Security Engineer

• Salary of £45,000 - £65,000
• Share options so you benefit from our success
• 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want them ️
• Flexible working - some of us work from home, some in office (East London), and everything in between. We're flexible
• Training budget for one major certification / course per year
• Regular (optional) socials
• As a small but growing team, we're flexible and offer a level of autonomy that allows you to make meaningful and lasting contributions to Intruder and our customers.

• Writing new vulnerability detections with Nuclei, and curating crowd-sourced checks for inclusion into the Intruder platform
• Custom scanning of customer targets for emerging critical weaknesses: Rapid Response
• Writing technical content for our website about the latest vulnerabilities
• Automate the pentesting methodology to carry out checks at scale against multiple customers simultaneously
• Work on projects to research and provide evidence for novel improvements to the Intruder platform
• Providing technical assistance on client calls, and occasionally assisting at events
• What we think you need to be successful:
• At least 2 years' industry experience in offensive security roles
• A technical academic background in software engineering or cyber security
• One or more of the following industry qualifications:
  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Web Expert (OSWE)
  • Offensive Security Evasion Techniques & Breaching Defences (OSEP)
  • CREST Registered Penetration Tester (CRT)
  • CREST Certified Web Application Tester (CCT APP)
  • CREST Certified Infrastructure Tester (CCT INF)

• Network penetration testing and a thorough understanding of network protocols
• Web application penetration testing and a thorough understanding of application layer vulnerabilities
• Automation of simple tasks and complex chains using Python, Ruby, or Golang
• Developing, extending, or modifying detection and fingerprinting code
• Developing, extending, or modifying exploits, shellcode or exploit tools
• Strong knowledge of tools used for web application, and network security testing including commercial vulnerability scanning engines
• Cloud services, including how to interact with, and assess them for weaknesses
• Comfortability with client-facing calls in a consultancy setting
• Excellent technical writeup skills

1. Company intro (30 minutes, remote): initial chat with People team for you to learn more about the role and tell us what you're looking for
2. Security Intro (40 minutes, remote): introductory call to discuss your experience with a member of the Security team
3. Technical Task: a mini project to complete in your own time, before the final interview
4. Final Interview: (1 hour 30 minutes): final technical interview questions, and discussion of your technical task

#J-18808-Ljbffr