• Associate, Security Testing

    Requisition ID 2455069
    Job Locations GB-LAN-Manchester
  • Posting Description

    Associate, Security Testing


    We’re hiring!


    The Proactive Security Testing team are currently recruiting an Associate to join our team in Manchester. When not working on client site, this will be an office-based role.


    The Security Testing team, formerly Gotham Digital Science (GDS) provides a challenging and exciting work environment that offers a healthy combination of autonomy and senior level support. The team publishes books and security blogs, contributes to open source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere.


    About Aon


    Headquartered in London, Aon Plc is a leading global professional services firm providing a broad range of risk, retirement and health solutions.  Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.


    Aon is an equal opportunities employer.  Aon's recruitment and selection policy ensures the best possible skill mix of colleagues and the highest quality candidates are appointed using objective job-related criteria.


    About Gotham Digital Science (GDS)


    Gotham Digital Science (GDS), an Aon company, is an international security services company specialising in Application and Network Infrastructure security, and Information Security Risk Management. GDS security specialists work with clients to assess risk and design, build, and maintain secure applications and networks.


    In the United Kingdom GDS is a member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing GDS to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. GDS is also an accredited CBEST penetration testing provider, allowing GDS to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. Additionally, GDS is a Certifying Company under the UK Government Cyber Essentials scheme, allowing GDS to assess and certify organisations to the Cyber Essentials standard.


    About the Role


    As an Associate Security Consultant, you will be expected to perform the following services:

    • Application penetration testing and application source code review.
    • Secure Development Lifecycle consultancy and advisory.
    • Vulnerability and penetration assessments on Internet exposed and internal systems.
    • Applying and developing appropriate exploits to gain access, and expand access to remote systems.
    • Documenting technical issues identified during security assessments.


    Responsible for working in accordance with the Aon UK Limited Risk Management Framework, and compliance with the Aon UK Limited policies, including participation in the management of risks (including completion of mandatory training) that may adversely affect the business, interests or reputation of any Group Company.


    About you


    The following qualifications are expected from potential applicants:


    • Application and/or infrastructure penetration testing experience above and beyond running automated tools.
    • Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, Python or Java.
    • A good understanding of Unix, Windows and network security skills.
    • Excellent written and communication skills in English.
    • Ability to work both independently and in a team environment.
    • Degree from an accredited University or equivalent.


    The following skills are not required from applicants but would be considered a differentiator:


    • Previous experience working as a penetration testing professional.
    • Currently resident within the United Kingdom, or not requiring work permit sponsorship.
    • Offensive Security Certified Professional (OSCP) or CREST Registered Tester (CRT).
    • Degree in Computer Science, Information Systems, Engineering or related major.
    • Experience working as part of an enterprise development team.
    • Experience developing custom scripts or tools used for vulnerability scanning and identification.
    • British National able to gain/hold UK government SC clearance.
    • Fluency in one or more Western European languages.


    Salary and Benefits


    This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you will also have the opportunity to choose additional benefits, including healthcare, childcare vouchers and additional holiday.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Join our Talent Community to stay informed about Aon opportunities.