Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct hands-on penetration testing to identify risks in critical applications and platforms.
- Company: Join a leading firm focused on enhancing cybersecurity and resiliency.
- Benefits: Competitive salary, health benefits, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: 3+ years of penetration testing experience and strong communication skills.
- Other info: Collaborative environment with excellent career advancement opportunities.
The predicted salary is between 48000 - 72000 Β£ per year.
As an Assessments & Exercises Senior Associate in the Penetration Testing team, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. Your primary responsibility will be performing hands-on penetration testing of some of JPMC's most critical applications, platforms, and the perimeter. You will work with application developers to understand root causes and mitigate vulnerabilities, as well as identify where vulnerabilities can be detected earlier in the SDLC.
Successful candidates are expected to demonstrate an eagerness to learn, the drive to excel, excellent technical knowledge of security concepts, and proven expertise in penetration testing.
Job responsibilities:- Design and execute testing and simulations - such as penetration tests and contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with the firm's strategy and compliance with regulatory requirements.
- Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation.
- Collaborate closely with cross-functional teams to develop comprehensive assessment reports - including detailed findings, risk assessments, and remediation recommendations - making data-driven decisions that encourage continuous improvement.
- Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm's assessment strategy and risk management.
- Engage with peers and industry groups that share threat intelligence analytics.
- 3+ years of experience in conducting manual penetration tests against a wide variety of applications and technologies including web, mobile and thick clients, internal and external facing infrastructures and cloud.
- Foundational knowledge of cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies.
- Ability to identify systemic security or resiliency issues as they relate to threats, vulnerabilities, or risks, with a focus on recommendations for enhancements or remediation, and proficiency in multiple security assessment methodologies (e.g., OWASP Top Ten, NIST Cybersecurity Framework), offensive testing tools, or resiliency testing equivalents.
- Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels.
- Experience in testing Public cloud environments like AWS, Azure and GCP with proficiency in at least one platform.
- Experience in reverse engineering standalone, thick client and mobile applications.
- Proficiency in security concepts for both Windows and Unix-like Operating Systems.
- Experience in source code review and/or building software with multiple programming languages (i.e. Python, Java, Rust, etc.).
- Certifications like CREST (CRT, CCT), OSCP, OSCE, GXPN, GRE.
Senior Penetration Tester in City of London employer: JP Morgan
Contact Detail:
JP Morgan Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Senior Penetration Tester in City of London
β¨Tip Number 1
Network, network, network! Get out there and connect with professionals in the cybersecurity field. Attend meetups, webinars, or conferences where you can chat with others who share your passion for penetration testing. You never know who might have a lead on your next job!
β¨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, including any simulations or assessments you've conducted. This will not only demonstrate your expertise but also give potential employers a taste of what you can bring to their team.
β¨Tip Number 3
Donβt just apply blindly! Tailor your approach for each application by researching the company and its cybersecurity needs. When you reach out, mention specific projects or values that resonate with you. This shows you're genuinely interested and not just sending out cookie-cutter applications.
β¨Tip Number 4
Keep learning and stay updated! The cybersecurity landscape is always changing, so make sure you're on top of the latest trends and tools. Join online forums, follow industry leaders, and consider getting certified. This not only boosts your knowledge but also makes you more attractive to potential employers.
We think you need these skills to ace Senior Penetration Tester in City of London
Some tips for your application π«‘
Tailor Your CV: Make sure your CV is tailored to the Senior Penetration Tester role. Highlight your experience with manual penetration tests and any relevant certifications. We want to see how your skills align with what we're looking for!
Show Off Your Skills: In your cover letter, donβt just list your qualificationsβshow us how you've applied them in real-world scenarios. Share specific examples of your work with penetration testing and how youβve contributed to improving security postures.
Be Clear and Concise: When writing your application, keep it clear and to the point. Use straightforward language and avoid jargon unless it's necessary. We appreciate a well-structured application thatβs easy to read!
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It helps us keep track of applications and ensures youβre considered for the role. Donβt miss out on this opportunity!
How to prepare for a job interview at JP Morgan
β¨Know Your Stuff
Make sure you brush up on your technical knowledge of penetration testing methodologies and tools. Be ready to discuss specific experiences where you've identified vulnerabilities and how you mitigated them. This shows not only your expertise but also your eagerness to learn and excel.
β¨Showcase Your Collaboration Skills
Since the role involves working closely with application developers and cross-functional teams, prepare examples of how you've successfully collaborated in the past. Highlight any reports or assessments you've contributed to, and be ready to discuss how you influenced stakeholders with your findings.
β¨Stay Current with Threat Intelligence
Familiarise yourself with the latest trends in cybersecurity threats and vulnerabilities. Bring up recent incidents or emerging threats during the interview to demonstrate your proactive approach to staying informed and how it can enhance the firm's assessment strategy.
β¨Prepare for Scenario-Based Questions
Expect scenario-based questions that test your problem-solving skills in real-world situations. Think about how you would approach a penetration test for different environments, like cloud platforms or mobile applications, and be ready to articulate your thought process clearly.
