Junior Penetration Tester

Control Risks is looking to hire several Junior Penetration Testers to support the security engineering team of a Fortune 50 client of ours. The successful candidates will help build out and develop testing plans, as well as action penetration tests to ensure the security of the clients programs.

• Conducting high quality application penetration tests independently, or as part of a team.
• Creating detailed engagement test plans and thoroughly documenting findings, gaps, and remediation recommendations.
• Contributing to team tooling, innovation, and improvements.
• Communicating and collaborating with partner teams, service owners, Information Security, and senior leadership to influence and prioritize the resolution of discovered security findings.

Requirements

Basic Qualifications

• Entry level – aptitude for but no years of specialized experience in penetration testing or experience responding to advanced threat incidents for large enterprises as a member of an incident response team.
• Bachelor’s degree in computer science or related field, or equivalent industry experience.
• Experience in penetration testing or related offensive security role.
• Experience with security engineering practices, including web application security, network security, authentication and authorization protocols, cryptography, automation, and other software security disciplines.
• Experience with interpreted or compiled languages, preferably Linux.
• Experience with threat modeling, design review, or other threat analysis techniques.
• Knowledge of cloud service providers and their offerings.

• Two years specialized experience in penetration testing or experience responding to advanced threat incidents for large enterprises as a member of an incident response team.
• Advanced degree in Computer Science or related field
• Experience with dynamic and manual code auditing to identify security issues.
• Experience with network / full stack penetration testing in cloud environments.
• Experience in developing security tooling and automation.
• OSWE/OSCP/CCSP/CISSP certification

Benefits

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
• We operate a discretionary bonus scheme that incentivizes, and rewards individuals based on company and individual performance
• Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.