• Senior Consultant, Security Testing

    Requisition ID 2450008
    Job Locations GB-London
  • Posting Description

    We’re hiring!


    This is an exciting opportunity for candidates with substantial experience in Penetration Testing, looking to take the next step up to further develop their skills an become an subject matter expert in the field.


    You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development.


    Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere.

    In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. Additionally, we are a Certifying Company under the UK Government Cyber Essentials scheme, allowing us to assess and certify organisations to the Cyber Essentials standard.


    About the role


     As a Senior Consultant, you can expect to get involved in:


    • Application penetration testing and application source code review.
    • Secure Development Lifecycle consultancy and advisory.
    • Vulnerability and penetration assessments on Internet exposed and internal systems.
    • Applying and developing appropriate exploits to gain access, and expand access to remote systems.
    • Documenting technical issues identified during security assessments.
    • Interface with clients when working on engagements on-site.
    • Mentoring more junior colleagues and supporting managers whenever necessary.
    • Perform peer review and quality checks on work product from other colleagues.
    • Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications.

     About you


    The following qualifications are expected from potential applicants:


    • At least 3 years of experience in performing application and/or infrastructure penetration testing independently.
    • Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java.
    • Familiarity with threat modelling and security design review methodologies.
    • A good understanding of Unix, Windows and network security.
    • Degree from an accredited University or equivalent.
    • CREST Certified Tester (CCT) or equivalent.
    • Excellent written and communication skills in English.
    • Ability to work both independently and in a team environment.
    • Passion for technology and a drive for self-learning, paired with good customer facing skills.
    • Currently resident within the European Union, or not requiring work permit sponsorship.

     The following items are not required but would be considered a differentiator:


    • Additional security and penetration testing certifications.
    • Degree in Computer Science, Information Systems, Engineering or related major.
    • Experience working as part of an enterprise development team.
    • Experience developing custom scripts or tools used for vulnerability scanning and identification.
    • Fluency in an additional Western European language, other than English.

     Salary and Benefits


    This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. (Through our flexible benefits, you will also have the opportunity to choose additional benefits, including healthcare, childcare vouchers and additional holiday.


    About Cyber Solutions


    Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.


    About Aon


    Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Join our Talent Community to stay informed about Aon opportunities.