Engineer, Offensive Cybersecurity

· Performing external and internal network vulnerability assessments, penetration tests, and social engineering engagements.

· Creating and conducting technical reviews of various highly detailed cybersecurity testing reports.

· Researching and staying up to date with the latest penetration testing techniques, tools and methodologies.

· Either currently or in the future, perform white box risk assessments and penetration tests of cloud environments (Azure, AWS, GCP)

· Assisting with the development of various scripts, tools, and processes to help automate various pentesting processes.

· Presenting various penetration testing reports to customers and discussing nuanced technical recommendations, with the expectation of leading customer presentations within 3 months.

· Discuss with, collaborate with, and train teammates from the Cybersecurity Red Team around various tools and techniques associated with network penetration testing.

· Managing physical testing appliances (penboxes or security testing appliances). Duties include inventory management, device setup and configuration (scripts have been internally created), and, at times, shipping and receiving.

· Critical and creative thinking to strategize how to add value to customer engagements.

· Ability to self-manage time and commitments.

· Strong attention to detail and well-organized.

· Highly motivated to continuously learn and innovate.

· Excellent verbal communication and written communication skills, especially when communicating complex concepts to non-technical audiences.

· Exceptional spelling and grammar skills for writing and proofreading documents.

· Comfortable scripting in Python, Bash, and PowerShell

· Familiar with Windows, MacOS, and Linux operating systems

· Familiarity and comfortability operating within the Linux operating system.

· A thorough understanding of the OSI model, the functionality of common protocols, and major relevant vectors of exploitation.

· A thorough understanding of the MITRE ATT&CK Framework and the Penetration Testing Execution Standard.

· Familiarity with the fundamentals of heuristic-based threat detection technologies such as IDS, IPS, EDR, XDR.

· Understand basic datacenter, cloud, and virtual networking concepts.

· Value, integrity, and honesty above all else in a non-negotiable way.

· Have a passion for the information security industry and helping people.

· Are capable of managing time efficiently and meeting deadlines with multiple concurrent projects.

· Are able to work within constraints and to challenge the status quo.

· Are able to self-direct work, orient to action, and truly own the position.

· Have a collaborative attitude and mindset with colleagues and team members

· 3+ Years of Penetration Testing Experience (Required)

· 2+ Years of Experience working with a major cloud platform (Azure, AWS, or GCP) (Required)

· Bachelor’s Degree in one of the following areas of concentration: Computer Science, Software Development, Information Technology, Cybersecurity (nice to have)

· Background in physical device management (nice to have)

· Familiarity with web application and API penetration testing (nice to have)

· 2+ Years experience scripting in Python for automation, data science, or cybersecurity purposes (nice to have)

· Hold one or more of the following CREST Certifications (required)

- CREST Registered Penetration Tester (CRT)

- CREST Certified Tester - Infrastructure (CCT INF)

- CREST Certified Simulated Attack Specialist (CCSAS)

- CREST Certified Simulated Attack Manager (CCSAM)

- Practical Network Penetration Tester (PNPT)

- Offensive Security Certified Professional (OSCP)

- Certified Red Team Operator (CRTO)

- Certified Azure Red Team Professional (CARTP)

- HackTricks AWS Red Team Expert (ARTE)

- HackTricks GCP Red Team Expert (GRTE)

- HackTheBox Penetration Testing Specialist (HTB CPTS

-Great annual leave entitlement plus bank holidays

-Gym discount

-Life insurance

-Comprehensive travel insurance for you and your family in line with scheme rules

-Confidential well-being and counselling support

-Competitive compensation

-Commission eligible

-Contributory pension scheme

-Company events

-Private Medical and Dental Insurance

-Fantastic company culture and values