Role=Penetration testers (who simulate cyberattacks in order to identify and report security flaws on computer systems, networks and infrastructure, including internet sites)
5 to 10 year preferably in banking domain
As a penetration tester, you'll understand complex computer systems and technical cyber security terms. You'll need to:
• work with clients to determine their requirements from the test, for example the number and type of systems they would like testing
• plan and create penetration methods, scripts and tests
• carry out remote testing of a client's network or onsite testing of their infrastructure to expose weaknesses in security
• simulate security breaches to test a system's relative security
• create reports and recommendations from your findings, including the security issues uncovered and level of risk
• advise on methods to fix or lower security risks to systems
• present your findings, risks and conclusions to management and other relevant parties
• consider the impact your 'attack' will have on the business and its users
• understand how the flaws that you identify could affect a business, or business function, if they're not fixed.
You'll need to have:
• an in-depth understanding of computer systems and their operation
• excellent spoken and written communication to explain your methods to a technical and non-technical audience
• attention to detail, to be able to plan and execute tests while considering client requirements
• the ability to think creatively and strategically to penetrate security systems
• good time management and organizational skills to meet client deadlines
• ethical integrity to be trusted with a high level of confidential information
• the ability to think laterally and 'outside the box'
• teamwork skills, to support colleagues and share techniques
• exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done
• business skills to understand the implications of any weaknesses you find
• commitment to continuously updating your technical knowledge base.