At a Glance
- Tasks: Lead advanced penetration tests and engage in sophisticated Red Team projects.
- Company: Join Alice, a cutting-edge trust and security company for the AI era.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Dynamic team environment with a focus on innovation and continuous learning.
- Why this job: Make a real impact by safeguarding technologies in a rapidly evolving landscape.
- Qualifications: 3+ years in application security, strong API testing skills, and coding proficiency.
The predicted salary is between 60000 - 80000 £ per year.
We are seeking a highly motivated and technically proficient Senior Penetration Tester to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world. You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems.
What you’ll do:
- Lead and execute comprehensive, technically rigorous penetration tests targeting complex web applications, modern API architectures, and enterprise systems for organizations with significant global presence.
- Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints, development of novel bypass techniques for established security controls, and lateral movement within target environments.
- Contribute substantively to the design, development, and maintenance of proprietary internal security tools and automation frameworks to enhance the efficacy and efficiency of offensive operations.
Requirements:
- Minimum of 3 years of proven, hands‑on experience in application security analysis, with a heavy emphasis on complex API penetration testing and a mastery of the OWASP Top 10 landscape.
- Proficiency in developing and automating tasks using at least one language like Python, JavaScript, or GoLang.
- Strong experience with static and dynamic analysis of Android and iOS applications, including hands‑on experience with techniques like detours, hooking, and runtime code manipulation.
- Deep, hands‑on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
- Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes.
Nice to have:
- OSCP, OSWE, eWPTXv2, CRTP, or other high‑level offensive certifications.
- Hands‑on experience with industry‑standard reversing tools like JADX, Ghidra, or IDA Pro.
- Demonstrated online achievements, write‑ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
About Alice:
Alice is a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact‑whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, Alice provides end‑to‑end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre‑deployment red‑teaming to runtime guardrails and ongoing drift detection.
Senior App Security Researcher & Red Team Lead in London employer: Alice
At Alice, we pride ourselves on being an exceptional employer that fosters a culture of innovation and continuous learning. Our team of Senior App Security Researchers enjoys a collaborative environment where they can lead cutting-edge security assessments for some of the world's largest companies, while also benefiting from extensive professional development opportunities and a commitment to work-life balance. Located in a vibrant tech hub, employees have access to a wealth of resources and networking opportunities, making it an ideal place for those looking to make a meaningful impact in the field of AI security.
StudySmarter Expert Advice🤫
We think this is how you could land Senior App Security Researcher & Red Team Lead in London
✨Tip Number 1
Network like a pro! Attend industry meetups, conferences, or online webinars where you can connect with fellow security enthusiasts. Don’t be shy to introduce yourself and share your passion for app security – you never know who might have a lead on your dream job!
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, write-ups, or any contributions to platforms like HackTheBox or Bug Bounty programs. This not only highlights your expertise but also gives potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on the latest TTPs in penetration testing. Be ready to discuss your hands-on experience with API testing and the OWASP Top 10. Practising common interview questions can help you articulate your knowledge and make a lasting impression.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for talented individuals like you. Tailor your application to highlight your relevant experience and enthusiasm for the role – it’ll make you stand out from the crowd!
We think you need these skills to ace Senior App Security Researcher & Red Team Lead in London
Some tips for your application 🫡
Show Off Your Skills:When you're writing your application, make sure to highlight your hands-on experience in application security analysis. We want to see your mastery of complex API penetration testing and how well you know the OWASP Top 10 landscape.
Be Detailed and Organised:We love attention to detail! Make sure your application is well-structured and clearly outlines your relevant experience. This will help us see how organised you are, which is super important for this role.
Share Your Projects:If you've worked on any cool projects or have contributions on platforms like HackTheBox or Bug Bounty programs, don’t hold back! Sharing these experiences can really set you apart from other candidates.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Alice
✨Know Your Stuff
Make sure you brush up on your application security knowledge, especially the OWASP Top 10. Be ready to discuss your hands-on experience with complex API penetration testing and any relevant projects you've worked on.
✨Show Off Your Skills
Prepare to demonstrate your proficiency in programming languages like Python, JavaScript, or GoLang. Bring examples of how you've developed or automated tasks in previous roles, as this will showcase your technical prowess.
✨Be Ready for Technical Questions
Expect in-depth questions about advanced penetration testing tactics and techniques. Familiarise yourself with the latest TTPs and be prepared to discuss how you've applied them in real-world scenarios.
✨Communicate Clearly
Practice explaining complex concepts in a straightforward manner. You'll likely need to author detailed reports, so showing that you can communicate your findings clearly during the interview is crucial.
