Consultant Penetration Tester

We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including OT, IT, web applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial approaches, excellent communication skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture.

Responsibilities:

• Lead and manage complex penetration testing engagements, applying a threat intelligence-led approach.
• Execute advanced tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, informed by current threat landscapes.
• Develop and maintain test and execution plans based on threat intelligence analysis.
• Identify and prioritize assets based on criticality and exposure to threats.
• Plan and schedule testing based on threat assessments and client needs.
• Produce detailed reports with technical findings, business impact, and remediation recommendations.
• Communicate complex security concepts and threat insights to diverse audiences.
• Collaborate with client teams to improve security protocols and remediate vulnerabilities.
• Track remediation progress and update stakeholders regularly.
• Conduct security research and contribute to technical content on emerging threats and attack techniques.
• Enhance security monitoring capabilities by providing insights into offensive techniques.
• Drive patching efforts prioritizing threats and potential exploits.

Experience and Skills:

• At least 5 years in penetration testing with emphasis on adversarial tactics and threat intelligence.
• Understanding of OT and IT assets, technologies, and security best practices within the threat landscape.
• Knowledge of network protocols, cryptography, vulnerabilities, and attack vectors.
• Proficiency with penetration testing tools and threat intelligence analysis methodologies.
• Experience in executing complex, threat-informed penetration tests.
• Excellent communication skills for technical and non-technical audiences.
• Strong organizational skills to manage multiple engagements.
• Current CREST CRT certification or higher is required.
• Eligibility for SC Clearance.
• Experience with Breach Attack Simulation tools, Vulnerability Management, and cloud environments (AWS, Azure, GCP).
• Knowledge of Risk Management frameworks and ISO 27001.
• Additional certifications such as CISM, CISSP, ECSA, CREST CCT are advantageous.

About Us:

We’re a global company empowering local teams with exciting work that impacts the world. Our portfolio includes consulting, applications, cloud, and infrastructure services. We foster an inclusive environment that values mutual respect, accountability, and continuous learning, supporting diversity through various Inclusion Networks.

What We Offer:

We provide benefits supporting your wellbeing, ongoing learning opportunities, and flexible work options. More about NTT DATA UK & Ireland can be found on our website. We are committed to diversity and inclusion, guaranteeing interviews for applicants with disabilities who meet minimum role requirements, and providing reasonable adjustments during recruitment. Join us in building a diverse and empowered team.