Cyber Security - Ethical Hacker (ID: giahArnD)

Cyber Security/Ethical Hacker- Infrastructure, Delivery, AWS, penetration testing, Terraform, SC Cleared

A fantastic long-term opportunity for a SC cleared Ethical Hacker has become available with one of our clients within the public sector. Working as part of a multi-talented team within a digital environment, you will be delivering web application tests of our digital services whilst performing infrastructure penetration tests of traditional IT systems

Focused on delivering cloud security configuration reviews centring on AWS and infrastructure as code reviews
Contribute to the delivery of new capabilities (eg, specialist system assessments, or purple team exercises working alongside the Cyber Defence team)
Build and improve the tools, processes and training within the team to ensure quality tests and improve efficiency
Contribute to the continual improvement and automation of the team's capabilities and processes

Essential:

• Experience delivering penetration testing of:
• web-based services
• cloud services and underlying infrastructure
• traditional IT infrastructure
• The ability to conceive, plan and execute sophisticated attack vectors
• The background knowledge to recommend corrective action or other mitigations
• Good analytical skills to understand the implications of security threats
• Good verbal and written communication skills
• The drive and desire to ensure business and technical risks are clearly communicated
• Experience using tools such as BurpSuite, and the suite of tools within Kali
• Experience developing and/or reviewing source code, especially within a Linux and Python environment

Desirable:

• Recognised certifications (eg, CRT, OSCP) in the field of penetration testing. If you do not have these you will be required to demonstrate your level of skill in other ways
• Experience working within a software development team and environments with frequent change
• Living on the land experience working within a wider variety of environments with different compliance and regulatory requirements, for example, PCI-DSS systems or CAF-assessed networks
• Working in an Agile environment as part of a multidisciplinary team
• experience reviewing cloud infrastructure configurations and infrastructure as code

This role is working on a hybrid model with multiple locations available

Active SC Clearance is required for this role

Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply.