Senior Security Consultant

Role summary

Our consultants work on everything from client projects to development work and training, dealing with large corporate penetration tests to gaining credit for published advisories. Technical excellence and customer service are key to our work, you will be passionate about finding vulnerabilities while being happy liaising with customers. 

Our team is growing, and we need inspiring people to join us and help us to continue to build a world leading cyber security operation whilst benefiting from the opportunity to fulfil their potential.

Based in INDIA, this work will lead on penetration testing, SDLC projects including on-site work, but will have the opportunity to work on projects with worldwide clients, and will form part of our global team of penetration testers who share research, tooling, experience and collaborate freely on projects. 

As a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training, to both private customers, at our own events, and at leading international conferences. 

Essential duties & responsibilities:

• Work with multiple application development teams within the client organisation, to ensure secure development of applications.
• Perform web application penetration testing, infrastructure penetration testing, code reviews and/or mobile application penetration testing.
• Exploit vulnerabilities identified in client systems.
• Communicate vulnerabilities to clients.
• Manage project related tasks as per communicated deadlines.
• Participate in project conference calls and lead the technical content on the call
• Develop a broad and deep technical understanding of applications, services and architectures pertaining to the client application organisation. 
• Interpret results from exercises such as code review and penetration testing stakeholders, and advise on remediation and mitigation as well as incorporate learnings into future designs 
• Develop documentation, and a knowledge base to be used by developers for implementing secure coding practices 
• Research and maintain knowledge of changing landscape of application security, latest threats, and attacker tools, techniques and procedures 
• Provide recommendations for missing application security controls
• Support and provide consultation to development teams in the area of application security 
• Occasional travel to client locations might be required 

Desirable:

• Be willing and able to engage customers on broader security problems, including scoping bespoke programs of work. 

Essential:

• 5+ years of experience in information security
• 2+ years of client-facing consulting work experience performing penetration testing.
• Knowledge of common application security flaws, threat modelling, security controls and common security libraries
• Understanding of security engineering principles including cryptography, access control, system security, and security operations
• Experience working with Developer organisations
• Experience with code scanning (SAST, DAST) tools for Javascript, Java, and Python languages and relevant frameworks.
• Programming language skills such as Java, . NET, C or C++ (nice to have).
• Excellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences
• Basics to intermediate development and scripting skills in at least one programming language
• Knowledge of cloud services and cloud security controls
• Experience with pen testing (plus)
• Experience with code reviews (plus)

About Claranet

Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.

At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.

We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.

In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.

Working for Claranet

Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean with). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.  

But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.

Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry-led membership group created to address the UK’s tech talent shortage and diversity gap through collective action.

Our Vision

Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.