Enable job alerts via email!
Penetration Tester
NatWest Group
City of Edinburgh
Hybrid
GBP 100,000 - 125,000
Full time
Job summary
A leading banking institution is seeking a skilled Penetration Tester to identify vulnerabilities across their systems. You'll conduct Web Application and API testing, provide structured reporting on vulnerabilities, and maintain high security standards. This role offers a flexible remote work arrangement, with occasional office presence required in Edinburgh. Ideal candidates possess expertise in security testing tools and a deep understanding of web vulnerabilities.
Qualifications
- Knowledge of security subject areas.
- Experience with web application testing.
- Demonstrated ability to report vulnerabilities.
Responsibilities
- Conduct Web Application and API testing independently.
- Provide accurate reports on identified vulnerabilities.
- Scope and refine testing requirements.
Skills
Tools
Join us as a Penetration Tester
- Take on a new challenge and use your specialist knowledge to support the wider organisation in building and operating secure services that protect both colleagues and customers
- You’ll act as a subject matter expert as a Penetration Tester, this will involve identifying vulnerabilities across the bank’s systems helping to keep our customers, staff, and data secure
- You’ll be joining an exciting and fast-paced area of the bank, where you can expect great exposure both for you and your work
- You’ll work from home the majority of the time, but you’ll also spend a minimum of 2 days per month working from the Edinburgh office
As a Penetration Tester, you’ll be responsible for conducting Web Application tests, looking for vulnerabilities with real business impact. NatWest Group have a wide range of systems and services ensuring a variety of test scenarios.
You’ll also be:
- Conduct Web Application and API testing independently and as part of a team for larger projects
- Provide accurate reports with well-evidenced issues demonstrating the full impact of any identified vulnerabilities
- Scope and refine requirements to deliver value for money and meaningful testing
- Offer a high level of service to bank’s internal project teams to assist with getting projects into production securely
- Maintain a high level of skill and keep up to date with vulnerabilities in modern web application systems
- Carry out tests on Networks, Mobiles, Thin Clients, and Cloud
To be successful in this role, you\'ll need knowledge of one or more security subject areas.
Additionally, you\'ll need:
- Experience of OSCP/OSWA or CRT/CSTM or CWES/CPTS or Burp Suite Certified Practitioner
- Demonstrable understanding of the OWASP Top Ten vulnerabilities, how to identify and exploit them
- Familiarity with testing tools like Burp Suite and common bApp store extensions, plus Metasploit, nmap, and Nessus
- Excellent verbal and written communication skills with the ability to adapt for technical and non-technical audiences
- The ability to work independently while recognising when to collaborate or escalate
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
