Share this Job

Senior Ethical Security Tester

Date: 21-Jun-2022

Location: Malvern, England, GB

Company: QinetiQ

Role- Senior simulated attack specialist

Able to lead engagements, managing customer expectations, whilst managing the workflow other testers assisting in the assurance exercise. You will be required to achieve UK security clearance.     

 

Technical capability

  • Ability to use basic tools such as NMAP, Nessus and Burp Suite.
  • Can interpret results of scanners and suggest next steps to investigate potential vulnerabilities.
  • Can assess operating systems for simple vulnerabilities.
  • Lead CHECK and non-CHECK engagements and supervise CTM's and Associates 
  • Lead a team of testers on engagements, acting as primary customer contact, and holds responsibility for the conduct and actions of the team.
  • Will be tasked for independent research in support of EST operational work.
  • Can document and suggest recommendations for identified vulnerabilities for EST reporting.
  • Responsible for engagement and publication of test reports
  • Trusted to scope and estimate effort for upcoming engagements
  • Provide career guidance and mentoring for junior team members
  • Support principles in delivery of EST Services
  • Propose and deliver research projects across a broad technical footprint

 

Knowledge

  • Understand computer network (including TCP/IP) fundamentals and common high level protocols
  • Understanding of operating systems
  • Understanding of web application technologies
  • Understanding of protocols and communication sequences expected for a number of technologies (e.g. DNS server, network devices).
  • Understands laws and legal frameworks for Penetration Testing
  • Can provide technical support for High Assurance engagements under the direction of the engagement or technical lead.
  • Advanced knowledge of issues and vulnerabilities related to both Infrastructure and Applications.
  • Can Lead on individual technical elements of High Assurance engagements

 

Experience

  • 3+ years in Penetration Testing, focussing on Infrastructure and Applications.

 

Qualifications

  • CREST Certified Tester (CCT) (Infra) or
  • CREST Certified Tester (CCT) (Apps) or
  • TIGER Senior Security Tester (SST) (Infra) or
  • TIGER Senior Security Tester (SST) (Apps)
  • CyberScheme Team Leader (CSTL Inf)
  • CyberScheme Team Leader (CSTL App)
  • CTL 
  • Additional qualifications in Cloud, SCADA/OT would be desirable

 

 

Please note that all applicants must be eligible for SC clearance as a minimum.

UKSV National Security Vetting Solution: guidance for applicants - GOV.UK (www.gov.uk)

Why join QinetiQ?

As we continue to grow into new markets around the world, there’s never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation and having the courage to take on a wide variety of complex challenges.

You’ll experience a unique working environment where teams from different backgrounds, disciplines and experience enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you’ll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in an diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Read more about our diverse and inclusive workplace culture here.  

Joining QinetiQ offers you an opportunity to work on a broad range of interesting defence-based projects with vast career progression across a global organisation in addition to competitive personal and professional benefits.  You’ll receive a highly competitive salary and benefits package: our basic salaries are very attractive as we constantly review what’s happening in the market. The range of benefits that we offer include, adaptive and flexible working, generous holiday entitlements, Health Cash Plan, Private Medical Insurance and Dental Insurance and much more. 

About QinetiQ

As a company of over 6,000 dedicated professionals, we are a world-centre of excellence in research and development and act as a catalyst for fast-track innovation, offering outstanding experimentation facilities, and technical, engineering and scientific expertise. QinetiQ is made up of dedicated experts in defence, aerospace, security and related markets, all working together to explore new ways of protecting what matters most. Being part of QinetiQ means being central to the safety and security of the world around us. Partnering with our customers, we help to save lives; reduce risks to society; and maintain the global infrastructure on which we all depend. Come and find out how you can play a role.

Please note that many roles in QinetiQ are subject to national security vetting. Applicants that already hold the appropriate level of vetting may be able to transfer it upon appointment, subject to approval. A number of roles are also subject to restrictions on access to information that mean factors such as nationality, previous nationalities held and the country in which you were born may have an effect on the roles that you can be employed in.