Security Consultant

Security Consultant

What we’re offering (we know, everyone jumps to this section first!)

• Salary of £40,000 - £50,000 💷
• Share options so you benefit from our success 🚀
• 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want. Once you reach 3 years of service, you get an extra day of paid holiday every year until 7 years at Intruder 🏝️
• Flexible working - most of the Security team works from home, but we have the option of an office in Shoreditch if you ever feel like some human connection! 🏢🏡
• A yearly off-site for the whole company. Last year we went to a Croatian island 

As a small but growing team, we're flexible and offer a level of autonomy that allows you to make meaningful and lasting contributions to Intruder and our customers.

About Us:

We make it easier to not get hacked.

Every day people sign up for online services, enter their personal data, and put themselves at risk. We work to enable these services to be better protected, making sure new vulnerabilities are found and closed rapidly before data can be stolen.

We do this with a powerful but easy to use platform that is low on noise and high on trust, information, and context – so when we say it’s critical, companies know they have to act fast.

In the past 2 years, we have grown rapidly in product capability, customer base, revenue, and employee size. The next few years promise more of the same, with plenty of growth opportunities for us and our teams!

About this position: 

We are looking for a Security Consultant to facilitate the day-to-day running of the Intruder platform, and deliver Premium consultancy services including pentesting. This role is varied and includes:

• Scan Triage: Assessing customer scan results for possible escalations, and removing false positive results.
• Writing easy-to-understand descriptions for new security vulnerabilities in the Intruder platform
• Continuous Pentesting: manual deep-dives on web applications, APIs, and external infrastructure
• Providing technical assistance on client calls, such as scoping & customer success catchups
• Security projects & writing technical content for our website

What we think you'll need to be successful:

• Some proven experience or qualifications in offensive security. For example:
  • Academic background in cyber security or software engineering
  • Industry experience as a penetration tester or software engineer
  • A proven track record on bug bounty or hacking platforms
  • Industry qualifications such as:
    • CREST Practitioner Security Analyst (CPSA)
    • CREST Registered Penetration Tester (CRT)
    • CREST Certified Web Application Tester (CCT APP)
    • Offensive Security Certified Professional (OSCP)
    • Offensive Security Web Expert (OSWE)
• Comfortability with client-facing calls in a consultancy setting
• Excellent technical reporting skills

Hiring process:

• Company intro (30 minutes, remote): initial chat with People team for you to learn more about the role and tell us what you're looking for
• Security Intro (45 minutes, remote): deep dive with the Security team
• Written & Technical Assessment, including web application testing