Senior Red Team Tester - Offensive Cyber Operations Team
at WTW
London, England, United Kingdom -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 04 Feb, 2025 | Not Specified | 05 Nov, 2024 | N/A | Paas,Cloud,Javascript,Ruby,Web Application Security,Database Testing,Mitigation Strategies,Iaas,Scripting,Infrastructure Security | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
DESCRIPTION
A motivated Senior Red Team Tester is required to join the Penetration Testing Team within the Global Information Consultancy Team. The primary objective is to find underlying weaknesses and identify vulnerabilities that could be exploited by external or internal attackers. Their role involves conducting thorough assessments based on real-world scenarios, generating realistic vulnerabilities and complex multi-stage attacks.
The successful candidate will function as a senior cyber security professional for a wide range of technologies within the corporate network. They will work closely alongside the rest of the Penetration Testing team, Business units and other Cyber teams.
We are looking for a collaborative collaborator, with good technical knowledge in web application, infrastructure penetration testing, extensive vulnerability knowledge and someone that can identify security risks and suggest improvements to prevent security incidents occurring. The successful candidate will contribute to and work as part of a global multi-disciplined security community with clear vision and direction, and top-down support across the business.
SKILLS:
- Strong knowledge of the cyber kill chain, common tactics, techniques, and procedures which are often used by adversaries.
- Must have strong research capabilities and be up to date with the cyber industry.
- Web Application Security: In-depth knowledge of web application vulnerabilities, common attack techniques, and mitigation strategies. Strong understanding of OWASP Top 10 vulnerabilities is crucial.
- Infrastructure security: Working knowledge of different on-prem and cloud builds (IaaS, PaaS, SaaS), in-depth understanding of operating system and its common flaws.
- Penetration Testing Techniques: Proficiency in various penetration testing methodologies, tools, and frameworks. Experience with manual testing techniques, automated vulnerability scanners, and exploit frameworks is necessary.
- Programming and Scripting: Proficiency in at least one programming language (e.g., Python, Ruby, or JavaScript, etc.) to write custom scripts and tools. Understanding SQL queries for database testing is also important.
- Analytical and Problem-Solving Skills: Ability to analyze complex web application environments, identify vulnerabilities, and exploit them. Strong problem-solving skills to understand attack vectors and recommend appropriate countermeasures.
Responsibilities:
Please refer the Job description for details
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Testing
Graduate
Computer Science
Proficient
1
London, United Kingdom
