Careers

Role: Security Analyst – Incident Response Specialist

Job type: Full time

Location: Office working

About Us;

‍At Pentest People, our mission is to innovate and provide businesses of all sizes in the UK with top-of-the-line Penetration Testing as a Service.

To get there - Our Vision is to be Your Innovative, Friendly and Knowledgeable Cyber Security Team, Supporting You to Protect Your Digital Assets & Infrastructure

We look for people who align to our values, Honesty, Innovation, Unity, Quality, Passion, and Development.

The Opportunity:

As a Security Analyst focusing on Incident Response, you'll have the unique opportunity to specialise in one of the most critical aspects of cybersecurity. You will work closely with our experienced and passionate team to plan, execute, and oversee Incident Response operations for our diverse client base. Importantly, we want your ideas and expertise to help shape and contribute to the continuous improvement of the service.

Responsibilities:

• Conduct initial incident assessments and contribute to Incident Response planning.
• Participate in live Incident Response operations with a 24/7 - 4hr response time.
• Perform security assessments, threat intelligence gathering, and OSINT analysis.
• Assist in tabletop exercising, playbook creation.
• Collaborate with other departments to provide a holistic cybersecurity service.

Qualifications:

Educational Background: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.

Certifications:

One or more of the following certifications would be beneficial:

• CompTIA Security+
• Certified Incident Handler (GCIH)
• Microsoft Certified

Experience:

• Minimum of 3 years of experience in cybersecurity, preferably with at least 1 year in an Incident Response role.
• Familiarity with security frameworks such as NIST, SANS, ISO 27001, or CIS Controls.

Technical Skills:

• Strong understanding of various operating systems (Windows, macOS, Linux).
• Familiarity with network protocols and architecture.
• Experience in log analysis from various security tools (SIEM, IDS/IPS, Firewalls, etc.).
  

Soft Skills:

• Excellent communication skills, both written and verbal.
• Strong analytical and problem-solving abilities.
• Ability to work well in a team as well as independently.

Desirable:

• Scripting skills (Python, Bash, or similar).
• Experience with cloud environments (AWS, Azure, GCP).
• Knowledge of the MITRE ATT&CK framework.
• Threat Hunting experience.

What We Offer:

• Opportunity to work across a wide range of cybersecurity domains, with a specialisation in Incident Response.
• Continuous learning and development programs.
• Competitive salary and benefits.

‍

Job type: Full time

Location: Office working

About Us;

At Pentest People, our mission is to innovate and provide businesses of all sizes in the UK with top-of-the-line Penetration Testing as a Service.

To get there - Our Vision is to be Your Innovative, Friendly and Knowledgeable Cyber Security Team, Supporting You to Protect Your Digital Assets & Infrastructure

We look for people who align to our values, Honesty, Innovation, Unity, Quality, Passion, and Development.

About the role:

Pentest People are looking for an enthusiastic Service Desk Manager to join our fast-growing team, based in Leeds. A typical day in the life of a Service Team Manager would be overseeing service desk team performance, ensuring all our managed/Automated scanning services (External, internal & Web Application) are operating as expected, liaising/supporting with any client queries, and mentoring our apprentice team.

Pentest People cover a wide range of services from applications (web, mobile, API), infrastructure, social engineering (phishing, vishing, physical intrusion) and cloud testing.

We work in an ever-changing environment. We love candidates who embrace change and keen to get stuck into challenges.

Responsibilities:

• Management of Service desk team. Team size currently 3 FTE.
• Monthly 121’s and hold regular meetings with team
• Attend management meetings
• Onboarding clients onto our scanning services
• Remediate any Technical issues with clients managed/automated scanning services
• Day to day use of 3^rd party scanning systems; Burp suite, and Tenable
• Experience Jira preferable
• Triage Jira board and assign internal/external queries to correct area
• Support internal process improvements & governance
• Complete Monthly management reports for Head of Operations

‍

Job type: Full time
Location: Leeds offices

Description:

Pentest People are looking for enthusiastic security consultants to join our fast-growing consultancy, based in Leeds. A typical day in the life of a security consultant would involve testing applications/infrastructures and assisting sales with scoping and writing reports. We are looking to speak to security consultants, cybersecurity graduates or those with relevant work experience.

Pentest People cover a wide range of services from applications (web, mobile, API), infrastructure, social engineering (phishing, vishing, physical intrusion) and cloud testing. We offer consultants the opportunity to test over all areas but typically specialise in one.
Bonus points for bringing vulnerable applications or virtual machines that you have created yourself to the interview! Be creative, show us something that you are interested in...
It should be noted that an excellent level of written English is absolutely essential for this role.

Responsibilities:
Performing Penetration Tests

Writing High Quality Reports

Scoping Work

Client Interaction

Cultural & work environment

Your diary will be constantly changing in a high paced work environment. In non-covid times, infrastructure testers are likely to be travelling regularly around the UK and sometimes abroad. Some travel is also required for application specialists. You will be offered support from all consultants, and you will be expected to do the same once you have experience.
Love talking about the latest vulnerabilities, showing off new tools that you have created, and an endless supply of memes? You will fit in well at Pentest People.

Profiles:

Already work in security? This is what we expect your profile to look like.
Experience in one, or both of the following areas:

Application Testing

Fluent with burp suite professional

An understanding of core networking protocols (TCP/IP, UDP, SSH, FTP etc.)

Confident with creating basic CRUD (create, read, update, delete) style applications using HTML, CSS, Javascript and any preferred backend language.

Ability or willingness to learn scripting in one or more of the following languages: Ruby,Python, Go
Excellent written skills

CTM/CTL desirable

Infrastructure Testing

Proven experience with Windows/Linux Operating systems and applications

Experience with specific testing tools such as nmap/metasploit/kali linux suite of tools etc

Understanding of networking including subnets

Willingness to learn enumeration and exploitation techniques as part of a network security assessment

Excellent written skills

CTM/CTL desirable

Currently, work in technology but no experience penetrating testing? This is a non-exhaustive list of profiles that we look for.

You are still expected to have good working knowledge of security practice and principles in your specialist area.

Application Testing

Web Developers

Software Developers

DBA

Infrastructure Testing

Sys Admins

Infrastructure Engineers

Security Analysts

Don’t work in technology but want to change careers?

We are willing to consider applicants with no previous technology experience or entry-level roles. These candidates are expected to be able to demonstrate a high aptitude of knowledge in either infrastructure or application technologies and a desire to learn. OSCP is one way to achieve this.