Job Title: Lead Penetration Tester
Reports To: Senior Penetration Tester
Business Unit: Penetration Testing
Location: Remote (or hybrid in Reading office if that’s a preference)
Working Hours: Monday to Friday from 9am until 5pm (with flexibility)

The Role

Are you an accomplished penetration tester/ethical hacker, are you a person that thinks outside of the box, that enjoys testing the security of technology, and most can you explain complex technical issues to a non-technical person so that they understand?

Are you looking to work in an exciting, forward thinking Cyber business where you will have the opportunity to learn and progress in your career through a defined framework?

We have an exciting opportunity for a Lead Penetration Tester with a genuine passion and interest in Cyber Security to join our first-class team. We are looking for individuals that can enhance our team, innovate and help develop others, the business and its client base. You line into a Senior Penetration Tester, but will be expected to be able pickup and manage your own workload independently.

The responsibilities of the role and the skills we look for:

• As a lead, we will expect you to be the main point of contact on multi-faceted projects, responsible for managing the resources allocated to them.
• You will lead, mentor and help to develop a small team of Penetration Testers.
• Day to day you will be performing complex technical security assessments of clients’ information technology systems (including Internal, External, Applications, Hosts, Firewalls, Mobile applications etc.) and related policies and procedures.
• We conduct all our client assessments on a by-project basis with a mixture of remote and onsite, generally within London and the South East, however, on occasion further afield travel maybe required, although limited.
• We believe that individuals in this industry develop different skills at different times. However, the more of the following that you can demonstrate the more likely it is that you will be a good fit for the team and the role.
• You have knowledge of security tools, techniques and methodology frameworks including Metasploit, Kali, Burp Suite and scripting languages.
• Minimum of 2+ years’ experience, with a proven track record of delivering penetration testing services.
• You act as a role model for other members in the team, demonstrating the highest levels of technical competence and professionalism.
• You are a proven team player with experience of working with teams to deliver projects to the end client within budget and timescale boundaries.
• Able to act as a project manager in engagements involving other team members.
• Able to independently carry out scoping and pre-sales work.
• Experience of other test types including iCloud/iOS/Android would be advantageous.
• Client focused with a strong understanding of client needs in terms of testing outcomes, stakeholder engagement, and risk mitigation.
• Good analytical and negotiating skills.
• Superb written and spoken English skills are vital for compiling high-quality reports and liaising with clients.
• You like to pass on your knowledge and mentor less experienced people than yourself.
• You code, or contribute to open source tools that help colleagues and the wider community.
• RedTeam and Social Engineering experience is a plus.

Qualifications and Certifications:

• CREST Registered Tester (CRT-PEN), or TigerScheme Qualified Security Team Member (OSTM).
• Other Industry relevant qualifications such as CSTM, CEH, CSTP, OSCP will be considered.
• Current Check Team Member status is a bonus.
• IASME Cyber Essentials or Cyber Essentials PLUS assessor is also desirable.
• UK Security Clearance, or be eligible to obtain it

Benefits Package

• 25 Days Holiday
• Private Health Care
• Health Cash Plan
• Life Insurance
• Employee Benefits platform
• Employee Assistance Programme
• Supported Training and Professional Development
• Career Progression Framework
• Pension
• A superb working environment and a great, friendly team!
• Remote working

 

Send your CV to careers@falanx.com

Job Title: Penetration Tester
Reports To: Senior Penetration Tester
Business Unit: Penetration Testing
Location: Remote (or hybrid in Reading office if that’s a preference)
Working Hours: Monday to Friday from 9am until 5pm (with flexibility)

The Role

Are you a person that thinks outside of the box?

Do you like to test the security of technology and share your findings with others, and can you explain complex technical issues to a non-technical person so that they understand?

Are you looking to work in an exciting, forward thinking Cyber business where you will have the opportunity to learn and progress in your career through a defined framework?

For our Penetration Tester roles, we are looking for individuals that can enhance our team, innovate, and help develop the business and its client base.

Whether you have some experience penetration testing or have been in the role for a while, then a job at Falanx Cyber could be for you. Falanx are one of the UK’s most successful information security firms catering to SMEs providing outsourced managed services.

We have an exciting opportunity for a Penetration Tester with a genuine passion and interest in Cyber Security to join our first-class team. Falanx Cyber (FC) penetration testers are responsible for the delivery of ‘Assess’ services to Falanx Customers. This includes the delivery of engagements, pre and post-test communications with customers and the generation and delivery of technical reports.

The responsibilities of the role and the skills we look for:

• Working as part of our penetration testing team, delivering engagements for our customers to ensure they are safe and secure.
• Assisting Customers with security related issues.
• Providing comprehensive client reporting and ensuring that all discovered vulnerabilities are reported, along with any commentary to assist the customer’s understanding.
• Continuously seeking to identify potential service / tool improvements which will enhance the delivered services.

 

We believe that individuals in this industry develop different skills at different times. However, the more of the following that you can demonstrate the more likely it is that you will be a good fit for the team.

• Experience as a penetration tester is a massive plus, however, we would consider someone from a similar cyber security background, depending on experience.
• You will have a thirst for knowledge and like to push yourself out of your comfort zone.
• You are good at explaining complex technical concepts to non-technical people so that they understand the issue.
• You are a proven team player with experience of working with teams to deliver projects to the end client within budget and timescale boundaries.
• Direct client engagement experience is a plus.
• You will have a good understanding of networking, multiple operating systems and applications.
• Experience of other test types including iCloud/iOS/Android would be advantageous.
• You enjoy, and have participated in CTF challenges, as well as online learning platforms like Hack The Box, etc.
• You like to pass on your knowledge and mentor less experienced people than yourself.
• You code, or contribute to open source tools that help colleagues and the wider community.
• You are a budding social engineer that is not afraid to roll up their sleeves and get stuck into phishing, vishing, OSINT and physical intrusion projects.
• You can create or manipulate exploits to the benefit of the test you are assigned.

Qualifications and Certifications:

We do not place formal qualifications requirements on this role, we understand how time consuming and costly badges can be in this industry. However, as with skills, any qualifications are desirable.

• A BSc degree (or equivalent) in a technical discipline
• Microsoft or Cisco Professional Certification related to Security
• CREST Practitioner Security Analyst (CPSA), CREST Register Tester (CRT-PEN), or TigerScheme Qualified Security Team Member (OSTM)
• Other Industry relevant qualifications such as CEH, CSTM, CSTP, OSCP, OSCE will be considered
• UK Security Clearance, or be eligible to obtain it
• Programming Certifications
• Security industry relevant experience (PCI DSS, ISO 27001)

Benefits Package

• 25 Days Holiday
• Private Health Care
• Health Cash Plan
• Life Insurance
• Employee Benefits platform
• Employee Assistance Programme
• Supported Training and Professional Development
• Career Progression Framework
• Pension
• A superb working environment and a great, friendly team!
• Remote working

Send your CV to careers@falanx.com