Job Description
Job Description
Penetration Testing Scheme Manager- Cheltenham/Hybrid 4 days home/1 day at office- 12 months - SC needed! - up to £750 per day-£850 per day - (CHECK experience essential)
Tasks & Responsibilities:
* Perform tests on applications, network devices, and cloud infrastructures
* Design and conduct simulated social engineering attacks
* Research and experiment with different types of attacks
* Develop methodologies for penetration testing
* Review code for security vulnerabilities
* Reverse engineer malware or spam
* Document security and compliance issues
* Automate common testing techniques to improve efficiency
* Write technical and executive reports
* Communicate findings to both technical staff and executive leadership
* Validate security improvements with additional testing
* Analyse the overall business model and provide feedback on areas of improvement
In order to mitigate, the team requires an experienced penetration tester with past or current experience of working in the CHECK Scheme to undertake the following tasks:
* In-year sampling of CHECK reports to ensure adherence to the standard and confirm the company’s ongoing technical capability to remain part of the CHECK scheme.
* In-year sampling of new CHECK Team Leaders’ reports, and potentially coaching/remedial activities with standalone CTLs who have no peer support in their company.
* New applications from companies wishing to join the CHECK Scheme.
* Using reports to analyse the company's set up and provide further areas of improvement
* Awarding certificates to confirm compliance with the CHECK scheme.
What is CHECK?
* CHECK is the term for NCSC (National Cyber Security Centre)-approved penetration testing organisations and the methodology they use when testing.
* CHECK services can only be offered by approved companies with experienced staff who hold NCSC-approved qualifications and use methods recognised by the NCSC.
* CHECK was developed for government departments, public-sector bodies and the organizations forming the UK’s critical national infrastructure.
* Organizations in other sectors should use CREST.