Penetration TesterAbout The Role
Penetration Tester, Warwick
The Vulnerability Testing team is part of Vulnerability Management within the Security Team and supports the Security Team’s global operations here at National Grid. This is achieved by identifying vulnerabilities and security issues via penetration testing assessments and identifying threats posing a genuine risk to National Grid, assessed by Government and commercial intelligence providers. This information will enable National Grid to proactively adjust its defensive posture.
We are seeking a talented individual to take on a Penetration Tester role, part of a team that will perform penetration testing across environments, including web applications, infrastructure and mobile platforms, in a global environment. In addition, you will lead in performing red team exercises based on Cyber Threat Intelligence. As a leading member of the team, you will lead a small team (1-4) of dynamic Penetration Testers, and be happy to travel to our other UK sites.About You
We would love you to be an experienced and hands on Penetration Tester, skilled with testing of web applications and infrastructure, with excellent Reporting standards. You will have experience of using Open Source and COTS for Penetration Testing which could include Nmap, Nessus, Metasploit, Kali Linux, Burp Suite Pro and similar.
Furthermore, you will have:
• OSINT and social engineering engagement experience• Red Team experience• CBEST framework experience• Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH• Experience in at least one development language e.g. Java, C, C# or similar• A good understanding of the OSI stack and the various protocols from layer 1 – 7 including SNMP, HTTP, VPN, 802.11.• Good appreciation of other security roles such as intelligence, vulnerability and patch management, Risk, auditing, Awareness and Security Architecture• A good understanding of Cloud based architectures including Azure and AWS• Experience of working within the MITRE ATT&CK framework• Ability to work in both waterfall and agile software delivery projects• Understanding of Industrial control systems including SCADA• Computer Science, Mathematics, Engineering or Security related degree (or higher)• OSCE• Good understanding of automation of penetration testing activities.
You will also ideally have a formal certification in one of the following:
o Level 1 SANs GPEN, GWAP, OSCP, Pentest+, CASTo Level 2 CSTA, AST, CPSAo Level 3 CSTM, Tiger Scheme Qualified, CREST Registered TesterAbout Us
National Grid touches the lives of almost everyone in the UK, with an energy network that stretches across the Atlantic. We’re an international team, and our work underpins the lives of millions of people. Feet forwards, head up, and eyes bright, we’re working hard to create value for people today – and shape the future of energy tomorrow.
In the UK, we don’t generate or sell energy – we join the dots to get energy from A to B. From making a cup of tea in the morning, to keeping the lights on in hospitals, our electricity network puts power in the hands of people. Without it, the world as we know it would grind to a halt.
The world of energy is changing beyond recognition. Working at National Grid, you won’t just be touching the lives of almost everyone in the UK – you’ll be shaping the way we use and consume energy for generations to come.
Our values and principles
At National Grid, through listening to what our customers need, every day we do the right thing and find a better way.
As a National Grid employee, you’ll treat our customers as a priority, taking time to listen and work with them to help give them the best experience we possibly can. You’ll need to be proactive and flexible in your approach and continually look for ways to exceed their expectations – sometimes in unexpected and helpful ways. You’ll provide accessible information when our customers need it and make things simple by using your expertise to guide them. Above all, you’ll follow through on your promises to deliver value, drive efficiency and give them a great customer experience.
We offer inclusion and diversity training for everyone here at National Grid, with a view to building an inclusive working environment and developing all our employees. Training opportunities range from unconscious bias and reverse mentoring to targeted training initiatives which are tailored to support our diverse and innovative work force.What You'll Get
As well as your highly competitive base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.