Penetration tester - Jisc - Remote

Salary: Circa £48,000 per annum negotiable depending on experience. Hours: 35 hours per week. Contract: Permanent. Location: Day-to-day remote working, and regular days in the office are not mandated. You will occasionally be expected to travel to our hub offices and client sites in-person where testing requires physical presence. This position requires the successful candidate to undergo enhanced background screening checks.

About Jisc: Jisc is the UK digital, data and technology agency focused on tertiary education, research, and innovation. We are a not-for-profit organisation with a big ambition to improve lives through education and research by providing hardware, software, and networking solutions.

About the team and the role: This role is in the Penetration Testing Team, which sits within the arm of the organisation providing cyber security services, ensuring that our capabilities and expertise are applied cost-effectively and imaginatively. This provides a high-quality facility to protect the JANET network from intrusion, denial of service and all other service-impacting potential threats and attacks. Our work areas include network operations, security, trust and identity, cloud and brokerage services, data centres and co-location, video services and e-infrastructure.

We are looking to recruit an experienced penetration tester to deliver technical engagements to member organisations, strategic partners, and internally to Jisc stakeholders. Continued training and certification in key areas associated with security will be offered regularly.

Responsibilities will include:

• Conducting penetration test activities remotely, and at member sites where necessary.
• In line with your skills, carry out tests both collaboratively with team members and independently.
• We offer services including infrastructure testing, web applications testing, build reviews, Active Directory review, cloud service testing, social engineering simulation, on-site physical assessments, and physical infiltration.
• Assisting in developing and implementing security best practices internally and across the sector.
• Providing guidance on suitable penetration testing and defensive methodologies for cloud and local services.
• Providing appropriate briefings to a range of different management audiences, simplifying complex security data and providing guidance on suitable penetration testing and defensive methods.
• Providing advice and support to other teams, customers and third-party suppliers on detected security threats and advising of best course of action.
• Engaging with members directly to scope tests and recommend appropriate testing activities.

Key Skills and Experience:

• Experience with penetration testing, being able to deliver technical tests and reporting.
• Experience conducting web application penetration testing.
• Demonstrable experience of operating a range of industry standard tools for testing.
• Experience of producing high quality deliverables working alone and as part of a team.
• It would be ideal if you have worked within the education and research environment, as would experience of working and developing Microsoft products, including Active Directory and Azure, Digital Forensics, AWS architecture.
• Educated to at least degree level OR equivalent relevant demonstrable experience.

Don’t meet every single requirement? We know that sometimes people can be put off applying for a job if they think they can’t tick every box, so we encourage you to apply even if you do not meet 100% of the requirements, but you feel this role is perfect for you.

Why work for us? At Jisc, everyone plays a key role and gets the chance to feel part of it, that to us is the definition of a meaningful career. We want to create a culture of lifelong learning. You can look forward to a rewarding job with opportunities to develop and make a real difference to the education and research sectors. We believe a balance between your personal and professional life is essential to your happiness and fulfilment. We work flexibly at Jisc and focus on outputs rather than presenteeism and are open to a whole range of ways of working.

Our hybrid working policy is flexible, and the frequency of time spent in your nominated office will vary across teams and job roles. Take a look at our fantastic benefits!

We offer:

• Flexible work pattern, which can adapt to suit your schedules and personal commitments.
• 31 days annual leave (plus bank holidays) that includes three closure days over Christmas plus the opportunity to buy up to an additional 5 days leave during the flexible benefits window.
• Generous flexible pension schemes.
• A comprehensive 24/7 mental health support package, including coaching and appropriate counselling or specialist therapy, with no predetermined limit on the number of sessions you can access.
• Annual Jisc performance award.
• A range of wellbeing lifestyle benefits including company paid health care cash plan, mental health first aiders and support.
• A company culture of continuous learning with access to thousands of LinkedIn Learning courses, with lots of resources and opportunities to help us all develop, including around 10% of your time for development.
• Allocated allowance of up to £250 to equip your home office.
• Financial well-being support including access to preferential loan and savings plans, mortgage advice, will writing tools and support and resources to help you make the most of your money.
• The opportunity to donate to charity tax-free with our Payroll Giving benefit.
• Salary sacrifice - Electric Car Lease Scheme, Cycle to work and SmartTech (buy the latest technology and white goods products, spreading the cost over up to twelve months, direct from your salary and interest-free) subject to terms and conditions and available upon request.
• A wide range of discounts and cashback from retailers and big-name high-street stores.
• Family friendly policies including enhanced parental, maternity and paternity and co-parental leave as well as opportunity for career breaks.
• Support your volunteering with up to 3 days volunteer leave.
• Specsavers corporate eye care scheme including free eye test vouchers and up to £70 towards new glasses for VDU use.
• Life assurance cover.

Equity, diversity and inclusion: At Jisc, we don’t look for ‘sameness’, but to truly include people who can add unique perspectives and experiences to our culture, and we are working hard to achieve progressive change. ‘Always inclusive’ is one of our six guiding principles which actively encourages us to bring our whole authentic selves to work. We believe that our commitment to equity, diversity and inclusion is fundamental to our success.

Application process: We want you to showcase your talent throughout the recruitment process. Please let us know how we can best support you to do that; for example, if there are any reasonable adjustments we may be able to put in place. We will be happy to help you. Just so you know, we review CVs as soon as we can and aim to provide an update on your application within 4 weeks of receiving it. However, you may hear from us a lot sooner, so please keep an eye out for our emails or calls!