The Latest in IT Security

Security and Penetration Tester


Security and Penetration Tester

Posted: 23 January 2013
Company name: Sophos Ltd
Location: Abingdon, Oxfordshire
United Kingdom
Pay rate: ?competitve + bonus + benefits
Travel: none
Poster represents: employer
Terms of employment: Salaried employee
Hours: full time
Onsite: yes

Our Engineering team develop the next generation of Sophos products and technologies for which we’ve become known around the world. They are passionate and clued up on new technologies and products; always looking for ways to revolutionise how security technology interacts with the user; and have a penchant for solving complex and challenging technical problems in a creative manner.

This role will provide the opportunity to exercise all areas of software functionality to detect and report defects which impact security. Additionally you will contribute towards the design and implementation of automated security test systems.

To be successful in this role you will need to have an extraordinary technical background and a passion for security related products. You will have broad security knowledge to include network design, operating systems, firewalls, databases and security architectures; having knowledge and practical experience with vulnerability management and penetration tools. You will have the ability to develop deliverables including a penetration test plan, recommendations for security testing activities and report findings making recommendations on product improvement.

Required skills:
.Demonstrable skills in common types of penetration testing such as web/application and infrastructure testing, wireless network testing, firewall rule set review;

.Proven experience of performing application, network, web- application and wireless penetration testing including exploitation;

.Reverse engineering, binary analysis, antivirus avoidance, and exploit development;

.Strong understanding of open source, freeware, and commercial vulnerability assessment tools;

.Extensive experience with penetration testing and fuzzing frameworks;

.Experience operating within compliance and governance frameworks (PCI, HIPAA, GLBA, NIST, etc…);

.Ability to communicate with other development team members on advanced aspects of subject matter, to deepen the strength and skillsets of the team as a whole;

.Ability to work independently or as part of a team as the situation demands;

.Project delivery leadership including structuring, planning and controlling projects, project delivery and reporting;

.Bachelor’s degree or an associate degree in IT/IS/MIS or Computer Science or equivalent experience.

Desired skills:
.Proven in depth experience with programming/scripting languages;

.Background performing incident response and digital forensics;

.Experience performing social engineering assessments;

.Technical certifications such as: OSCP, OSCE, GWAPT, GPEN, GCIH, CISSP, CISA, CISM, CEH;

.Ability to communicate at all levels within an organization;

.Presenting to and liaising with other development team members on findings, methodologies and processes;

URL for more information:

Leave a reply


MONDAY, JUNE 17, 2024

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments