At a Glance
- Tasks: Lead advanced penetration tests and engage in sophisticated Red Team projects.
- Company: Join Alice, a cutting-edge trust and security company for the AI era.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Dynamic team environment with opportunities to work on innovative security solutions.
- Why this job: Make a real impact by safeguarding technologies in a rapidly evolving landscape.
- Qualifications: 3+ years in application security, strong coding skills, and knowledge of OWASP Top 10.
The predicted salary is between 60000 - 80000 £ per year.
We are seeking a highly motivated and technically proficient Senior Penetration Tester to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world. You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems.
What you’ll do
- Lead and execute comprehensive, technically rigorous penetration tests targeting complex web applications, modern API architectures, and enterprise systems for organizations with significant global presence.
- Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints, development of novel bypass techniques for established security controls, and lateral movement within target environments.
- Contribute substantively to the design, development, and maintenance of proprietary internal security tools and automation frameworks to enhance the efficacy and efficiency of offensive operations.
Requirements
- Minimum of 3 years of proven, hands‑on experience in application security analysis, with a heavy emphasis on complex API penetration testing and a mastery of the OWASP Top 10 landscape.
- Proficiency in developing and automating tasks using at least one language like Python, JavaScript, or GoLang.
- Strong experience with static and dynamic analysis of Android and iOS applications, including hands‑on experience with techniques like detours, hooking, and runtime code manipulation.
- Deep, hands‑on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
- Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes.
Nice to have
- OSCP, OSWE, eWPTXv2, CRTP, or other high‑level offensive certifications.
- Hands‑on experience with industry‑standard reversing tools like JADX, Ghidra, or IDA Pro.
- Demonstrated online achievements, write‑ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
About Alice
Alice is a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact‑whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, Alice provides end‑to‑end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre‑deployment red‑teaming to runtime guardrails and ongoing drift detection.
Application Security Researcher in London employer: Alice
Alice is an exceptional employer that fosters a dynamic and innovative work culture, where employees are encouraged to push the boundaries of application security in the rapidly evolving AI landscape. With a strong emphasis on professional growth, team collaboration, and cutting-edge projects, employees have the opportunity to engage in meaningful work that directly impacts global security standards. Located in a vibrant tech hub, Alice offers competitive benefits and a supportive environment that values continuous learning and development.
StudySmarter Expert Advice🤫
We think this is how you could land Application Security Researcher in London
✨Tip Number 1
Network like a pro! Attend industry meetups, conferences, or online webinars related to application security. Engaging with professionals in the field can lead to valuable connections and potential job opportunities.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, write-ups, or contributions to platforms like HackTheBox. This not only demonstrates your expertise but also makes you stand out to employers.
✨Tip Number 3
Prepare for interviews by practising common technical questions and scenarios related to application security. We recommend doing mock interviews with friends or using online platforms to get comfortable with the process.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Application Security Researcher in London
Some tips for your application 🫡
Show Off Your Skills:When you're writing your application, make sure to highlight your hands-on experience in application security analysis. We want to see your mastery of complex API penetration testing and how well you know the OWASP Top 10 landscape.
Be Detailed and Organised:We love attention to detail! Make sure your application is well-structured and free of errors. This reflects your organisational skills, which are super important for the role. A clear and concise application will definitely catch our eye.
Share Your Passion for Learning:Let us know about your eagerness to learn new things! Mention any recent projects or research you've done that showcases your problem-solving skills and your commitment to staying updated with the latest tactics in penetration testing.
Apply Through Our Website:Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it makes the whole process smoother for everyone involved.
How to prepare for a job interview at Alice
✨Know Your Stuff
Make sure you brush up on your application security knowledge, especially the OWASP Top 10. Be ready to discuss your hands-on experience with complex API penetration testing and any relevant projects you've worked on.
✨Show Off Your Skills
Prepare to demonstrate your proficiency in programming languages like Python, JavaScript, or GoLang. Bring examples of how you've developed or automated tasks in your previous roles, as this will showcase your technical prowess.
✨Be Ready for Technical Questions
Expect in-depth questions about advanced penetration testing tactics and techniques. Familiarise yourself with the latest TTPs and be prepared to discuss how you've applied them in real-world scenarios.
✨Communicate Clearly
Practice explaining complex concepts in a straightforward manner. You'll likely need to author reports detailing vulnerabilities, so being able to articulate your findings clearly during the interview is crucial.
