Web & Mobile App Penetration Tester

18 Feb 2021
18 Mar 2021
JN -022021-167563
Simon Wilcox
Contract Type
Full Time
Application Security and Penetration Testing Role - required to lead penetration tests for a financial services organisation

Must have an excellent understanding of the Secure Software Development Lifecycle having defined and carried out security activities throughout each of the development phases, including activities such as specifying security/logging requirements, security code review (manual and automated) and application penetration testing for multiple clients.

The candidate must possess the ability to assess complex designs, understand the security risks and propose suitable mitigation for security weaknesses, whether during the design or implementation phases using a variety of standard techniques. Ability to undertake Assumed Compromise / Internet based attacks, vulnerability identification and remediation efforts.

Must be a self-starter and able to engage with stakeholders across the business, liaising with stakeholders to organise and resolve penetration test defects - prioritising vulnerabilities based on outstanding risk severity Qualifications / Experience * Highly experienced in Application Security and Penetration Testing.

* Candidate ideally holds UK CESG CHECK Team Leader qualifications, enabling them to lead penetration tests for UK HMG, MOD and Telecoms/Financial/Commercial clients
* Candidate would also ideally be CREST Registered Tester, Penetration Testing qualification.
* BEST Red Team exercises in relation to telecoms regulation.
* Infrastructure / Assumed Compromise / Application (web mobile) Penetration Testing.
* OSINT / External perimeter monitoring.
* Threat Hunting. * Performed Mobile/Web and API testing for new jaja finance credit card application during development process.
* Identify weaknesses and vulnerabilities within a new application.
* Carry out Risk Assessment/Triage and remediation of vulnerabilities.
* Proposed solutions to Head of Technology/Stakeholders (Devops) to facilitate vulnerabilities resolution.
* Retested / Analysed resultant Risk posture.
* Managing and executing Penetration Testing engagement.
* Scope writing.
* Web Application Testing.
* Various Web Application penetration tests.
* Vulnerability Management.
* Mobile Application Testing (iOS / Android)
* Infrastructure Penetration Testing both remotely and onsite.
* API/Endpoint Security Testing.
* Web Application Penetration Testing.
* PCI-DSS Web Application Testing
* Familiarity with OWASP ASVS.
* Detailed knowledge of Firewalls and Intrusion Detection Systems.
* Independent, unbiased IA advice and training.
* Detailed knowledge of TCP/IP protocol suite.

Spring Technology acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Spring Group UK is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Spring. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.

Apply for Web & Mobile App Penetration Tester

Already uploaded your CV? Sign in to apply instantly


Upload from your computer

Or import from cloud storage

Your CV must be a .doc, .pdf, .docx, .rtf, and no bigger than 1MB

4000 characters left

You are about to register with the Adecco Group UK & I as a candidate. During your registration, we will collect and use information about you to make available our services and maintain our relationship with you. Our Privacy Information Statement explains how we collect and use information about you and the rights you have.

Where you choose to give us so called sensitive information* other than where we ask for it, by giving us that information, you agree that we may use it in the way set out in the Privacy Information Statement.

* This is information that gets special protection under our privacy laws. It is information about your race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, genetic or biometric details, sex life and details of any criminal convictions or similar you may be subject to.

♦ The business of the Adecco Group UK & Ireland is transacted via a number of differently branded trading entities, as follows: Adecco UK Limited, Adia Technology Limited, Modis International Limited, Badenoch and Clark Limited, Ajilon (UK) Limited, Office Angels Limited, Penna plc, Pontoon Europe Limited, Roevin Management Services Limited, Spring Technology Staffing Services Limited.

Similar jobs

More searches like this

Similar jobs