OverviewPenetration Tester at Bluecube Technology Solutions - An Ekco Company. Hybrid role with potential on-site client engagements. Responsible for assessing security posture of client applications, infrastructure, APIs, servers and endpoints, identifying vulnerabilities and providing remediation guidance.Key ResponsibilitiesConduct comprehensive penetration tests on clients' systems across web applications, thick client applications, infrastructure, APIs and cloud platforms to identify vulnerabilities, weaknesses and risks.Perform penetration tests onsite at client locations or remotely as required.Develop and execute customized test plans and methodologies; apply tools for network and application layer testing; follow OWASP, NIST and other leading standards.Evaluate architectures and designs to identify security flaws and provide risk mitigation recommendations.Collaborate with clients and their development teams to understand architecture and codebase; advise on remediation and secure coding practices.Utilise a range of manual and automated testing tools to conduct assessments.Prepare detailed reports documenting vulnerabilities, potential impact and actionable remediation strategies; communicate findings to clients.Stay updated on security threats and attack vectors; advise clients on emerging risks and countermeasures.Work with cross-functional security teams to implement best practices and support secure development and deployment.Provide expert support during security incident response activities, including mobile app security investigations where required.Key RequirementsExcellent written and verbal communication skills; able to convey technical concepts clearly to technical and non-technical clients.Degree in Computer Science, Information Security, or related field; relevant industry certifications (e.g., OSCP, PNPT, CREST CPSA/CRT, SANS) and/or mobile/thick client/secure code review experience are desirable.Proven track record as a Penetration Tester with significant experience in application, infrastructure and API security testing; minimum 1-2 years of professional experience.Strong knowledge of vulnerabilities, threats, attack vectors and industry standards (OWASP, NIST, PTES).Understanding of applications, operating systems (Windows, Unix) and related technologies.Experience in mobile application penetration testing across Android and iOS is desirable; knowledge of mobile app architectures, secure storage, authentication and inter-app communication is a plus.Proficiency with penetration testing tools (e.g., Burp Suite Pro, Nmap, Nessus, Metasploit; SoapUI/Postman/ReadyAPI).Programming/scripting skills (e.g., Python, Bash) to automate tests and develop custom scripts are a plus.Ability to work independently and within a team; manage multiple engagements, meet deadlines and deliver high-quality results.Benefits/PerksTime off: 25 days leave + public holidaysBirthday leave: 1 day per yearCompany Pension Scheme (employer contribution 5%) + flexible salary sacrificeEmployee Assistance Programme (EAP) for wellbeing and adviceEkcOlympics and other team-building activitiesLearning & development: Unlimited Pluralsight accessOpportunity for responsibilities and international growthWhy EkcoAward-winning partner in security and cloud solutions with strong growthCommitted to diversity, equality, inclusion and belongingInternal mobility and development opportunitiesFlexible working with a family-friendly focusJob DetailsSeniority level: Entry levelEmployment type: Full-timeJob function: Information TechnologyIndustries: IT Services and IT Consulting
#J-18808-Ljbffr