We are seeking a highly skilled Cyber Essentials Plus Assessor and Penetration Tester to join our team. The successful candidate will be responsible for conducting Cyber Essentials Plus (CE+) assessments, security audits, and penetration testing engagements. You will work closely with clients to assess their security posture, identify vulnerabilities, and provide actionable recommendations to enhance their cyber resilience.
Key Responsibilities:
* Perform Cyber Essentials Plus assessments in accordance with the NCSC and IASME frameworks.
* Conduct internal and external penetration testing, including network, web application, and wireless testing.
* Assess system configurations, endpoint security, and access controls to ensure compliance with Cyber Essentials Plus requirements.
* Produce comprehensive and accurate reports detailing security vulnerabilities and remediation recommendations.
* Provide expert guidance to clients on achieving and maintaining Cyber Essentials and Cyber Essentials Plus certification.
* Collaborate with clients to conduct scoping assessments and understand business risks.
* Assist in the development and delivery of security awareness training and advisory services.
* Stay up to date with the latest security threats, trends, and best practices.
* Work closely with internal teams to enhance service delivery and improve security assessment methodologies.
Key Skills and Qualifications:
* Essential:
* Cyber Essentials Plus Assessor certification – CSTM/CSTL, OSCP, CREST, CISSP, CEH, or similar
* Experience conducting Cyber Essentials Plus assessments.
* Strong knowledge of cybersecurity principles, vulnerabilities, and attack methodologies.
* Experience with penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, or similar.
* Knowledge of network security, web application security, and endpoint security.
* Ability to produce clear, concise, and professional reports.
* Strong communication skills and ability to interact with clients at all levels.
* Desirable:
* Certifications such as OSCP, CREST, CISSP, CEH, or similar.
* Experience with vulnerability scanning tools and SIEM solutions.
* Familiarity with regulatory and compliance frameworks such as ISO 27001, GDPR, or NIST.
* Scripting knowledge (Python, PowerShell, or Bash) for automation of security tasks.
Benefits:
* Competitive salary and performance-based incentives.
* Opportunities for professional development and certification support.
* Flexible working arrangements (Remote).
* Exposure to a variety of industries and cybersecurity challenges.
* A supportive and innovative work environment.
How to Apply:
If you are passionate about cybersecurity and have the skills to help organizations improve their security posture, we would love to hear from you. Please submit your resume and a cover letter detailing your experience and qualifications to :
info@cyberlock.co.uk