Understand complex computer systems and technical cyber security terms.
Work with clients to determine their requirements from the test, for example, the number and type of systems they would like testing.
Plan and create penetration methods, scripts and tests.
Carry out remote testing of a client's network or onsite testing of their infrastructure to expose weaknesses in security.
Simulate security breaches to test a system's relative security.
Create reports and recommendations from your findings, including the security issues uncovered and level of risk.
Advise on methods to fix or lower security risks to systems.
Present your findings, risks and conclusions to management and other relevant parties.
Consider the impact your 'attack' will have on the business and its users.
Understand how the flaws that you identify could affect a business, or business function, if they're not fixed.
Skills
An in-depth understanding of computer systems and their operation.
Excellent spoken and written communication to explain your methods to a technical and non-technical audience.
Attention to detail, to be able to plan and execute tests while considering client requirements.
The ability to think creatively and strategically to penetrate security systems.
Good time management and organizational skills to meet client deadlines.
Ethical integrity to be trusted with a high level of confidential information.
The ability to think laterally and 'outside the box'.
Teamwork skills, to support colleagues and share techniques.
Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done.
Business skills to understand the implications of any weaknesses you find.
Commitment to continuously updating your technical knowledge base.
Qualifications
A relevant degree, in-depth knowledge of computer operating systems and at least two to four years of experience in a role related to information security. Degree subjects include:
computer science.
computing and information systems.
cyber security.
forensic computing.
network management.
computer systems engineering.
Professional qualifications such as LPT, OSCP, CEH are plus.
3+ years of experience in the related field.
Fluent in English (Reading, Speaking and Writing).