Penetration Testing

Penetration Testing

Posted 2 weeks ago by LSA Recruit

Apply
Negotiable
Undetermined
Undetermined
Greater London, England, United Kingdom
Apply
Authentications Code Injection Configuration Management Data Encryption Data Flow Diagram Encompass (Mortgage Software) Encryption Information Technology Infrastructure Library Intrusion Detection And Prevention Intrusion Detection Systems Management Penetration Testing Privilege Escalation Scripting SQL (Programming Language) SQL Injection Systems Architecture Technical Documentation Vulnerability Vulnerability Assessments

Summary: The role involves conducting a comprehensive penetration testing review to evaluate the security of a newly implemented IT system and its infrastructure. The position also requires the development and assessment of documentation for the system framework to ensure it meets industry best practices and compliance standards. Key tasks include identifying vulnerabilities, assessing their impact, and providing recommendations for mitigation, as well as reviewing and creating necessary documentation.

Key Responsibilities:

  • Conduct a comprehensive penetration testing review to evaluate the security of the IT system and its infrastructure.
  • Identify vulnerabilities and assess their potential impact.
  • Provide actionable recommendations for mitigation.
  • Simulate external and internal attack scenarios targeting various vulnerabilities.
  • Assess the effectiveness of existing security controls, including firewalls and intrusion detection systems.
  • Develop and assess comprehensive documentation for the system framework.
  • Review existing documentation for accuracy and completeness.
  • Create missing or incomplete documents aligned with industry standards.

Key Skills:

  • Experience in penetration testing and vulnerability assessment.
  • Knowledge of security vulnerabilities such as SQL injection and XSS.
  • Familiarity with security controls like firewalls and encryption protocols.
  • Ability to develop and assess technical documentation.
  • Understanding of industry standards like ISO/IEC 27001 and ITIL.

Salary (Rate): undetermined

City: Greater London

Country: United Kingdom

Working Arrangements: undetermined

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

They are looking for t a comprehensive penetration testing review to evaluate the security of the newly implemented IT system and its associated infrastructure. The review should identify vulnerabilities, assess their potential impact, and provide actionable recommendations for mitigation. It should encompass both external and internal attack scenarios to simulate real-world threats, targeting vulnerabilities such as SQL injection, cross-site scripting (XSS), authentication bypass, and privilege escalation, while also assessing the effectiveness of existing security controls, including firewalls, intrusion detection systems, and encryption protocols.

System Framework Documentation They are also looking to develop and assess comprehensive documentation for the system framework to ensure clarity, completeness, and alignment with industry best practices, supporting ongoing maintenance and compliance. This should involve reviewing existing documentation, such as system architecture, design specifications, configuration details, and operational procedures, for accuracy and completeness, and developing any missing or incomplete documents, including system architecture diagrams, configuration management plans, operational and maintenance procedures, data flow and integration documentation, and security and access control policies, all aligned with standards like ISO/IEC 27001 and ITIL.

Apply
Similar Jobs
Loading data...