SC Cleared Lead Cybersecurity Penetration Tester

On behalf of The Home Office, we are looking for a Lead Cybersecurity Penetration Tester (Inside IR35) for a 12 Month contract based Hybrid in Croydon.

The Lead Cybersecurity Penetration Tester will play a crucial role in identifying, assessing, and mitigating security vulnerabilities within the government department's IT infrastructure. The ideal candidate will have a deep understanding of cybersecurity principles, hands-on experience with penetration testing tools and methodologies, and relevant certifications to validate their expertise. This role requires a proactive and analytical mindset to protect sensitive government data and ensure compliance with regulatory standards. Ideally you will be Security Cleared to SC and NPPV3.

As a Lead Cybersecurity Penetration Tester, your main responsibilities will be to:
* Conduct thorough penetration tests on internal and external networks, web applications, and other systems.
* Identify security vulnerabilities and weaknesses in various systems, applications, and networks.
* Develop and execute detailed testing plans, scripts, and methodologies for penetration testing.
* Perform manual and automated security testing using industry-standard tools and techniques.
* Analyse test results to provide actionable insights and recommendations for remediation.
* Collaborate with IT teams to understand the architecture and design of systems for effective testing.
* Provide detailed reports of findings, including risk assessments and potential impacts.
* Assist in the development and implementation of security policies, procedures, and best practices.
* Keep up to date with the latest security threats, vulnerabilities, and technology trends.
* Conduct security audits to ensure compliance with government regulations and standards.
* Provide training and guidance to IT staff on security best practices and threat mitigation.
* Participate in incident response efforts to analyse and mitigate security breaches.

Essential:
* SC Clearance is an essential requirement for this role and NPPV3, (as a minimum you must be eligible and willing to undergo these checks).
* Minimum of 3-5 years' experience in penetration testing, vulnerability assessment, and/or ethical hacking.
* In-depth knowledge of penetration testing methodologies and tools, such as Metasploit, Burp Suite, Nmap, Nessus, etc.
* Strong understanding of network protocols, network services, and system architecture.
* Proficiency in scripting and programming languages such as Python, Bash, or PowerShell.
* Ability to think creatively and strategically to outsmart potential attackers.
* Excellent problem-solving and analytical skills.
* Strong written and verbal communication skills for reporting and explaining vulnerabilities and their impact.
* Experience with security frameworks and compliance standards, such as NIST, ISO 27001, and GDPR.
* Ability to work independently and as part of a team.
* High level of integrity and confidentiality, especially when handling sensitive information.
* Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Essential Certifications:

Must have at least two of the following
* Certified Ethical Hacker (CEH)
* Offensive Security Certified Professional (OSCP)
* Certified Information Systems Security Professional (CISSP) or equivalent
* CREST Registered Tester (CRT) or CREST Certified Tester (CCT)
* CHECK Team Leader (CTL) or CHECK Team Member (CTM)

Preferred Certifications:
* CHECK Team Leader (CTL) or CHECK Team Member (CTM)
* GIAC Penetration Tester (GPEN)
* Offensive Security Certified Expert (OSCE)
* Certified Penetration Testing Engineer (CPTE)
* Certified Information Systems Auditor (CISA)

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident

As a member of the Disability Confident Scheme, the Home Office guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group.

Armed Forces Covenant

The Home Office guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".