile to provide clients with an excellent security service experience. As a senior member of the team, you will be delivering security consulting engagements of various types, e.g. penetration tests, security architecture and configuration reviews, PCI-DSS assessments, etc. A Senior Penetration Tester is expected to keep up to date with the latest IT Security developments, news and attack techniques and to ensure the wider team receive and understand this knowledge. There will be a requirement to lead small to medium projects and to help mentor Junior Penetration Testers and Security Consultants. A Senior Penetration Tester must work towards attaining upper level industry certification such as OSCP, OSCE, CREST CCT, CREST CSAM and CREST CSAS, for which the company will provide training, development and support. Requirements Demonstrably strong skills and experience in several of the following: Infrastructure penetration testing Web application penetration testing Mobile penetration testing (iOS, Android, Windows Phone) Social Engineering, Open Source Intelligence Gathering, Phishing Firewall ruleset and configuration review Server and workstation secure build configuration review Strong social, presentation, written and English speaking skills. OSCP/OSCE, CREST CCT or equivalent level of IT security related certification. An ability to lead, teach, present and inspire the wider team. Tasks & Responsibilities The following list is indicative of the overall expectations of the role): Deliver penetration testing and other related security audit activities. To perform kick off calls, wash up calls, email responses and debrief for each assigned engagement. To help develop client relationships and to provide professional consultative-style engagements. Write full and thorough reports for each engagement that show quick and constant improvement, based on comments from QA and peers. Verse themselves in a wide variety of IT security skills. Willingness to mentor Junior Security Consultants and Security Consultants where appropriate. To assist in Security Testing related activities, providing technical assessment of scope, principal security concerns and testing methodology to Account Manager, including face-to-face meetings when requested. Location: Home based, CHeltenham, London, Cambridge Salary: Up to £100k
Source Technology Surrey, UK
19/10/2018
Full time
CHECK / CREST Penetration Testers - UK Home Based Due to continued success, a well established security consultancy are seeking to recruit Penetration Testers to fill new positions within their growing security testing team. The roles consists of a mix of External Network, External Web Application and Internal Network Penetration Testing skills and ideally you will specialise in one of these areas but have a good working knowledge of all three testing types. The role is fully home based with travel to client site when required and periodic days in the office, maybe 1 day every 3 months. As it's a fully home based role you will need to be experienced and ideally be certified with either CREST or TigerScheme and / or hold CHECK status. With complete autonomy in the role, you will be responsible for working your own hours etc and as long as the tests get done on time and the reports are of a good standard then you will be your own boss. Exploit development, vulnerability research projects and custom testing tools/script creation is fully encouraged by the company and where needed dedicated time will be allocated of these types of activities. Excellent opportunities on hand to develop skills, to grow, learn from colleagues and to nurture new members of the team as they aim to double our delivery capability over the next 12 months to meet with growing demand. Mandatory requirements: Must have one or more of the following certifications: CHECK Team Member / Leader Must have a good level of experience with either Internal Infrastructure Testing or Application Testing Valid SC Clearance or ability to obtain it Anyone who is also a QSA / ISO 27001 auditor is a bonus but first and foremost is an experienced & qualified penetration tester. Salary is flexible with the package including; car allowance, health plan, company pension and a workload related bonus for qualified individuals.
Source Technology London, UK
19/10/2018
Full time
Penetration Tester - Home based A very well-established and highly regarded security consultancy are currently looking for penetration testers to join their team. This is the perfect opportunity for someone to continue to develop their skills in penetration testing and career in security. This security consultancy offer independent expert advice and pragmatic solutions to help clients meet their transformation challenges with confidence and are looking for penetration testers to join their vibrant security testing team providing a wide range of penetration testing services including network and application penetration tests. Working as a Penetration Tester, you will be responsible for providing IT Security Testing against a Client's nominated IT targets, including IT infrastructures, mobile devices, applications and web sites. You'll be proving expert testing and remediation advice to clients, making a direct impact on the risk of an attack on their systems. This will give you the opportunity to deal with a variety of clients across virtually all industry sectors with a requirement for wide range of security assessments You will play an integral role in a team of passionate penetration testing experts, as well as senior IT consulting experts within the group Your Responsibilities Will Include: Undertaking and delivery of internal and external IT Security Testing of a Client's nominated IT targets, to include but not limited to IT Infrastructures, mobile devices, applications and web sites. Respond to client requests, helping to solve client problems and needs using your skills, knowledge and up to date technology Scoping testing activity and ensure that testing activity defined in these scopes are delivered to the highest standards. Delivering assignments securely on time within budget to client satisfaction. Carrying out all assignments in a professional manner to ensure accurate results and recommendations Explanation of the output of an assignment to both technical and non-technical clients. This can be as a formal stand up presentation, written communication/report or a verbal report. Skills and experience: Prior experience in penetration testing Web app, infrastructure, mobile or wireless penetration testing Industry recognized certification such as CREST, TigerScheme, Cyber Scheme or OSCP is hugely beneficial. Location: Home based with travel to client site Salary: Negotiable
Source Technology London, UK
19/10/2018
Full time
Blockchain Developer - Startup Blockchain Developer sought by an exciting and innovative Tech startup based in London. This is a fantastic opportunity for an experienced developer who has had some professional exposure to Blockchain projects who wants to continue to grow in this space. You will be joining a bright, growing team to help revolutionise the online gaming space. As a Blockchain Developer you will be required to demonstrate skills ideally in both Solidity and web3.js, but also have good fundamentals in Javascript. Some prior experience in Python, Go, node.js or C++ will also be adventitious. This opportunity not only holds excellent potential for rapid career progression, but also allows a step into a growing business at ground level. A Developer who is passionate about delivering high quality results, keen to work in a highly collaborative, startup environment and who is highly motivated and open minded to problem solving and technology is sought. Ideal Skills: Javascript fundamentals Experience writiting smart contracts in Solidity web3.js Python/Go/node.js/C++ advantageous Start date: ASAP Contract: Permanent Location: London Interview times: ASAP
Source Technology Sussex University, Refectory Rd, Falmer, Brighton BN1 9QU, UK
16/10/2018
Contractor
My client based in West Sussex is actively looking for a mechanical design engineer to join their team for a 12 months contract with the view to be extended further. The right candidate they are ideally looking for must have experience with the following skills: Catia V6/V5 Tolerances Fabrications Actuators Structural Sheet Metal Materials Complex Systems Looking to interview ASAP with immediate start Thanks, Cam