Log In Sign Up

Security Penetration Tester

Premium Job From Spring Group Plc

Recruiter

Spring Group Plc

Listed on

18th October 2019

Location

City Of London

Salary/Rate

£400 - £450

Type

Contract

Start Date

asap

This job has now expired please search on the home page to find live IT Jobs.

Spring Technology is currently looking for an experienced Penetration Tester. This is a initial 3 Month contract based in London.

My client is looking for:

First a penetration tester who will actively seek out vulnerabilities and will go hunting. This is "proper" manual penetration testing. But we don't just want a pen test: we are already paying a third party to do this as a one-off: we need the testing with remediation. The second aspect is to guide the engineering team on configuration, build and remediation: this is an ongoing "best practice" guide and providing assistance to the teams on what to fix and how to fix it. The third aspect is embedding technical security into our project and so that issues are identified before they make it into the production environments. I included the potential for scripting in Bash or Python as it's an area we could be doing more with, but that is a nice-to-have.

Tasks include:

*Technical security review of Google Compute platform which contains 3,000+ servers, 100+ projects

*Provide best practice guidance to GCP engineering teams on securing GCP

*Technical security review of GCP Windows and Linux instances to include automated vulnerability scanning and active exploits

*Technical security review of Microsoft Remote Desktop services and Microsoft Remote App to include configuration review and identification of vulnerabilities

*Technical security review of migrated application servers including legacy applications

*Continuous ad hoc active exploitation of the environment

*Technical security review and "penetration testing" of internet-facing applications

*Guidance to project teams on effective remediation of vulnerabilities including where necessary implementing vendor-recommendations as well as guiding engineering teams on the implementation of remedial actions

*Technical security testing of Java Google Compute Engine application to include end-to-end security assessment

*Provide guidance to development teams on remediation of vulnerabilities

*Production of effective security test reports and documentation

*Additional opportunities

oProvide guidance on the development of operational scripts

oDevelopment and configuration of automated tooling to mitigate vulnerabilities

oPython scripting

Please send your CV now to apply !

Spring Technology acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Spring Group UK is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Spring. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: www.spring.com/candidate-privacy-information-statement

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox