Penetration Tester

We're looking for a Penetration Tester to join Stripe OLT.

Could you be the next member of our security team?

The Role.

This multi-purpose role will require working within a close-knit team to help build Stripe OLT as a global leader in cyber security – both in offensive and defensive domains. Taking implied and explicit, internal and external client needs and turning them into solutions is vital to the success and growth of this role.

This role will include conducting and leading penetration testing engagements, scoping discussions, report delivery, Cyber Essentials and Cyber Essentials PLUS certifications. It will be this person’s role to drive the development of security testing and aid in the introduction of new technologies and ideas.

The role requires a self-starter who takes a proactive approach to research and development, while keeping abreast of the current cyber landscape, to ensure all Stripe OLT’s products are current and marketable in the commercial and public sectors.

Protective monitoring, engineering services, penetration testing and incident response represents a major strand of Stripe OLT’s cyber security services.

Who we are looking for.

we need an individual who...

  • As a Security Consultant, displays excellent customer-facing skills and be able to demonstrate the ability to communicate technical issues in non-technical terms
  • Ideally, shows an active interest outside of their job role and participates in activities such as Hack The Box, Capture the Flags, Cyber Security Challenge UK, etc.
  • Appreciates the balance between security and usability, as well as understanding the difference between perceived risk and actual risk. Therefore, a candidate with a sysadmin background would be preferred, but this is not essential

Technical Requirements.

we're looking for these skills...

  • Demonstrable hands-on experience and accreditation in penetration testing
  • Penetration Testing Certification (OSCP, CRT, QSTM, CSTM or similar) is a MUST
  • In-depth understanding of operating systems and underlying hardware (Windows, Linux, MacOS, etc.)
  • Full UK driving licence
  • Experience and understanding of cyber incident response methodologies
  • Experience in conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, internal and external infrastructure, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc.)
  • Good knowledge of security protocols, technologies and architectures
  • Understanding of SIEM solution deployment and monitoring
  • Participates in bug bounties
  • Experience with Vulnerability scanning tools (e.g. Burpsuite Pro etc, Netsparker, Tenable Nessus.)
  • Practical experience in IT platforms (Windows, UNIX, Databases, etc.) implementation and review
  • Demonstrated ability to learn and apply critical thinking to a variety of situations
  • Knowledge and experience in communications technologies (VPNs, Routers, Switches, Firewalls, IPS’, IDS’, mobile networks, etc.)

Role Objectives.

You'll be required to...

  • Perform penetration tests on computer systems, networks and applications
  • Create new testing methods to identify vulnerabilities
  • Perform physical security assessments of systems, servers and other network devices.
  • Support the delivery of Cyber Essentials and Cyber Essentials PLUS assessments
  • Review and provide feedback for information security fixes
  • Establish improvements for existing security services, including hardware, software, policies and procedures
  • Stay updated on the latest malware and security threats

What you'll receive.

  • A competitive salary
  • Annual personal training budget
  • 25 days holiday, plus bank holidays
  • Pension plan
  • Regular staff socials
  • Unlimited fruit, tea and coffee
  • Cycle to Work Scheme

Available Location(s)

  • Partial remote working available
  • Bristol Central

To apply for this role, please send your CV, alongside a covering letter to ryan.pullen@stripeolt.com.