facebook tracking

Information Security Technician - Graduate

Scroll to content

This role will include conducting penetration tests on applications, networks, virtual environments and web applications. Keeping up to date with the latest threats and vulnerabilities and presenting your recommendation to the relevant teams to identify risk in relation to product development, new build and support.

The role will also involve early contribution to the architectural functions in each team to ensure that privacy and security by designs are created with final compliance as a goal.

Excellent communication skills, a professional attitude and a passion for technology and information security are vitally important to successfully accomplish this role.

This role reports to the Information Security Manager to achieve PCI DSS Compliance and ISO27001 Certification. Key peers will include the Technical Architects and Development Team Members.

Key Responsibilities

  • Direct involvement in Semafone’s PCI DSS Level 1 Service Provider status retention requires that the candidate ensures that the development environments, lab, pre-production and production environments are regularly exposed to various vulnerability scanning tools and penetration tests;
  • Holding responsibility to ensure that any new vulnerabilities are resolved;
  • Vulnerabilities will need to be resolved by working with the Support Team and feeding back resolutions to the Product and Development team to ensure that vulnerabilities are mitigated;
  • Ownership of the vulnerability scanning and penetration testing processes and as part of the role there will be an on-going requirement to automate this process as far as possible;
  • Documenting the process and procedures wherever necessary as part of the PCI and ISO27001 requirements and to ensure a knowledge base is created;
  • A key member of the incident response team and responsibility for ensuring that this process is annually tested, and iteratively improved;
  • Inclusion into the architectural review process and early sight of low level designs to ensure proposed solutions are capable of achieving PCI compliance;
  • The role will grow to ensure that Semafone can enable key PCI;
  • Create, deploy and remain an escalation path for maintenance issues;
    • Host based Intrusion Detection Systems;
    • FIM and AV;
    • Automated Vulnerability scanning and Penetration testing.

REQUIREMENTS

Key Competencies

The deal candidate would possess and have a working knowledge of:

  • Processes involved with penetration testing and vulnerability assessments;
  • Experience of conducting investigations, evidence handling and forensics;
  • An awareness of techniques used by Hackers and other criminals to attack the IT infrastructure of a company;
  • The operations of an IT infrastructure including Windows, Linux, (V)LAN, perimeter security controls, IDS, IPS, FIM, AV and logging;
  • The ability to conduct security risk assessments both as part of a project and in conjunction with suppliers and outsourcers.
  • Broad knowledge of application, infrastructure, network and website weakness;
  • An understanding of the underlying structure of web technology and web application testing;
  • Experience with one or more scripting language (Python, Bash, ETC);
  • Experience with VMware based Virtual Machines and products (ESXI);

Mandatory Qualifications, Skills and Experience

  • Educated to degree level (preferably First Class Honours);
  • Must have a working knowledge of Nessus and another assessment tool;
  • Candidates should have a clear and detailed understanding of application testing methodologies.

Desirable Qualifications, Skills and Experience

  • OSCP Qualification preferred but other relevant Ethical Hacking or Networking Security qualifications considered;
  • Previous experience in at least 1 PCI DSS or PADSS audit;
  • Experience with the following Penetration testing tools: Burp, Nmap, Metasploit, Kali Linux tools, Netcat, Nikto, Dirb, Hydra and evidence of any custom-made tools/scripts.

Benefits & Culture

We are a market leader in secure voice transactions and trusted by our customers and partners.  We are on a journey to secure all personal data.  We recruit diverse, ambitious, innovative people who want to grow in a supportive and collaborative environment.  We are passionate, work hard, have fun and celebrate success.

What we'll give you;

  • 25 Days Holiday
  • Competitive Salary
  • Up to 10% Bonus
  • 4 x Salary Life Insurance
  • Vitality Health Insurance
  • HealthShield Cash Back Plan
  • Employee Assistance Programme
  • Bespoke Discounts and Communications Hub
  • Up to 5% Contributory Pension

Semafone is well funded and growing fast, you’ll be joining an organisation that combines an entrepreneurial ‘start-up’ culture with the professionalism of a mature and established business. This is a fabulous opportunity to gain experience on a variety of commercial matters of an international business.

*All final interview candidates will be subject to a DBS check as a pre-condition of a potential offer of employment. Any information found will be considered when making the final hiring decision. Please be aware that the background check process will not go ahead without your written consent.

Apply for this job

Or, know someone who would be a perfect fit? Let them know!

Guildford

Pannell House
GU1 4HN Guildford Directions info@semafone.com 0845 543 0822

More than just a job...

Here at Semafone it's all about delivery and we pride ourselves in providing a flexible working environment which aims to support our staff as they journey through their career.  

For country-specific benefits check out each job role, but what else do you get besides your all important salary?

  • Bespoke Discounts & Communications Hub

    perkSTIR is our internal communications hub which houses a whole host of retailer discounts where you can literally save £/$000's a year!

  • Work / Life Balance

    We offer excellent time off benefits and promote flexible working whenever we can.

  • Great Physical Space

    We've got fabulous new offices in all locations. All mod-cons and tech'd up to the rafters it's a technologist's dream location.

  • Team Events

    We regularly get together as either individual teams, location-specific or the whole business. A highlight is our annual offsite, 'FraudSTIR' which involves internal and external presentations, team-building activities and lots of opportunities for socialising!

Workplace & Culture

 

Our company values aren't just words on a page to us.  They're intrinsic to the way we operate and vital to our success.  When they're effectively demonstrated wonderful things happen, so it's no wonder we recruit to our values and culture.

 

Already working at Semafone?

Let’s recruit together and find your next colleague.

email
@semafone.com
  • Aaron Lumnah
  • Andreas Prassas
  • Annette Quinnell
  • Ben Rafferty
  • Caroline Thomson
  • Charlie Lodder
  • Chloe Prince
  • Claire Finnie
  • Dan Hoaglund
  • David Derrick
Teamtailor

Applicant tracking system by Teamtailor