We’re only as good as the people in our team, so we’re always looking for great people. Maybe that’s you?
We at PTP are acutely aware of the lack of diversity in our industry, and are keen to address that.
Your ethnicity, sexual orientation, gender identification, faith, physical ability, has no bearing on your capacity to hack, pwn, interact, and give great client service.
It’s very simple, if you have the skills we’d love to talk with you.
Immediate requirement for combined Inf and App Testers
Whilst we’re always looking for Digital Forensic Analysts and Security Consultants we have an immediate requirement for combined infrastructure and application testers. There’s a description of the sort of people we’d love to hire, as well as what can you expect from us here https://www.pentestpartners.com/immediate-requirement-for-pen-testers/.
Digital Forensic Analyst
A minimum of 1-2 years experience assisting in the delivery of Digital forensic investigations.
A good understanding of forensic technologies and experience conducting forensic acquisition using hardware and software solutions (such as Tableau write blockers and FTK / Encase).
Experience conducting triage of forensic evidence and taking structured notes in a digital forensic lab environment. The ideal candidate will be comfortable acquiring and processing incoming case evidence for digital forensic and incident response jobs in preparation for full analysis.
Some basic understanding of networking technologies including but not limited to TCP/IP, Common protocols (HTTP, FTP, SSH etc), Common ports, VPN and Remote Access Technologies as they apply to conducting forensic acquisition and triage review.
Nice to haves:
Training in these areas will be provided as part of an ongoing development program of the candidate.
Experience conducting root cause analysis / full investigation of Windows and Linux operating systems.
Memory forensics and conducting malware analysis using tools such as Volatility. Advanced understanding of x86 and x64 machine code and code execution in Windows and Linux environments.
An advanced understanding of network technologies and forensic / incident response methodologies used to assess and protect them. This includes understanding of specific platform technologies such as SAN infrastructure or 802.11 networks and how the forensic + incident response processes apply.
Additional areas of Interest:
Any specialist forensic knowledge (such as mobile investigations, embedded systems, malware analysis etc) is of additional interest. Any hobbies or projects which demonstrate skills in analysis of forensic evidence or building bespoke solutions to common forensic problems.
Not all software listed below is required, however the ideal candidate will have some working knowledge of the products and can demonstrate how to use them for forensic acquisition and triage.
- FTK (& FTK Imager)
- IOC Tools (such as Loki, FastIR etc).
Additionally any knowledge of command scripting with respect to forensic investigation in the following languages is a bonus:
- Powershell / Batch
- Auto IT
Ideally we’re looking to fill technical/consultant roles, with smart people who have experience in two or more of the following areas:
- Penetration Testing
Including infrastructure, applications, red teaming, and code review experience. You should have at least OSCP, ideally CCT and several years experience. If you can show vanilla research or significant expertise, we may consider you without those accreditations.
- IoT and Hardware Hacking
Can you extract firmware from a chip and carry out side channel attacks? Can you show us a glitching attack? Can you analyse firmware for vulnerabilities?
- ICS / SCADA
Do you know your PLCs from your RTUs? Have you worked in an ICS control room or been involved in maintaining a SCADA environment? Have you dealt with ladder logic, MODBUS, PROFIBUS or similar protocols?
- Social Engineering
Think you could talk us into giving you a job?
- Software Development
Can you harden applications and write secure code?
- Internal Systems Administration
Have you got expertise in configuring and running infrastructure securely?
- Maritime / Automotive
Can you access a CAN bus or have maritime control system experience?
We may ask you to attempt some CTF style exercises as part of the application process.
To apply, send your CV with a covering email to:
Agencies, please read…
Any CVs received from agencies with whom we do not already have terms will be considered a gift.