Position Description :
Be part of something cutting edge. Do you want to take control of your future? Are you ready for the responsibility of working with high profile clients in the world’s most exciting sectors?
Do you want to take your career to the next level as part of a dynamic company that gives you a direct stake in its success?
If you do, join our UK Cyber Penetration Test team.
We have a number of opportunities for CHECK, CREST or TIGER Penetration Testers within our Cyber Security business unit, one of the largest groups of cyber security specialists in the UK.
We have a long established reputation in this area, undertaking rigorous testing for a variety of commercial and public sector clients for over 10 years.
We are seeking penetration testers specialising in either applications or networks, either to be part of the team or as lead leaders.
Experience of the assessment of bespoke applications, cloud technologies and mobile applications (on diverse mobile platforms) would be of an advantage.
In addition to deep technical skills and an interest in technology and research, we are keen that all our testers are able to communicate effectively with customers the results of testing and guidance to secure their systems.
For senior positions we expect our testers to mentor mentors and lead engagements, as well as supporting the technical development of our services through research.
Additionally, depending on your skillset and interests, you may also be asked to participate in CGI’s Advanced Threat Analysis team, providing pre-
and post-attack analysis of sophisticated cyber attacks, as well as representing us at conferences and industry events by presenting research.
What’s important to understand is that penetration testing is a very broad but specialist role. You’ll be working with a multitude of technologies but at the same time specialise in the security considerations for each of them.
The roles can be based at any of our UK offices although flexibility is required to also work at other offices and client sites within the UK.
Packages are competitive for senior and experienced individuals.
Due to the nature and location of some of our work you will need to be eligible and willing to undergo UK Security Clearance at SC level and / or higher.
Your future duties and responsibilities :
We look for issues typically categorised within the OWASP Top 10 such as XSS, SQLi, CSRF, Session hijacking and command injection a knowledge of web applications and web development languages helps during this type of testing and you will be expected to be familiar with tools such as burpsuite, w3af, etc
1x connectivity and the detection and location of rogue access points that may be planted within a client environment. Tools you would expected to be familiar with are : kismet, aircrack, wifite, etc.
This is often also called kiosk testing and the idea is to see what a normal user can do outside of their expected functionality with the ultimate goals being that of accessing data and / or resources they would not have legitimate access to otherwise.
Typically we find that a knowledge of scripting languages such as powershell, VBS, Bash, general operating systems and system administration helps the most in this area.
A familiarity with network topics including routing along with common services helps in this area not forgetting knowledge of firewall solutions themselves, Cisco, Juniper, Nokia, Fortinet, etc and while we do make use of automated tools in order to speed up reviewing times on the whole it requires an analytical mind to decipher most large rulesets.
Required qualifications to be successful in this role :
To join us you should be a passionate Cyber Security / Penetration Test professional. You’ll need to be able to demonstrate the skills you have developed in your career already and have a clear idea on how you’d like your career to develop.
We can support your career development and give you the variety of clients and projects that will really enhance your Cyber career.
You’ll need to be a good communicator both verbal and written and be able to work individually or as part of a larger team.
You’ll always be supported through mentoring and training, and the team have regular 'meet ups' to share best practice and exchange ideas and solutions.
Ideally you should already hold an appropriate CHECK, CREST or TIGER Penetration Tester qualification or certification but you will be supported to gain these as appropriate.
What you can expect from us :
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership.
All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
No unsolicited agency referrals please.
CGI is an equal opportunity employer.