Senior Penetration Tester

Built for the people always on the move, W1TTY is the UK start-up fintech company focused on hassle-free domestic and international transfers, peer-to-peer payments, and retail and agrarian financial programs. In its customer-centric mobile app, meeting the highest standards of security and safety, W1TTY will offer current accounts, debit cards, payments, and value-added lifestyle services. W1TTY will also introduce the network of diverse personal and business memberships designed to revolutionize the way its users manage their finance. Our mission and vision are to empower the lives of all our users globally. 

With W1TTY, young students, small businesses, and financially excluded communities enter not only a user-friendly mobile app but also the system of unique financial programs supporting those individuals and groups who are underserved. Our financial features are created in an uncomplicated and fair play, ready to serve those who need them the most.

We are seeking a Senior Security Penetration Tester to join our Cyber Security team and take lead in performing security testing of applications, networks and infrastructures, including vulnerability assessments, penetration testing and manual testing techniques.

Key Responsibilities:

• Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems and mobile applications/devices
• Develop and maintain security testing plans
• Automate penetration and other security testing on networks, systems and applications
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Produce actionable, threat-based, reports on security testing results
• Mentor and coach other IT security staff to provide guidance and expertise
• Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
• Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators

Skills and Experience:

• Previous working experience as a Senior Penetration Tester or similar
• In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
• Hands on experience with testing frameworks such as the PTES and OWASP
• Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
• Critical thinker and problem solver
• Excellent organizational and time management skills

Certification:

• One or more recognized security and cloud specific certifications, e.g., SANS GPEN, CEH, OSCP, OSWE

Job Context:

• Home Office (Remote position); international travel may be required

Company offers:

• Work in an international start-up company;
• Various opportunities to grow within the company;
• Competitive salary;
• Possibility to make an impact on international business success.