Location: Reading, United Kingdom
Thales people architect solutions at the heart of the defence-security continuum. Interoperable and secure information and telecommunications systems for defence, security, and civil operators, are based upon innovative use of radiocommunications, networks, and cybersecurity. We are ground breaking new digital technologies such as 4G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems.
Together we offer fantastic opportunities for committed employees to learn and develop their career with us. At Thales UK, we research, develop, and supply technology and services that impact the lives of millions of people each day to make life better, and keep us safer. We innovate across five major industries; Aerospace, Defence, Ground Transportation, Security and Space. Your health and well-being matters to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.
Pen tester/Assurance tester
Core Benefits: Competitive Salary plus bonus, private healthcare, 201 hours holiday and pension plus other great benefits such as excellent maternity/paternity leave.
What does the job involve?
- Vulnerability Assessments and audits to identify and classify the security vulnerabilities in a solution and engineering process, using industry standard security tools and databases to support the activity.
- Provision of vulnerability management advice to solution engineers including scoping of testing and contextualisation of results.
- Penetration Testing to demonstrate the exploitability of vulnerabilities in a system to show that meaningful data can be extracted from the system.
- Red Team attacks as an adversary against an organisation to assist in improving an organisation’s security posture.
- Digital forensics using tools and methods to identify collect and analyse digital artefacts to support security investigations.
- Plan control, report and manage the risk for a defined package of work to ensure delivery of on time, budget and quality products
What are we looking for?
- Qualifications are CREST Registered Tester, Tiger Scheme or OSCP certification.
- Understanding of vulnerabilities and the exploitation of:
- Networks and protocols;
- Embedded systems;
- Operating Systems and Virtualisation environments;
- Software packages, Web and Mobile applications;
- Cloud environments.
- Understanding of how malware is deployed and attacks systems and how malware can be analysed and defended against.
- Understanding of the motivation, capabilities, tactics, tools and characteristics that an attacker might take to prosecute their attack.
- Development of tests that demonstrate the effectiveness of the design to meet the security requirements.
- Detailed examination of a solution to identify how it operates and gain an understanding of the security flaws in the system through black box and white box testing approaches.
- Knowledge of how software vulnerabilities and how they occur, and of techniques that can be used to prevent or detect such vulnerabilities, or to mitigate their exploitation.
- Understand of the software development processes for implementing secure software from the design of the software to the operational use of the software.
- Reviewing software code for security vulnerabilities.
- Research into emerging security issues.
- High standards in written report and design documentation.
In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and/or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence required to apply for Baseline and Security Clearance please refer to the Defence Business Services National Security Vetting (DBS NSV) Agency.
At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!