Commissum

We’re looking for a Senior Penetration Test Consultant (CCT)


An opportunity for a (full time, permanent) Senior Penetration Test Consultant to join the Commissum team.

Think you can hack anything? Infrastructure? IoT stuff? People? Well, we want you to prove it!

The Commissum test team are passionate about what we do and we aim to deliver outstanding services to clients by thinking the same way as an attacker would, treating testing engagements as a challenge to our own skills and knowledge as well as to their defences.

You’ll get all the other good stuff like a great package, a career path, time to find vulnerabilities and do research and to break that crummy internet connected thingy you’ve been meaning to pwn for some time now!

Still interested? Think you’ve got what it takes to impress us? Let’s talk. 0330 223 0709

PS… Here’s the boring stuff:

As a Senior Security Consultant, you will be testing everything. Web and mobile apps, infrastructure, IoT devices and networks, Wi-Fi networks, VOIP systems, people – via social engineering, conducting red teaming assignments/APT simulations etc… as well as security research and development. You will also be expected to lead teams for larger assignments.

As a senior member of the company you will be expected to assist in enforcing the highest standards of quality and carry out peer reviews, in addition to writing reports. You will also play a key part in contributing to the continuous improvement of our internal processes related to testing and reporting.

You will be dealing with clients via phone conference and technical meetings or presentations face-to-face. You will be required to work closely with the sales and marketing team to provide input for proposals and tenders and attend sales and scoping meetings with them.

From time to time, you may be required to represent Commissum at trade shows, speak at conferences and events and give presentations and briefings to clients, staff, industry, external stakeholders and the public.

The role will provide an attractive package including excellent salary and opportunity to join the company pension and healthcare schemes.

You may be based out of the Edinburgh, Leeds, London or Birmingham office. Working from home is an option for the right person; the role will require extensive travel to client sites as well as regular visits to the Edinburgh HQ.

The person:

You will be an enthusiastic tester with a few years’ experience under your belt. You’ll be passionate about and proud of working in the security industry, and be constantly researching the latest vulnerabilities, aiming at all times to be at the leading edge of industry knowledge. You’ll have achieved your CCT or equivalent,or be on track to achieve it within the coming year.

You should apply for this role if you…

  • You’ll be confident communicating test results and findings to an audience with a range of abilities, from C-Level and management to IT staff, in a variety of sectors
  • Your impeccable attention to detail and ability to analyse findings will enable you to produce meaningful, actionable information for clients
  • You’ll take full ownership of your work and personal development, with an active interest in researching emerging trends and vulnerabilities in the wider security industry
  • Your knowledge will be one of your strongest assets, and you’ll be happy working alone or with clients and colleagues to achieve common goals, as well as contributing to ongoing efforts to produce whitepapers, talks, and other high-value content
  • With your industry experience, you’ll already understand the demands and pressures a testing role can bring, including being open to the idea of occasionally working on-site with a client or outside of office hours
  • You’ll be able to manage your workload effectively between multiple ongoing projects in order to meet deadlines

You must be a UK citizen or a citizen of a full member EU state that has been resident in the UK for a minimum of 2 years.

Full training will be given on any internal software programs and through a full induction program. The successful candidate will also have a driving license and car. Due to the nature of some of our work and exposure to sensitive information, the candidate will be required to complete Government SC vetting. You can find out more about vetting and the process here.

About Commissum:

Commissum has a strong track record as an independent cybersecurity practice. We are proud of our past but firmly focused on our future, which we’d love you to be a part of. We are growing fast and want skilled and dynamic people to come on our journey with us. We will provide a fun, rewarding and nurturing work environment in return for hard work and loyalty. We operate a flat management structure and treat each other as peers, our team breeds a climate of innovation and independence; we want to be the best and hire the best, and hope that you want to be a part of that.

We have built our enviable reputation on our strong values of integrity, commitment and excellence; providing a highly-personalised service to our clients with a strong focus on quality. Our clients, to whom we deliver a wide range of services, include some of the best-known names across a variety of industries in the private, public and not for-profit-sectors.

To apply, send your CV and covering letter to careers@commissum.com.