Overview
Penetration Tester at Bluecube Technology Solutions - An Ekco Company. Hybrid role with potential on-site client engagements. Responsible for assessing security posture of client applications, infrastructure, APIs, servers and endpoints, identifying vulnerabilities and providing remediation guidance.
Key Responsibilities
* Conduct comprehensive penetration tests on clients' systems across web applications, thick client applications, infrastructure, APIs and cloud platforms to identify vulnerabilities, weaknesses and risks.
* Perform penetration tests onsite at client locations or remotely as required.
* Develop and execute customized test plans and methodologies; apply tools for network and application layer testing; follow OWASP, NIST and other leading standards.
* Evaluate architectures and designs to identify security flaws and provide risk mitigation recommendations.
* Collaborate with clients and their development teams to understand architecture and codebase; advise on remediation and secure coding practices.
* Utilise a range of manual and automated testing tools to conduct assessments.
* Prepare detailed reports documenting vulnerabilities, potential impact and actionable remediation strategies; communicate findings to clients.
* Stay updated on security threats and attack vectors; advise clients on emerging risks and countermeasures.
* Work with cross-functional security teams to implement best practices and support secure development and deployment.
* Provide expert support during security incident response activities, including mobile app security investigations where required.
Key Requirements
* Excellent written and verbal communication skills; able to convey technical concepts clearly to technical and non-technical clients.
* Degree in Computer Science, Information Security, or related field; relevant industry certifications (e.g., OSCP, PNPT, CREST CPSA/CRT, SANS) and/or mobile/thick client/secure code review experience are desirable.
* Proven track record as a Penetration Tester with significant experience in application, infrastructure and API security testing; minimum 1-2 years of professional experience.
* Strong knowledge of vulnerabilities, threats, attack vectors and industry standards (OWASP, NIST, PTES).
* Understanding of applications, operating systems (Windows, Unix) and related technologies.
* Experience in mobile application penetration testing across Android and iOS is desirable; knowledge of mobile app architectures, secure storage, authentication and inter-app communication is a plus.
* Proficiency with penetration testing tools (e.g., Burp Suite Pro, Nmap, Nessus, Metasploit; SoapUI/Postman/ReadyAPI).
* Programming/scripting skills (e.g., Python, Bash) to automate tests and develop custom scripts are a plus.
* Ability to work independently and within a team; manage multiple engagements, meet deadlines and deliver high-quality results.
Benefits/Perks
* Time off: 25 days leave + public holidays
* Birthday leave: 1 day per year
* Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice
* Employee Assistance Programme (EAP) for wellbeing and advice
* EkcOlympics and other team-building activities
* Learning & development: Unlimited Pluralsight access
* Opportunity for responsibilities and international growth
Why Ekco
* Award-winning partner in security and cloud solutions with strong growth
* Committed to diversity, equality, inclusion and belonging
* Internal mobility and development opportunities
* Flexible working with a family-friendly focus
Job Details
* Seniority level: Entry level
* Employment type: Full-time
* Job function: Information Technology
* Industries: IT Services and IT Consulting
#J-18808-Ljbffr