Cyber Security Tester

Vacancy Name Cyber Security Tester
Vacancy No VN596
Employment Type Full-Time
Location York
Type of Vacancy Permanent

About Redcentric

Redcentric is a leading managed service provider with a rich end-to-end solution portfolio covering the spectrum of Connectivity, Cloud, Collaboration and Cyber Security, designed and delivered by our own highly skilled teams from our privately owned, UK based multi-million pound infrastructure.

Redcentric has annualised revenues in excess of £150million, more than 650 highly skilled employees serving over 2000 customers across the UK.

With the IT landscape in constant evolution, Redcentric is built around today\'s modern IT challenges offering application, collaboration, infrastructure, network and IT security services. Learn more about what we do on our website www.redcentricplc.com.

Redcentric is seeking a skilled and enthusiastic Cyber Security Tester with a high degree of customer focus to work within our busy Cyber Security Division. The main focus of the role is to deliver highly technical and effective security engagements through hands on systematic and innovative testing. The Security Tester will be responsible for leading teams on client engagements as well as working on their own.

This role is ideal for an experienced tester who combines technical delivery with a strong and demonstrable ability to translate technical issues into clear business related impact. Ideally the individual will be working towards CREST Certified Web Application Tester or CREST Certified Infrastructure Tester or equivalent.

We pride ourselves on our expertise in technical information assurance, as such the candidate must have a high level of technical ability and share our passion for information security. The individual will be experienced within the delivery of manual based security testing and combined with their problem solving abilities, the output from a range of tools and their own knowledge of networking and systems, be capable of finding vulnerabilities that would or could not be identified by automated tools.

Exceptional customer service and putting the client at the heart of everything that we do is integral to the way we do business. As such the candidate will have a strong customer focus and naturally go the extra mile.

The individual will also have the ability to understand the consequence and relative importance of findings within the context of the system under test. They will be able to understand the broader threat environment and using this knowledge articulate findings and key risks, clearly and concisely. The individual will be able to deliver key messages to different audiences, from technical development teams to senior non-technical management teams. Due to the nature of the role you must be able and willing to undergo Security clearance to SC level and be willing to travel as required to client sites within the UK at times unsupervised.

All Security Tester roles at Redcentric require a high degree of technical knowledge and the successful candidate will be required to develop their knowledge within the role. The key aspects of this include:

• Deep understanding of technical security testing (see technical ability and knowledge)
• Ability to adapt to fast changing priorities and retain focus
• Excellent time management, communication, presentation, negotiation and decision making skills
• Excellent verbal and written communication, and presentation skills with the ability to interact with technical and non-technical groups
• Strong report-writing skills and the ability to articulate findings and key risks, clearly and concisely, within a given format

Technical Ability and Knowledge

• Proven history in the delivery of manual penetration testing (Application and Infrastructure)
• A solid understanding of TCP/IP and networking concepts
• Extensive knowledge in the testing of Web-based applications
• Knowledge or experience of security build reviews for all common operating systems (e.g. Windows, Redhat, Solaris)
• Comfortable with programming in one or more languages
• Deep knowledge of databases, including security considerations and database hardening techniques
• Solid technical understanding of web applications, including web server design and implementation

The successful Cyber Security Tester will have the following skills/experience:

• 1 - 2 years successful Cyber Security Testing experience
• Identify vulnerabilities through systematic and innovative testing
• Understand consequence and relative importance of findings within the context of the system under test
• Understand the broader threat environment
• Able to discuss technical issues with both business and technical audiences
• Identify, articulate and deliver key messages to different audiences, from technical development teams to non- technical management teams
• Articulate findings and key risks, clearly and concisely, within the given report format
• Professionally deal with difficult situations, such as conflict, and achieve effective resolution
• Develop positive working relationships with internal and external customers

The ideal candidate will be able to demonstrate the following skills, attributes and experience:

• Responsible for own conduct in a professional manner with all client interaction, in line with Redcentric\'s Customer Service Standards
• Responsible for internal QA of reports and documentation as required
• Responsible for assisting with the delivery of security testing engagements as directed
• Responsible for the delivery of bespoke security testing, as directed
• Responsible for the delivery of technical and non-technical presentations to clients as required
• Responsible for the creation of reports to agreed format and quality standards
• Excellent organisational and time management skills
• Responsible for proactive identification of suitable research and development opportunities
• Responsible for undertaking personal development activities as agreed and in line with training and development plan
• Where agreed, responsible for the development of exploits, tools, creation of white papers and delivery of conference presentations
• Responsible for maintaining and updating all internally required management information systems
• Ability to work on own initiative, under pressure and meet deadlines
• Actively maintain technical certifications and to continually develop new skills in emerging technologies either by self-study or attending company funded training sessions

The company\'s standard hours of work are 9.00am - 5.30pm with one hour for lunch, Monday to Friday, however due to the nature of the role, flexibility will be required. Whilst it is anticipated that the role will be remote, hybrid working from a Redcentric office is certainly an option if geographically convenient for the individual.

to be considered for this role you must be eligible for SC Clearance.