• Consultant, Security Testing

    Requisition ID 2450006
    Job Family GB-London
  • Posting Description

    We’re hiring!


    This is an exciting opportunity for candidates with previous experience in Penetration Testing and that are looking to consolidate and grow their career.


    You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development.


    Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere.


    In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. Additionally, we are a Certifying Company under the UK Government Cyber Essentials scheme, allowing us to assess and certify organisations to the Cyber Essentials standard.


    About the role


    As an Associate, you can expect to get involved in:


    • Application penetration testing and application source code review.
    • Secure Development Lifecycle consultancy and advisory.
    • Vulnerability and penetration assessments on Internet exposed and internal systems.
    • Applying and developing appropriate exploits to gain access, and expand access to remote systems.
    • Documenting technical issues identified during security assessments.
    • Interfacing with clients when working on engagements on-site.
    • Mentoring more junior colleagues.
    • Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications.

     About you


    The following qualifications are expected from potential applicants:


    • Demonstrable experience in application and/or infrastructure penetration testing above and beyond running automated tools.
    • Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java.
    • A good understanding of Unix, Windows and network security.
    • Excellent written and communication skills in English.
    • Ability to work both independently and in a team environment.
    • Passion for technology and a drive for self-learning, paired with good customer facing skills.
    • Currently resident within the European Union, or not requiring work permit sponsorship.

     The following items are not required but would be considered a differentiator:


    • Offensive Security Certified Professional (OSCP) or CREST Registered Tester (CRT).
    • CREST Certified Tester (CCT).
    • Degree in Computer Science, Information Systems, Engineering or related major.
    • Experience working as part of an enterprise development team.
    • Experience developing custom scripts or tools used for vulnerability scanning and identification.
    • Fluency in an additional Western European language, other than English.


    Salary and Benefits


    This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you will also have the opportunity to choose additional benefits, including healthcare, childcare vouchers and additional holiday.


    About Cyber Solutions


    Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.


    About Aon


    Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Join our Talent Community to stay informed about Aon opportunities.