Cst - Associate Penetration Tester

**Vacancy Name**

CST - Associate Penetration Tester

**Req Number**

VN290

**Employment Type**

Full-Time

**Location**

India

**Position Summary**

**About Claranet**

At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.

We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.

In the UK we have over 500 staff working in London, Gloucester, Warrington, Leeds or as homeworkers.

**Working For Claranet**
Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean with). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.

But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.

Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce.

**Our Vision**
Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.

**Position Summary**
Claranet Cyber Security is a world class business unit within Claranet, designed to give customers access to market-leading information security expertise and services spanning; penetration testing, compliance consulting, training and managed services.

The primary function of the Penetration Tester in the CST team is to continually review the customers’ defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. The Penetration Tester is also responsible for pre-engagement activities including scoping, statements of work, working with customers to determine their testing requirements and restrictions, on boarding customers into the service and contribute to the service improvement and further development.

To provide the best services to our clients, we need the best people working with us. With outstanding support from the business, all of our penetration testers will gain the experience needed to become the best they can be.

Our team is growing, and we need inspiring people to join us at all levels and help us to continue building a world leading cyber security operation whilst benefiting from a truly unique opportunity to fulfil their potential.

**Duties and Responsibilities**

**Essential Roles & Responsibilities**
The Continuous Security Testing service is a consultant led vulnerability identification and verification service which makes use of automated vulnerability scanning along with significant manual testing against a broad scope in a continuing engagement. The purpose of the service is to continually monitor a customer’s external attack surface for new vulnerabilities, changes in the scope of the attack surface, and proactively inform customers of discovered issues along with recommended remediation; with the overall aim of reducing the lifetime of each vulnerability. Manual testing includes identification of issues which automation alone could not identify, exploitation of all issues, often chaining multiple findings together in order to determine the true impact of vulnerabilities for the customer.

**Key Responsibilities**:

- Manual identification and exploitation of vulnerabilities
- Manual verification and exploitation of scanner findings
- Detailed analysis of issues identified and exposure for the customer including proof of concept, reproduction steps, and recommended remediation
- Communication of findings to the customer in a detailed, accurate and manageable manner both orally and through written vulnerability/scope notifications and periodic summaries
- Continual professional development to maintain and develop knowledge and technical competencies
- Maintain professional technical qualifications to demonstrate competency to our cl