The Opportunity:
At C3IA Solutions Ltd, we offer a dynamic and supportive work environment where your contributions are valued and make a significant impact to national security, critical infrastructure protection and the safety of our clients and the UK. C3IA provides technical and security services to the public and private sectors specialising in system engineering, ICT, information assurance and National Cyber Security Centre (NCSC) certified cyber services. Established in 2006, the company has now grown to nearly 80 employees with additional services provided by an active network of over 100 Associates and numerous industry partners. Our company has a clear purpose with a positive reputation and an approach to business that is rooted in our Ethos and Values.
We are currently seeking two CHECK qualified Penetration Testers to join our expanding team. Depending on capabilities, one of the successful candidates will be positioned as a Team Leader with additional responsibility for playing a critical role in managing and delivering high-quality penetration testing services to clients in government, defence, and critical national infrastructure sectors. You will be a certified and experienced CHECK Team Leader to manage and develop a team of testers, in addition to providing CHECK penetration tests to clients.
These are full time, permanent roles offering a hybrid work model with opportunities for remote and on-site client engagement, as well as participation in high-profile engagements with government and critical national infrastructure clients. To this end, you must be UK based and willing to undergo the process to attain/maintain a high level of security clearance.
More about the role:
Engagement Management
Lead and manage penetration testing engagements, including scoping, planning, execution, and reporting. Ensure engagements meet NCSC CHECK standards and client requirements for quality and thoroughness. Serve as the primary point of contact for clients during engagements, providing regular updates and managing expectations. Technical Leadership
Perform advanced penetration testing on networks, applications, infrastructure, and mobile platforms. Identify, exploit, and document vulnerabilities, simulating realistic threat scenarios. Review team findings to ensure accuracy, depth, and compliance with industry standards such as OWASP, OSSTMM, and CREST. Team Development and Mentorship
Provide technical guidance, mentorship, and training to junior and senior penetration testers. Ensure team members meet continuous professional development requirements, including maintaining certifications. Conduct peer reviews of deliverables to uphold high-quality reporting standards. Governance and Compliance
Ensure compliance with NCSC CHECK requirements and maintain the company's CHECK service provider status. Keep up to date with the latest vulnerabilities, exploits, and security trends to inform testing methodologies. Develop and maintain internal methodologies, tools, and processes aligned with industry best practices. Reporting and Recommendations
Produce comprehensive, clear, and actionable reports, detailing vulnerabilities, exploit methodologies, and risk mitigation strategies. Present findings and recommendations to technical and non-technical stakeholders, including C-level executives. What we're looking for: Experience:
In-depth knowledge of vulnerability assessment tools, exploitation frameworks, and manual testing techniques. Proficiency in scripting languages (e.g., Python, PowerShell, Bash) and understanding of offensive security tools (e.g., Metasploit, Burp Suite, Cobalt Strike). Familiarity with security frameworks and standards such as ISO 27001, NIST, CIS Controls, and GDPR. Experience with red teaming, threat modelling, or advanced adversarial simulations. Strong background in reverse engineering, malware analysis, or exploit development. Qualifications:
Certified CHECK Team Leader (CTL) qualification through NCSC. Additional certifications: OSCP, OSCE, CISSP, CREST CRT/CRTIA, or equivalent. Required Skills:
Strong technical skills in network, web application, and infrastructure penetration testing. The ability to present comprehensive feedback to director level stakeholders, effectively communicating risks, risk mitigation strategies and make recommendations for remedial actions through detailed and insightful reports. Excellent leadership skills – the ability to develop and mentor a high-performing team of penetration testers, ensuring effective collaboration and continuous improvement. The ability to engage with external clients, confidently articulating the value of our services and systems. Organisation skills – the ability to manage a varied workload whilst ensuring a high level of accuracy and attention to detail. Project management skills – the ability to effectively plan, execute and oversee penetration testing projects ensuring timely delivery and adherence to quality standards. Effective