Penetration Tester

About Us

Integrity360 is one of Europe's leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With four top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients' security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services.

What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on technical expertise and that philosophy remains today. The skills and experience in our company are some of the greatest in the industry and clients remain with Integrity360 because they can rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services.

Job Role / Responsibilities

This position is responsible for performing all forms of complex technical security assessments of clients' information technology systems (including the Internet, Intranet, Applications, Hosts, Firewalls, Mobile applications etc.) and related policies and procedures. Communication in both written and verbal forms, including training courses, workshops, consultations with clients and formal reports. These assessments are conducted on a by-project basis, ranging between one and three weeks per project, and will occasionally be done at the client site. This role is also required to conduct ongoing research in the IT security arena and regularly assisting in the sales process.

Primary Duties/Responsibilities include:

• Perform security reviews of architecture and application designs, as well as application source code reviews

• Perform mobile, complex application, infrastructure, as well as social engineering assessments and penetration testing

• Exploit vulnerabilities to gain access, and expand access to remote systems

• Document technical issues identified during security assessments

• Assist with building, hardening, and maintaining systems used for penetration testing

• Research cutting edge security topics and new attack vectors

• Assist with improvements for Integrity360's security services, including the continuous enhancement of existing methodology and reporting formats, as well as training collateral

• Communication of findings/innovations internally, to colleagues

• Represent Integrity36 at international events, forums or training events

• Demonstrate the ability to be an industry expert

• Mentor team members

• Solid experience in information security

• Industry experience working in Dev/Admin/Engineer field

• Industry experience working in Information security field as a penetration tester

• Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, Java, Python or Ruby

• Strong Unix, Windows and networking security skills

• Familiarity with general application and network security concepts

• Excellent communication skills

• Manual penetration testing experience above and beyond running automated tools

• Experience developing custom scripts or tools used for vulnerability scanning and identification

• In depth networking knowledge (MPLS, BGP, OSPF, IPv6, TOR)

• Understanding of development frameworks

• Broad understanding of hosting /cloud environment

• Broad understanding of SIEM & Defensive Technologies.

• Understanding of Security Auditing tools

• Ethical hacking experience

• Intrusion prevention experience

• Report writing experience

• Presentation skills

• Scripting/coding, sys admin or networking experience

• Understanding of programming methodologies

• Understanding of quality management and project management principles

• Knowledge of advance cloud architecture

• CHECK Team Leader or equivalent

• IT related degree or certificate

• One of the industry leading qualifications (OSCP, CREST, OSCE, OSWP)