Security Engineer

Security Engineer What we’re offering (we know,everyone jumps to this section first!): - Salary of £50-70k - Shareoptions so you benefit from our success - 28 days paid holiday plusbank holidays, and an additional 5 unpaid if you want. Once youreach 3 years of service, you get an extra day of paid holidayevery year until 7 years at Intruder. - Flexible working - most ofthe Security team works from home, but we have the option of anoffice in Shoreditch if you ever feel like some human connection! -A yearly off-site for the whole company. Last year we went to aCroatian island. As a small but growing team, we're flexible andoffer a level of autonomy that allows you to make meaningful andlasting contributions to Intruder and our customers. About Us: Wemake it easier to not get hacked. Every day people sign up foronline services, enter their personal data, and put themselves atrisk. We work to enable these services to be better protected,making sure new vulnerabilities are found and closed rapidly beforedata can be stolen. We do this with a powerful but easy-to-useplatform that is low on noise and high on trust, information, andcontext – so when we say it’s critical, companies know they have toact fast. In the past 2 years, we have grown rapidly in productcapability, customer base, revenue, and employee size. The next fewyears promise more of the same, with plenty of growth opportunitiesfor us and our teams! About the Role: We are looking for a SecurityEngineer to write new vulnerability checks for the latest criticalvulnerabilities, research breaking vulnerabilities, and discovernew weaknesses in well-known products. This role is varied andincludes: - Writing and maintaining vulnerability checks withNuclei, OpenVAS, and ZAP - Providing industry-leading insights intobreaking vulnerabilities on Intruder Intel - Monitoring customertargets for emerging critical weaknesses: Rapid Response -Researching breaking vulnerabilities and reverse engineeringwell-known products to produce quality active vulnerability checks- Delivering research findings as technical web content or talks atconferences - Providing technical assistance on client calls, andassisting at occasional events What we think you will need to besuccessful: - At least 2 years' industry experience in offensivesecurity including knowledge and experience in some or all of thefollowing: - Network penetration testing and a thoroughunderstanding of network protocols - Web application penetrationtesting and a thorough understanding of application layervulnerabilities - Developing, extending, or modifying detection andfingerprinting code - Developing, extending, or modifying exploits,shellcode, or exploit tools - Automation of simple tasks andcomplex chains using Python, Ruby, or Golang - Interacting withCloud services and assessing them for weaknesses - One or moreindustry qualifications, for example: - Offensive SecurityCertifications such as OSCP, OSWE, OSEP, OSED - CRESTCertifications such as CCT APP, CCT INF, CRT - Comfortability withclient-facing calls in a consultancy setting - Excellent technicalwrite-up skills Hiring Process: 1. Company intro (30 minutes,remote): initial chat with People/Recruitment for you to learn moreabout the role and tell us what you're looking for. 2. SecurityIntro (45 minutes, remote): introductory call to discuss yourexperience with a member of the Security team. 3. Technical Task: amini project to complete in your own time, before the finalinterview. 4. Final Interview (1 hour 30 minutes): final technicalinterview questions, and discussion of your technical task.#J-18808-Ljbffr