communication skills, both written and verbal, with the ability to maintain strong relationships and present complex technical concepts clearly to stakeholders up to Director level. Proven ability to manage your own time and activities autonomously, ensuring you are able to manage multiple projects and deadlines. High levels of integrity, professionalism, and discretion when handling sensitive information. Job Types: Full-time, Permanent Pay: £70,000.00-£100,000.00 per year Additional pay: Yearly bonus Benefits: Company events Company pension Cycle to work scheme Life insurance On-site parking Private medical insurance Sick pay Work from home Schedule: Monday to Friday Application question(s): Are you a qualified CHECK Penetration Tester? Work Location: Hybrid remote in Poole BH15 1NX Application deadline: 31/01/2025 Reference ID: C3IA0002
#J-18808-Ljbffr
Lead and manage penetration testing engagements, including scoping, planning, execution, and reporting. Ensure engagements meet NCSC CHECK standards and client requirements for quality and thoroughness. Serve as the primary point of contact for clients during engagements, providing regular updates and managing expectations. Technical Leadership
Perform advanced penetration testing on networks, applications, infrastructure, and mobile platforms. Identify, exploit, and document vulnerabilities, simulating realistic threat scenarios. Review team findings to ensure accuracy, depth, and compliance with industry standards such as OWASP, OSSTMM, and CREST. Team Development and Mentorship
Provide technical guidance, mentorship, and training to junior and senior penetration testers. Ensure team members meet continuous professional development requirements, including maintaining certifications. Conduct peer reviews of deliverables to uphold high-quality reporting standards. Governance and Compliance
Ensure compliance with NCSC CHECK requirements and maintain the company's CHECK service provider status. Keep up to date with the latest vulnerabilities, exploits, and security trends to inform testing methodologies. Develop and maintain internal methodologies, tools, and processes aligned with industry best practices. Reporting and Recommendations
Produce comprehensive, clear, and actionable reports, detailing vulnerabilities, exploit methodologies, and risk mitigation strategies. Present findings and recommendations to technical and non-technical stakeholders, including C-level executives. What we're looking for: Experience:
In-depth knowledge of vulnerability assessment tools, exploitation frameworks, and manual testing techniques. Proficiency in scripting languages (e.g., Python, PowerShell, Bash) and understanding of offensive security tools (e.g., Metasploit, Burp Suite, Cobalt Strike). Familiarity with security frameworks and standards such as ISO 27001, NIST, CIS Controls, and GDPR. Experience with red teaming, threat modelling, or advanced adversarial simulations. Strong background in reverse engineering, malware analysis, or exploit development. Qualifications:
Certified CHECK Team Leader (CTL) qualification through NCSC. Additional certifications: OSCP, OSCE, CISSP, CREST CRT/CRTIA, or equivalent. Required Skills:
Strong technical skills in network, web application, and infrastructure penetration testing. The ability to present comprehensive feedback to director level stakeholders, effectively communicating risks, risk mitigation strategies and make recommendations for remedial actions through detailed and insightful reports. Excellent leadership skills – the ability to develop and mentor a high-performing team of penetration testers, ensuring effective collaboration and continuous improvement. The ability to engage with external clients, confidently articulating the value of our services and systems. Organisation skills – the ability to manage a varied workload whilst ensuring a high level of accuracy and attention to detail. Project management skills – the ability to effectively plan, execute and oversee penetration testing projects ensuring timely delivery and adherence to quality standards. Effective communication skills, both written and verbal, with the ability to maintain strong relationships and present complex technical concepts clearly to stakeholders up to Director level. Proven ability to manage your own time and activities autonomously, ensuring you are able to manage multiple projects and deadlines. High levels of integrity, professionalism, and discretion when handling sensitive information. Job Types: Full-time, Permanent Pay: £70,000.00-£100,000.00 per year Additional pay: Yearly bonus Benefits: Company events Company pension Cycle to work scheme Life insurance On-site parking Private medical insurance Sick pay Work from home Schedule: Monday to Friday Application question(s): Are you a qualified CHECK Penetration Tester? Work Location: Hybrid remote in Poole BH15 1NX Application deadline: 31/01/2025 Reference ID: C3IA0002
#J-18808-Ljbffr
