Penetration Testers & Senior Penetration Testers
To apply: Please send a brief cover letter and your resume to firstname.lastname@example.org
We are looking for passionate and skilled penetration testers with professional experience. There are multiple roles available within our penetration testing team, dependant on experience and ability.
We have industry leading levels of employee retention, and for good reason; we’re the kind of place that no one wants to leave! We push ourselves to the max, so if you’re the kind of person who loves deep technical challenges and a fantastic work environment, we welcome your interest.
- Work/life balance. No one enjoys doing the same thing week in, week out. For that reason, we have developed internal tools and business processes that guarantee variety and balance.
- Internal Conferences, or as we like to call them, Clinic days. Eight times per year we block book our consultants’ calendars. We get together, in a hackathon type experience, and boast about technical wins, share our cool new toys, and debate the latest industry hot topics.
- External Conferences and training. Members of our team regularly attend leading industry conferences. Have you read our Derbycon writeup? We finished #1.
- Cutting edge engagements across all industries and geographical locations. From reviewing blockchain implementations, to performing on-yacht assessments in Cote D’azur, we get involved with almost anything.
- Lots of social engineering and red teaming engagements. Some of these last for months and we are very good at it.
- Multiple career progression paths. We do not put people into boxes. The hard ceiling is set only by your ambitions, dedication, and abilities.
- This might sound as a cliché, but our team is truly comprised of wonderful and brilliant professionals. Every day is a chance for collaboration, learning, and mentoring. Oh, and also competing. Did we say that we have more than 70 (and growing) unique challenges in our internal CTF?
There is no fixed set of skills required to be a successful candidate. However, the more of the following attributes you can demonstrate to us, the more likely you will be to end up with a job offer.
- Penetration testing experience. While professional penetration testing experience is preferred, in some cases we can accept individuals who have worked in related cyber security professions, dependant on aptitude and thirst for knowledge.
- You love getting involved in deep technical challenges, while at the same time being able to abstract and explain the most complex issues to a C level exec.
- In depth knowledge and understanding of applications and networking.
- An ability to teach and mentor other members of the team is a distinct advantage; it’s part of what makes us Nettitude!
- Exploit creation, scripting and reverse engineering are a distinct advantage.
- You code open source tools, contribute to security blogs, and participate in CTFs.
- A thirst for knowledge and a constant desire to push yourself to the max.
Your qualifications and certifications
There are no formal requirements for any qualifications or certifications. We’re not looking for badge collectors; we look far deeper than that. However, one or more of the following will serve as a distinct advantage.
- A BSc degree in a technical discipline.
- CREST Registered Tester or CREST Certified Tester.
- Tiger Scheme and other equivalents equally considered.
- SC or DV clearance is very much welcomed.
- Offensive Security, GIAC and other industry recognised certifications will also be well received.
While we need to be sure that you’re the right person for the job, we don’t artificially elongate the application process any more than is strictly necessary. The most common selection process looks like this:
- Provide us with a CV/resume and a covering letter.
- Success at this stage will lead to a telephone interview. This will allow us to get to know you a little bit better and gauge if you’d be a suitable candidate to progress to the next stage.
- A face to face interview. This is a more formal event that typically lasts between 2-2.5 hours. The first half is a verbal process, while the second half will see you pitted against some of our internal Capture the Flag levels.
In most cases, that’s it. We are able to gauge the vast majority of candidates’ suitability based on completion of all stages. If, at any stage, you’re not selected to progress, we will be sure to explain why so that you can improve in those areas. After a twelve-month period, we welcome re-submissions.