Security Engineer/Penetration Tester/malware, Java, C, .Net
Job Type: Permanent
Location: London
Benefits: Excellent Benefits + Bonus
Salary: £50- 57,000
Details: The Security Engineer/Penetration Tester has a strong ethical hacking/Penetration Testing background/experience. This position requires expertise regarding security vulnerabilities, application analysis, malware analysis, protocol analysis, and debugging. The position exposes security vulnerabilities and risks and presents those risks to senior management and other technical individuals, with recommended advice and solutions to mitigate such vulnerabilities. The Information Security Manager has experience with secure coding practices, incident handling, and application security and vulnerability assessment methodologies. A desire to innovate and stay current on security technologies is required. 40% 1. Investigate and identify patterns of continued technical security issues and weaknesses and design solutions to prevent future re-occurrences. Conduct technical security training where appropriate to different lines of business and IT. This may involve transference of skills to others where a new information security process has been established. Advise internal lines of business, IT partners, and 3 rd parties on how to remediate technical security issues and verify remediation activities. 30% 2. Responsible for in-depth technical security testing of company websites, infrastructure, and applications using a combination of automated manual commercial/open-source tools. Analyze malware, reverse engineer code when necessary to understand the impact of the malware, and root causes of the malware. Responsible for Technical and Executive level reports on technical security issues. 20% 3. Design, document, and implement technical information security processes, procedures, guidelines, and solutions. 10% 4. Function as primary regional incident response handler directing IT and other departments during security incidents, including evidence preservation, corrective action, and preventive actions. Knowledge of: o White Box or Black Box penetration testing experience. Knowledge in both types of testing environments is essential. o Existing and emerging techniques used by malware. o Security hardening techniques for Server OS (Windows, Unix Linux), Databases (MySQL, Oracle, MS SQL), and Application Servers (JBOSS, WebSphere). o Computer, systems and network architecture; operating systems, virtual environment, and networking protocols. o Compiled and interpreted programs, for example: database systems, web Servers, application Servers, mainframes, Firewalls, Routers, load balancers, Switches, and different types of Middleware. o Experience implementing and supporting security technology such as McAfee ePolicy. Skill In: o Using commercial and open source security testing tools. o Reverse engineering complex code, using tools such as IDA Pro, OllyDBG and other similar tools. o Programming in 2 or more of the following; C, Java, .Net, SQL. o Shell scripting in 2 or more of the following; Perl, Bash,PHP, WMI, SED. o Reviewing application source code for security vulnerabilities. o Using debuggers and/or decompilers.
Skills Required :
Apply: BC920
Featured: Yes
Date: Tuesday, 03 April 2025
< return to the jobs