We are looking for motivated people with a lot of passion that are either already positioned within cyber security or have strong technical skills and some exposure to the security world and want to grow in it.

In this role, you will:

• Respond to critical requirements that require an immediate tactical capability, developing code or analytics, including hands-on coding where appropriate
• Rapidly develop new and innovative capabilities for cyber that will later become a normal business capability, spearheading the next generation of cyber security tools and techniques
• Write proof-of-concept exploits, provide generalised attack patterns, guidance, and solutions to help strengthen our defences
• Be an open subject matter expert to the company, provide knowledge and support to cyber, keeping a close eye on the latest cyber security research. Publications and talks are encouraged.

Technologies and tools we use:

• We use whatever is necessary to get the job done. Previous projects have been done in Go, Rust, Python, C#, and others
• We use AWS, Azure, and an on-premise secure laboratory for special projects, as well as needing to understand and operate in the regulated corporate estate
• We administrate our own networks and infrastructure, mostly Windows and Linux servers
• We use state-of-the-art tools like IDA Pro or Binary Ninja for deep dives
• We strive to adopt new technologies, software, and workflows to stay on top of things

Your qualifications:

• You should have a background in computer science or engineering, either via a university or previous work experience

Your technical skills:

• You should be fluent in Python, other languages are a plus
• You should have strong knowledge in at least one area (system internals, protocols, cryptography, adversary techniques, web and binary exploitation, reverse engineering) and interest in general cyber security. You will need to keep developing to stay ahead of the constantly evolving security and compliance needs
• Understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, Global data security and privacy acts, FFIEC guidelines, CIS and NIST standards, is an advantage.