Senior Internal Penetration Tester

Are you tired of being on the road? Fed up with living out of a bag? Spending too much time in the cold aisle?

If you are looking for a permanent role outside of consulting, we are looking for a Senior Penetration Tester to join our internal team.

Within the internal testing team, you will deliver a range of security assurance services such as web application penetration tests, network, and infrastructure penetration tests. You will be exposed to cutting edge Cloud technologies. You will also undertake social engineering engagements and physical security assessments (when we return to a post-Covid world!) and secure code reviews.

We believe that the key deliverable of any security test is the report. You will prepare high-quality reports detailing findings and making key recommendations. Your findings will feed into our ongoing vulnerability management process, will have a significant impact, and will create change across the business.

You will work alongside IT and development project teams to ensure that all our services – both to our customers and to our staff – are delivered in a secure manner. You will question information that others would take on face value and remain inquisitive to improve the quality of security tests carried out against our infrastructure and applications.

We provide a generous training budget. Members of the team have chosen to undertake numerous training courses and further certifications including SANS and CREST. We expect you to keep up to date on current security trends, techniques, and tools. We love gamifying security training, and staff are encouraged to take part in CTFs. You will also be encouraged to attend and speak at conferences, seminars, and industry briefings (currently virtually, of course).

You will have prior experience of penetration testing and will be working in a senior role. You will not be required to ‘people manage’ the penetration testing team; however, it is essential that you are able to provide on the job mentoring and knowledge transfer to junior testers.

Responsibilities

A Senior Penetration Tester will:

• Scope, plan and carry out detailed application and/or infrastructure penetration test assignments either alone or in a small team.
• Write high quality reports and QA other’s reports.
• Lead individual assignments to successful completion.
• Work collaboratively with the wider Information Security teams. 
• Assist with in post incident reviews when required and propose resolutions to improve results in any future recurrence.
• Coach and mentor the testers and assist with knowledge transfer to the wider Information Security and IT teams.
• Assist the Penetration Team Manager.

Essential Experience/Skills

• 4 years’ experience in penetration testing.

• 1 years’ experience in a senior role.
• Solid report writing skills.
• Programming or scripting skills in at least one modern computer language.
• Familiarity with ‘standard’ penetration testing tools.
• Understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.

Highly Desirable Skills

• Familiarity with at least one cloud platform such as Microsoft Azure, Amazon AWS or Google GCP.

• One or more of the following:
  • CREST Certified Tester (CCT) Infrastructure or Web Application
  • Tigerscheme Senior Security Tester (SST)
  • Other ‘CHECK Team Leader’ equivalent qualification.
  • (ISC)2 Certification such as CISSP
  • GIAC Certification such as GEVA, GPEN, GCIH, GWAPT

About Admiral

We're Wales’ only FTSE 100 company. We have forward-thinking approaches and provide endless opportunities to test, learn and grow. There's a reason we've been named a Best Place to Work: our progressive culture, core values, and commitment to diversity and inclusion have created a working environment where people share ideas, aren’t afraid to speak up and change things, and above all, feel valued.

Admiral has grown from being a small start-up into a multi-national organisation. The company is constantly investigating new products, services and markets and is now present in eight countries with a diverse product portfolio.

Our success goes hand-in-hand with having a strong culture where we put our people and customers first. Our philosophy is simple yet effective: people who like what they do, do it better, and this, in turn, means that our customers receive the level of service and products that they deserve. Our culture is honest, open and wholeheartedly focused on four key areas:

Communication, Equality, Reward & Recognition, and Fun.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're voted no. 1 in the 2019 Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

You can also view some of our other key benefits here

If you think this role is for you and would like to be considered for this opportunity, please click “apply now” to complete an online application form.

Please note, we are unable to accept CVs via email and from agencies.