Senior Vulnerability Consultant

Position Title: Senior Vulnerability Consultant

Location: Chicago

Role Purpose:

This is an exciting role to work in a fun and challenging environment, using market leading security testing tools and platforms to provide security testing services for our large client base. You will play a key role in delivering and managing client security programs all year round, as well as building relationships with clients and ensuring that our services are meeting their needs. You will also be given every opportunity to help shape the direction of the department as well as assist with the development of new service lines offered by the company. Moreover, you will play a key role in supporting sales activities and mentoring junior consultants, contributing to the overall knowledge sharing and growth within the delivery team.

Summary:

• Running network, web, and mobile vulnerability scans
• Manually verifying all vulnerabilities identified in scans
• Manual testing of authorization and application interactions
• Develop and deliver reports related to technical security assessments
• Provide support to clients on troublesome vulnerability issues
• Present findings and recommendations to technical and executive audiences
• Mentoring junior team members and contributing to internal tools and research initiatives
• Lead and enable collaboration with internal teams, external partners, and industry forums.

What we are looking for in you:

Requirements:

• Familiarity with Web technologies. This includes an understanding of how web clients and servers typically work.
• Familiarity with common web application vulnerabilities.
• Knowledge of how to test for common web and network protocol vulnerabilities, and how to remediate them.
• Experience of using network and application scanning tools and utilities, such as Nexpose Rapid 7, HP WebInspect, IBM AppScan, Tenable Nessus, Burp, NMAP etc.
• Ability to manage time and tasks independently.
• Excellent communication, consulting, and presentation skills, along with exceptional written communication and reporting abilities. 

Desired Skills:

• Previous professional experience leveraging and implementing web application penetration testing techniques and methodology.
• In-depth knowledge of common web application architectures and best-practice security standards.
• Experience identifying, exploiting, and remediating common web application security vulnerabilities such as SQLi, XSS, SSRF, CSRF, and others identified in the OWASP Top 10.
• Exposure to software development and understanding of secure code development.
• A willingness to adapt and passion to learn and grow quickly.
• Mobile security knowledge and experience

Relevant Professional Certifications (if any):

• Offensive Security Certified Professional (OSCP)
• Offensive Security Web Expert (OSWE)
• Burp Suite Certified Practitioner (BSCP)
• HTB Certified Penetration Testing Specialist (HTB CPTS)

Behaviours:

• Focusing on Clients and Customers.  
• Working as One NCC.
• Always Learning.
• Being Inclusive and Respectful. 
• Delivery Brilliantly.  

Why NCC Group?

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.   

Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support. 

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits;

⏰Flexible working

💸 Financial & Investment

• Pension
• Life Assurance
• Share Save Scheme
• Maternity & Paternity leave

🙋🏾Community & Volunteering Programmes

⚡ Green Car Scheme

🚴 Cycle Scheme

🏥 Healthcare

🏙️ Office Lifestyle

🧑🏻‍🤝‍🧑🏻 Employee Referral Program

🧘🏻 Lifestyle & Wellness

🎓 Learning & Development

👨🏿‍🦽 Diversity & Inclusion

So, what’s next?

If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and the relevant member of our global talent team will be in touch with you. Alternatively send your details to global.ta@nccgroup.com .

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.