• Consultant, Security Testing (London or Manchester)

    Requisition ID 2450006
    Job Family GB-London
  • Posting Description

    Consultant, Security Testing

     

    We’re hiring!

     

    Aon and Proactive Security Testing are currently recruiting a Consultant to join our teams in London and Manchester. When not working on client site, this will be an office-based role in London or Manchester.

     

    The Security Testing team, formerly Gotham Digital Science (GDS), provides a challenging and exciting work environment that offers a healthy combination of autonomy and senior level support. The team publishes books and security blogs, contributes to open source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere.

     

    About Aon

     

    Headquartered in London, Aon Plc is a leading global professional services firm providing a broad range of risk, retirement and health solutions.  Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.

     

    Aon is an equal opportunities employer.  Aon's recruitment and selection policy ensures the best possible skill mix of colleagues and the highest quality candidates are appointed using objective job-related criteria.

     

    About Gotham Digital Science (GDS)

     

    Gotham Digital Science (GDS), an Aon company, is an international security services company specialising in Application and Network Infrastructure security, and Information Security Risk Management. GDS security specialists work with clients to assess risk and design, build, and maintain secure applications and networks.

     

    In the United Kingdom GDS is a member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing GDS to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. GDS is also an accredited CBEST penetration testing provider, allowing GDS to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. Additionally, GDS is a Certifying Company under the UK Government Cyber Essentials scheme, allowing GDS to assess and certify organisations to the Cyber Essentials standard.

     

    About the Role

     

    As a Consultant, you will be expected to perform the following services:

    • Application penetration testing and application source code review.
    • Secure Development Lifecycle consultancy and advisory.
    • Vulnerability and penetration assessments on Internet exposed and internal systems.
    • Applying and developing appropriate exploits to gain access, and expand access to remote systems.
    • Documenting technical issues identified during security assessments.

     

    Responsible for working in accordance with the Aon UK Limited Risk Management Framework, and compliance with the Aon UK Limited policies, including participation in the management of risks (including completion of mandatory training) that may adversely affect the business, interests or reputation of any Group Company.

     

    About you

     

    The following qualifications are expected from potential applicants:

    • Demonstrable experience in application and/or infrastructure penetration testing above and beyond running automated tools.
    • Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, Python or Java is essential.
    • A good understanding of Unix, Windows and network security skills.
    • Excellent written and communication skills in English.
    • Ability to work both independently and in a team environment.
    • Offensive Security Certified Professional (OSCP) or CREST Registered Tester (CRT).
    • Degree from an accredited University or equivalent.

     

    The following skills are not required from applicants but would be considered a differentiator:

    • Currently resident within the United Kingdom, or not requiring work permit sponsorship.
    • CREST Certified Tester (CCT).
    • Degree in Computer Science, Information Systems, Engineering or related major.
    • Experience working as part of an enterprise development team.
    • Experience developing custom scripts or tools used for vulnerability scanning and identification.
    • British National able to gain/hold UK government SC clearance.
    • Fluency in one or more Western European languages.

    Salary and Benefits

     

    This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you will also have the opportunity to choose additional benefits, including healthcare, childcare vouchers and additional holiday.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Join our Talent Community to stay informed about Aon opportunities.