Cybersecurity Consultant

About us:
We are an international company with offices in the UK, Portugal, and the US. The Virtual Forge works with organisations to create digital and technology platforms to drive transformation, develop capabilities and deliver digital and transactional experiences that build business around the world.
We’re looking for a Cybersecurity Consultant.

You'll be working as a consultant to our company clients.

Role Overview:
You must be a qualified Penetration Tester with appropriate certification to work in European and American markets.
You will be working on both internal projects providing validation, testing, exit reports and knowledge transfer as well as working with and on client, site doing consultancy, security strategy and penetration testing

You will conduct security penetration tests against our own and client systems, infrastructure, and applications, following industry best practices and methodologies using automated tools, ad-hoc tools, and manual testing.

You will execute security controls to prevent hackers from infiltrating company information or jeopardizing programs

You will research the latest security protocols, violations and remediations

You will create the required information security documentation required for both internal and client-facing projects

You will escalate to appropriate management, and provides timely, relevant updates and periodic reports as needed

Works to educate internal partners on current threats and remediations
You will work to establish partnerships to aid in the remediation processes

You will maintain a working knowledge of cyber threats, hacker tactics, techniques and procedures

You will provide input into securing business processes as appropriate and as requested by the directors

About you:

• 5-7 years of experience in software development life cycle

• 2-5 years of experience in Information Security

• Excellent problem solving, decision-making, and investigative skills

• Experienced in establishing and maintaining effective working relationships with employees and clients

• Ability to exercise discretion and maintain confidentiality

• Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization

• Proficiency in time management, project management, presentation, and organizational skills

• Working knowledge of security and network technologies, ability to interpret vulnerabilities, exploit and pivot through application and network environments

• Previous auditing/consulting and/or penetration testing experience

• Familiarity with multi-platform environments and their operational/security consideration.

• One or more of this certifications: OSCP; CREST; CREST; ISO/IEC 27001 - Information Security

• Pragmatic

Plus:

• Familiarity/experience with most or all of the below technologies:
• Forensics Tools: Metasploit and Meterpreter
• Networking tools (Nmap, Wireshark, Netcat, Hping, Sysinternals, Scapy, etc.)
• Web protocols (HTTP, HTTPs and SOAP) and technologies (HTML, XML and REST)
• Scripting (Perl, PowerShell, Ruby, Python, PowerScript, JavaScript) and application development skills
• Firewall, IPsec and SSL VPNs, IDS/IPS, WLANs
• Amazon Web Services