Senior Security Penetration Tester

Senior Security Penetration Tester
Contract
**Outside IR35**
Leicestershire (3 days per week on-site)
3-months+
£525.00 - £540.00 per day
ASAP Start

Overview

An exciting opportunity has arisen for an experienced Senior Security Penetration Tester to join an Information Security function on an initial 3-month contract.

The successful candidate will be responsible for conducting comprehensive penetration testing across networks, infrastructure, web and mobile applications, helping to identify and remediate security vulnerabilities before they can be exploited. Working closely with the wider security team, you will simulate real-world attack scenarios, produce detailed risk assessments and provide practical recommendations to strengthen the organisation’s security posture.

Key Responsibilities

• Plan and carry out testing of networks, computer systems, web/mobile applications or infrastructure to expose weaknesses in security.
• Work with the wider Information Security team to determine requirements from the testing.
• Simulate security breaches to test a system's relative security.
• Create and implement new penetration testing methods, scripts and tools.
• Check for gaps in security that could occur from human error, for example inadequate password policies or login permissions, and advise on best practice to minimise risk.
• Create reports and recommendations from your findings, including the security issues uncovered and level of risk.
• Advise on methods to fix or lower security risks to systems.
• Present your findings, risks and conclusions to management and other relevant parties.
• Consider the impact your 'attack' will have on the business and its users.
• Understand how the flaws that you identify could affect a business, or business function, if they're not fixed.
• Carry out training for users to minimise future security risks.
• Maintain formal testing program that detail test plans, test requirements, expected and actual outcomes.

Key Requirements

• At least 3+ years of penetration testing experience.
• Previous experience covering one or more of the following domains: external network, internal network, web application, mobile application testing, red teaming and social engineering.
• An understanding of operating system and networking fundamentals, and underlying principles.
• Development and/or source code review experience.
• Microsoft Azure security review experience.
• Experience of scoping penetration tests.
• Holding at least one or equivalent certification - Security+, OSCP, CISM, CISSP, ECSA, CREST, CRT, CCT.

Senior Security Penetration Tester