it jobs online
Senior Penetration Tester (Infrastructure / Mobile Jobs London
 
Search
Jobs Online
 Keywords  search help
title and keywords
title only
 Postcode radius within
 of  
OR
 Country
Select country
Select region
Select county (CTRL for multiple)
 Type
 Jobs added within
Title

Senior Penetration Tester (Infrastructure / Mobile

Location: London, All
Salary/Rate: Negotiable
Benefits: --
Type: permanent
Key Experience
Key Skill 1: infrastructure, Web, mobile
Key Skill 2: Tester, Senior, penetration
Key Skill 3: java, Support, .net
Key Skill 4: PHP, IT, Python
Other experience: Service, Test, Development, Security, Software, Ruby, Management, design, Business, Testing, Perl, Technical, engineering, delivery, VB.NET, Reporting, ASP, Financial Services, Applications, Service Delivery, VB, Application, Manual, Financial, Risk, Solutions, scripting, Reports, Architecture, Team, Quality, Cyber, Banking, Projects, Services, leader, http, Automated, Research, Asset, commercial, client, Assurance, Develop, Component, code review, Investment, Quality Assurance, SECURITY ARCHITECTURE, Java, testing methodologies, Conduct, Vulnerability, General, investment banking, IS, Penetration Testing, experience
Description
Senior Penetration Tester (Infrastructure / Mobile / Web)

The role is part of a global cyber security assessments team delivering 'next generation' application and infrastructure testing. Primary focus of this role would be to perform hands on penetration testing of some of the most critical applications with JPMC, as well as conduct regular penetration tests of the associated infrastructure. In addition to hands on assessments, a high level of internal client interaction is required in this role and as such it would suit a technical individual with good client-facing skills and the ability to describe security issues based on risk and impact. This role will also require reviewing the output of third-party penetration testing vendors and the ability to conduct Quality Assurance on testing reports. Successful candidates will have good general knowledge of security concepts and significant experience and proven expertise in both web application and infrastructure assessments. The successful candidate will have a proven track record in delivery in application security and infrastructure related penetration testing.

Responsibilities:
  • Penetration Testing across infrastructure, mobile and web projects.
  • Reporting on findings and vulnerabilities and occasionally present results to non-technical managers.
  • Review and quality check third party penetration tests.
To be successful in this role, you should have:

  • Strong "quality focused" approach to service delivery.
  • 2+ years of experience with penetration testing against a wide variety of application layer platforms, including web, mobile, and thick client beyond running automated tools
  • 2+ years of experience with penetration testing against internal and external facing corporate infrastructures
  • Technical focus on both application (Web, Mobile "Fat" application assessments) and infrastructure testing
  • Understanding of Security architecture both from a penetration testing and design point of view
  • Experience working with application developers to validate, assess, understand root cause and mitigate vulnerabilities
  • Experience documenting technical issues identified during security assessments and building improvements in to the existing service support tools and "standard findings"
  • Ability to communicate security risks to both technical and business audiences
Technical Skills:
  • Good understanding of OWASP and other software security best practices
  • Strong technical ability in current web application testing methodologies
  • Strong technical ability in security related architecture design and assessment (manual approach to penetration testing)
  • Intermediate level understanding of Mobile Application Security concepts
  • Good understanding of exploitation research and mitigation (buffer and stack overflows/protection mechanisms)
  • Experience with scripting languages (Python/Perl) and associated usage within penetration test assessments
  • Experience with application layer assessment tools, such as local proxies and fuzzers
  • A strong understanding of web technologies, solutions and attack vectors that apply to application technologies
  • A preferred candidate would have experience of Security source code review or development experience in C/C++, C#, VB.NET, ASP, PHP, Ruby or Java
  • Ability to concisely communicate security risks to both technical and business audience
  • Ability to conduct research and develop, building tools for use by internal teams as well as vulnerability research would be a significant advantage to a candidate.
  • Knowledge of application reverse engineering techniques and procedures


Preferred Qualifications:

  • 5 to 7 years of application and infrastructure security assessment experience
  • GWAPT, GPEN, Offensive security Advanced Web Attacks and Exploitation and/or Offensive security Cracking the Perimeter (CTP) certifications
  • Demonstrated understanding of financial sector, or other large organization, security and IT infrastructures

About J.P. Morgan Chase & Co:

J.P. Morgan serves one of the largest client franchises in the world. Our clients include corporations, institutional investors, hedge funds, governments and affluent individuals in more than 100 countries. J.P. Morgan is part of JPMorgan Chase & Co. (NYSE: JPM), a leading global financial services firm with assets of $2.1 trillion. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity. A component of the Dow Jones Industrial Average, JPMorgan Chase serves millions of clients and consumers under its JPMorgan and Chase, and WaMu brands.

J.P. Morgan offers an exceptional benefits program and a highly competitive compensation package. J.P. Morgan is an Equal Opportunity Employer.



Senior Penetration Tester (Infrastructure / Mobile Jobs London
Recruiter: J.P.Morgan
Added: 12-10-2018
Source: Agency
Training Courses
infrastructure, Web, mobile & Tester, Senior, penetration training
sponsor this section
Senior Penetration Tester (Infrastructure / Mobile Jobs London  There is no need to provide bank account details or payment to any person or organisation when applying for vacancies. If these details are requested for any vacancy you see with us, please report it to us via our contact page.
Apply above for Senior Penetration Tester (Infrastructure / Mobile jobs in London.
Senior Penetration Tester (Infrastructure / Mobile London
add cv Add CV/Register for Jobs by email
  © 2006-2018 IT Jobs Online