As an Ethical Hacking Manager, you will have the opportunity to:

• Deliver and manage relatively complex client engagements requiring the use of offensive security tools and techniques to to identify weaknesses in client IT environments by legally breaking into computer systems, websites, mobile applications and wireless platforms as part of real world simulated attack scenarios;

• Research a variety of topics including: advanced evasion techniques for enhancing our red team capabilities and other novel techniques and capabilities;

• Contribute to the creation of new private and public tooling to enhance deliver capabilities;
  Work with a world leading Threat Intelligence team to deliver full package solutions to clients looking to answer both the “who” and the “how” questions for possible attacks;

• Work closely with a dedicated development team to research and weaponise new vulnerabilities and techniques for bypassing endpoint security solutions;

• Manage and mentor junior staff through sharing of professional and technical skills and experience;

• Maintain and develop relationships with iconic clients, understanding their needs, producing proposals to address them and providing risk based recommendations on security matters;

• Conduct and manage a variety of testing including: red teaming, infrastructure testing, both internal and external; application testing of both web and proprietary applications and protocols; mobile systems testing including RF and WiFi solutions;

• Research a variety of topics including: advanced evasion techniques for enhancing our red team capabilities, embedded devices such as IIoT/IoT; Scada/ICS, automotive; cryptography techniques and implementations; novel techniques and capabilities;

• Work with clients to review and enhance the security of key platforms such as Azure AD, Office 365 and a variety of supporting cloud platforms including IaaS and SaaS.

• Write risk based reports and attend customer delivery meetings;

• Act as a technical SME for collaborative projects with other business teams such as Incident Response, Threat Intelligence, Crisis Response and Cyber Security Advisory;

You can also expect to perform the following business development activities

• Meet with clients to understand their needs and help produce proposals 
• Develop toolkits and methodologies to enhance our sales and delivery capability
• Contribute to research, public blogs and whitepapers to improve our public profile
• Attend and speak at conferences within the Information Security community
• Collaborate to develop new and innovative security services for our clients
• Develop new and innovative security services for our clients
• Work with our outreach teams to support schools, colleges and universities in showing the next generation the opportunities available in the cyber industry.

Skills and experience

• Significant practical experience delivering a range of ethical hacking services to customers;

• Expert user of both Windows and Linux operating systems.

• Highly experienced in using commercial security testing tools and strong track record of interpreting and triaging results, and producing management reports.

• Good working knowledge of Azure AD, Office 365 and common cloud hosting platforms.

• Extensive knowledge of security testing requirements and techniques, demonstrated by Cyber Security Industry qualifications such as CREST* SAS, SAM, CCT or OSCE; 

• While not prerequisites, the following will be advantageous:

  • Exposure to database technologies, multi-tier, web based and cloud based IT architectures;

  • Knowledge of security technologies (e.g. AV, SIEM, IDM, IPS, F/W, SSO, DLP)

  • Degree in computer science, cyber or STEM subjects or demonstrate professional development, industry qualification and practical experience;

  • Experience of assessing native mobile applications under both iOS and Android;

  • Experience of reverse engineering binary applications and network protocols;

  • Experience of performing security-focused source code reviews of large-scale applications;

  • Background in software development and application testing;

  • Experience of internal or external consulting or audit engagements;

• Excellent business communication skills, including writing proposals, initiating client engagements, leading workshops, writing reports, and delivering presentations to clients;