Ethical Hacker - Apply Now

Ethical Hacker 

We are seeking an outstanding, dynamic and customer-oriented team leader to support a team of junior ethical hacking consultants who will be providing a range of digital security services to the wider business community. 

This is a genuinely unique role, working closely with Manchester Digital, Greater Manchester Police, universities across Greater Manchester and businesses. 

The role will be key to the success of the Cyber Resilience Centre which was launched in November to protect Greater Manchester businesses from the threat of online crime. This a fast paced and responsive environment and we are seeking the right individual to join a small, close knit and ambitious team to support university students to work as a team in providing ethical hacking consultancy services to regional businesses. 

The team of junior ethical hackers will need guidance and mentoring to provide businesses with a range of services ranging from vulnerability assessments, cybercrime awareness, phishing campaigns and online footprints. Full training will be given.

The successful candidate will be joining this exciting team right at the beginning of their journey and will require excellent communication and project management skills. The role is ideally suited to someone keen to make a difference to business security and public safety.

We welcome applications from all candidates. 

Salary range - £35k - £45k dependent on experience

37 hours per week 

 

Senior Ethical Hacker Description

Essential Skills:                      Good level of  forensic or digital skills

Start date:                               Immediate

Location:                              Based within Manchester Digital offices but must be prepared to travel to businesses and other locations across the Greater Manchester area. 

 

Role

Reporting to the director of the Manchester CRC and working very closely with a wider team, to deliver and manage the centre’s new cyber services and to manage a team of students delivering services to agreed protocols and standards.

 

The key objectives for this role are:

  • To manage and ensure standards of service are met and all projects and services are delivered in a timely manner, to the standards and specifications required (training and guidance given).
  • To produce and quality assure the associated written assessments and products delivered to customers.
  • To assist with a range of outreach and presentations to the wider business community along with other team members.
  • To deliver cyber security services ranging from vulnerability assessments, cybercrime awareness presentations, phishing campaigns and digital footprints.
  • With the centre’s Digital Marketing Manager - to regularly assist with cybercrime safety awareness material and blogs for delivery to the wider public.
  • To occasionally provide technical advice and guidance to CRC customers and the wider public

 

Essential Requirements

  • A computing related bachelor’s degree such as Ethical Hacking or Cyber Security, or relevant experience.
  • Core computing skills including but not limited to:
    • Networking fundamentals – understanding of OSI model, TCP/IP, HTTP, DNS, SMB, SMTP and relevant tool
  • Good knowledge of web application technologies and security assessment.
    • Vulnerability identification and exploitation (not limited to OWASP Top 10)
    • Experience with common assessment tools such as MITM proxies (e.g. Burp Suite Pro) and SQLMap
  • Good knowledge of internal and external infrastructure technologies and security assessment including but not limited to:
    • Identification and exploitation of misconfigurations or known vulnerabilities in common enterprise infrastructure and services (Windows Domains, Linux servers, virtualisation, databases, switches/routers, etc.)
    • Window and Linux sandbox/desktop breakout
  • Good knowledge of internal and external infrastructure technologies and security assessment including but not limited to:
    • Identification and exploitation of misconfigurations or known vulnerabilities in common enterprise infrastructure and services (Windows Domains, Linux servers, virtualisation, databases, switches/routers, etc)
    • Window and Linux sandbox/desktop breakout
  • Knowledge of a scripting language such as Python (preferred), Ruby, PowerShell or Bash, for the development of new, or editing existing, tools
  • Excellent communications skills (both verbal and written) including presentation experience
  • High level of attention to detail and working to deadlines, with the ability to work under pressure
  • Excellent organisational and time management skills with the ability to prioritise workload
  • Ability to work on own initiative
  • Discretion and understanding of the need to respect confidentiality
  • Ability to convey technical information in an accessible manner
  • Flexible approach to work

 

Desirable

  • Knowledge of open source intelligence gathering techniques. Including but not limited to use of advanced google techniques, DNS, domain registration, certificate transparency, and other public sources of information
  • Experience with live bug bounties, particularly where automation has been implemented
  • Knowledge of security considerations in the cloud (AWS, Azure and GCP), particularly identifying vulnerable configurations through management and API access along with exploitation of web/infrastructure vulnerabilities specific to cloud environments
  • Knowledge of mobile application vulnerability identification and exploitation including but not limited to Android and iOS app structures, decompliation, code signing, and traffic interception.

Desirable Certifications 

  • CRT – CREST Registered Penetration Tester (or above)
  • OSCP – Offensive Security Certified Professional
  • GWAPT – GIAC Web Applications Penetration Tester

 

Please note as the successful candidate will work closely with policing and business, they will be required to undergo a disclosure check and will be expected to maintain a very high level of confidentiality. 

If you are interested in finding out more about this role, please reply to  - [email protected] with a copy of your CV and a covering letter explaining why you would be a good fit for this role.