Penetration Tester (Ethical Hacker) in Nihon Cyber Defence

About the job

Nihon Cyber Defence (NCD) are a global cyber security company, headquartered in Tokyo, Japan with a UK and European base in Belfast, Northern Ireland; Kyiv, Ukraine, and Krakow, Poland. The NCD global incident management deliver penetration testing and vulnerability assessments globally.

We are seeking a skilled Penetration Tester who will be responsible for delivering cyber security consultancy services with a focus on vulnerability assessment and penetration testing operations. The successful applicant will be part of a global team delivering the preventative cyber security services alongside a team of cyber security consultants and contractors, reporting to the Team Leads, Head of Incident Management UK and Global Management Team as required. The role is office based with hybrid opportunities. Travel, both national and international, may be required on an infrequent basis dependant on operational requirements.

Qualifications and Experience sought:

Industry recognised certifications such as Certified Ethical Hacker (CEH), CREST, CHECK or OCSP certification among others… are an advantage but experience is essential.

Responsibilities

• Vulnerability Assessment:
  • Conduct thorough assessments of our systems, networks, and applications.
  • Identify security weaknesses, misconfigurations, and potential entry points.
  • Collaborate with cross-functional teams to prioritize remediation efforts.
• Simulated Attacks:
  • Execute pre-authorized cyberattacks to test our defenses.
  • Utilize various hacking techniques, including network scanning, social engineering, and exploitation of software vulnerabilities.
  • Think like an adversary to uncover hidden risks.
• Detailed Reporting:
  • Document your findings meticulously.
  • Prepare comprehensive reports detailing vulnerabilities, attack vectors, and recommended solutions.
  • Communicate technical information clearly to both technical and non-technical stakeholders.
• Compliance and Standards:
  • Assist in ensuring compliance with industry standards (such as PCI DSS, ISO 27001, or NIST).
  • Help bridge the gap between security policies and practical implementation.

Qualifications and Skills

• 3+ years in penetration testing (or alternatively successful bughunting)
• Knowledge of various vulnerability types (OWASP Top10, CWE Top 25). Being current with the latest major CVEs
• Knowledge of the penetration testing and assessment methodologies (like PTES, OWASP ASVS, etc.)
• Technical Proficiency:
  • Strong understanding of computer systems, networks, and cybersecurity concepts.
  • Proficiency in tools such as Metasploit, Nmap, and Burp Suite.
• Analytical Thinking:
  • Ability to dissect complex systems and identify security gaps.
  • Creative problem-solving skills to devise effective attack scenarios.
• Communication:
  • Excellent verbal and written communication skills.
  • Ability to convey technical information in a clear and concise manner.

Career Path and Growth Opportunities

As a Penetration Tester, you’ll have the chance to continuously learn and evolve. You’ll collaborate with professionals, contribute to our service development, and make a tangible impact on our clients’ resilience. Opportunities for certifications (such as CEH, OSCP, or CISSP) and career advancement await the right candidate.

Note: This position requires ethical conduct, adherence to legal boundaries, and a commitment to protecting our clients and their data.

Applications are welcome from all backgrounds and diversities.

Successful applicants will be required to undergo background and security checks prior to appointment.

Salary and benefits are negotiable for the right candidate, but please contact us, confidentially, for further details and information.