Enable job alerts via email!
Penetration Tester
NatWest Group
Gogar
Hybrid
GBP 45,000 - 65,000
Full time
Job summary
A leading financial services company is seeking a Penetration Tester to join their team. You will conduct Web Application tests to identify vulnerabilities and ensure the security of systems. The role involves remote work with some office presence in Edinburgh. Ideal candidates will have certifications in security testing and a strong understanding of common vulnerabilities. Excellent communication skills are necessary for collaboration and reporting.
Qualifications
- Knowledge of one or more security subject areas required.
- Ability to identify and exploit vulnerabilities.
- Excellent communication skills for technical/non-technical audiences.
Responsibilities
- Conduct Web Application and API testing for vulnerabilities.
- Provide accurate reports detailing vulnerabilities' impact.
- Scope and refine requirements for meaningful testing.
- Maintain high skill levels in modern web application security.
Skills
Tools
Join us as a Penetration Tester. Take on a new challenge and use your specialist knowledge to support the wider organisation in building and operating secure services that protect both colleagues and customers. You’ll act as a subject matter expert as a Penetration Tester, this will involve identifying vulnerabilities across the bank’s systems helping to keep our customers, staff, and data secure. You’ll be joining an exciting and fast-paced area of the bank, where you can expect great exposure both for you and your work. You’ll work from home the majority of the time, but you’ll also spend a minimum of 2 days per month working from the Edinburgh office.
As a Penetration Tester, you’ll be responsible for conducting Web Application tests, looking for vulnerabilities with real business impact. NatWest Group have a wide range of systems and services ensuring a variety of test scenarios.
You’ll also be:
- Conduct Web Application and API testing independently and as part of a team for larger projects
- Provide accurate reports with well-evidenced issues demonstrating the full impact of any identified vulnerabilities
- Scope and refine requirements to deliver value for money and meaningful testing
- Offer a high level of service to bank’s internal project teams to assist with getting projects into production securely
- Maintain a high level of skill and keep up to date with vulnerabilities in modern web application systems
- Carry out tests on Networks, Mobiles, Thin Clients, and Cloud
To be successful in this role, you\’ll need knowledge of one or more security subject areas.
Additionally, you\’ll need:
- Experience of OSCP/OSWA or CRT/CSTM or CWES/CPTS or Burp Suite Certified Practitioner
- Demonstrable understanding of the OWASP Top Ten vulnerabilities, how to identify and exploit them
- Familiarity with testing tools like Burp Suite and common bApp store extensions, plus Metasploit, nmap, and Nessus
- Excellent verbal and written communication skills with the ability to adapt for technical and non-technical audiences
- The ability to work independently while recognising when to collaborate or escalate
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
