Penetration tester (IT Security)
Penetration tester (Senior and Junior Positions Available)
THG aims to be the World’s leading Online Health & Beauty Destination. We are currently the UK’s leading multi-website online retailer with rapidly growing global operations and a unique proprietary technology platform. With over 16 million customers worldwide and 400 million visits to our sites annually, we understand the importance of reliable technology and a data-driven expertise.
Our software is the core of our business and enables the company to continue to grow and thrive. The Group’s industry leading and proprietary technology platform powers its own consumer sites plus global media partners and brand owners, including: Unilever, Nintendo and the Daily Mail Group. We develop all of our own applications in-house with our Development Delivery Teams. In order to enable our Delivery Teams to continue to achieve, we are always looking for bright and intellectual people who are happy to push boundaries and really challenge the status quo.
Led by world-class technologists with a diverse range of backgrounds ranging from Silicon Valley tech giants (Google, Amazon) through to Hedge funds and Algorithmic Trading Firms. You will be surrounded by highly intellectual and passionate colleagues, all with the common goal to help us grow this business globally, fast.
Information Security is crucial to our business and our penetration team sits at the bleeding edge. Tasked with conducting penetration tests and red team exercises against THG global applications, networks and infrastructure you will be part of a diverse team leading the protection of the business.
- Liaise with product and system owners to scope and define penetration testing requirements.
- Conduct open source intelligence investigation on THG and its associated brands and organisations.
- Document detailed penetration testing methodologies
- Keep up to date with latest technological developments and tools.
- Perform penetration tests on web applications, mobile applications, APIs, internal applications, networks and servers.
- Analyse the outcome of 3rd party penetration test reports
- Make recommendations based upon your reports and 3rd party reports
- Candidates for the role should be self-motivated, logical thinking problem solver who is flexible and adaptive to a very busy work environment
- You’ll need to be organised, have an inquisitive nature but with a positive attitude and be eager to learn.
- This is a great opportunity to develop the skills needed to progress in the Information Security field
- Good understanding of network protocols
- Solid technical skills in both information security architecture and penetration testing
- Ability to assess testing tools and deploy the right ones
- Project planning skills
- A solid understanding of ethical hacking
- Scripting and programming experience is beneficial
- Ability to explain findings to non-technical professionals
- Excellent report writing and presentation skills
- Customer facing skills and a proven track-record of building client relationships
- Able to work independently but also as part of a team
- Flexibility to change direction and manage conflicting demands
- Outstanding organisational and data analytics skills
THG Infosec prefers experience over certifications, that said an experienced tester may have some of the following:
- A degree in computer science/security
- OSCP, CHECK, CREST
- Experience with using NMAP, Burp, OpenVAS, NIkto, OSINT tooling