Background.png

Junior Ethical Hacker

We are seeking outstanding, dynamic and customer-oriented Junior Ethical Hacking Consultants who will provide a range of security services to the North West business community. 


This is a unique role working for a not-for-profit partnership between Manchester Digital and North West Police forces to help protect small businesses from cybercrime. 


This is a fast-paced and responsive environment and we are seeking ambitious individuals to join a small, close-knit team of university students in providing ethical hacking consultancy services. 


The team of Junior Ethical Hackers will provide local businesses with a range of services ranging from vulnerability assessments, cybercrime awareness training, phishing campaigns and online digital footprints. Full training will be given.


The successful candidates will join a team that includes an experienced Senior Ethical Hacker and seconded Police officers who will oversee their work. The role is ideally suited to someone keen to make a difference and considering a future career in the cyber security industry.


You will be deployed on a part-time basis subject to business needs. The NWCRC is proud to be a real living wage employer and remuneration will be discussed during the interview process.

Job Description

 

Essential Skills: Good level of forensic or digital skills

Period of employment: Initially 12 months with a 3-month mutual review period

Start date: Immediate

Location: A mix of remote working but must be prepared to travel to businesses and other locations across the North West. Occasionally, you will be asked to attend the office, based at Manchester technology centre.

Role

 

Reporting to our Senior Ethical Hacker and the Head of Cyber & Innovation you will work closely with a wider team to deliver and manage the CRCs cyber security services to agreed protocols and standards.

The key objectives for this role are:

  • To assist in the delivery of our range of commercial cyber services to businesses across the North West, including Vulnerability Assessments, Cyber Security Awareness Training, OSINT Digital Footprints, Phishing Exercises and Web Application Vulnerability Assessments. 

  • To assist with a range of outreach presentations to the wider business community along with other team members.

  • To work with the CRCs Marketing Manager to assist with cybercrime safety awareness material and blogs for delivery to the wider public.

  • To provide technical advice and guidance to CRC customers and the wider public.

 

Essential Requirements

  • Currently undertaking or have completed a  computing-related bachelor’s degree such as Ethical Hacking or Cyber Security. 

  • Core computing skills include but are not limited to:

    • Networking fundamentals – understanding of OSI model, TCP/IP, HTTP, DNS, SMB, SMTP and relevant tools

  • Good knowledge of web application technologies and security assessment.

    • Vulnerability identification and exploitation (not limited to OWASP Top 10)

    • Experience with common assessment tools such as MITM proxies, Kali (e.g. Burp Suite Pro) and SQLMap

  • Good knowledge of internal and external infrastructure technologies and security assessment tools including but not limited to the:

    • Identification and exploitation of misconfigurations or known vulnerabilities in common enterprise infrastructure and services (Windows Domains, Linux servers, virtualisation, databases, switches/routers, etc.)

    • Window and Linux sandbox/desktop breakout

  • Knowledge of a scripting language such as Python (preferred), Ruby, PowerShell or Bash.

  • Good communications skills (verbal and written)

  • Good level of computing skills

  • Attention to detail and working to deadlines, with the ability to work under pressure

  • Good organisational and time management skills with the ability to prioritise workload

  • Ability to work on own initiative

  • Discretion and understanding of the need to respect the confidentiality

  • Ability to convey technical information in an accessible manner

  • Flexible approach to work

Desirable Skills

  • Knowledge of OSINT gathering techniques, including but not limited to the use of advanced Google techniques, DNS, domain registration, certificate transparency, and other public sources of information.

  • Experience with live bug bounties, particularly where automation has been implemented.

  • Knowledge of security considerations in the cloud (AWS, Azure and GCP), particularly identifying vulnerable configurations through management and API access along with the exploitation of web/infrastructure vulnerabilities specific to cloud environments.

  • Knowledge of mobile application vulnerability identification and exploitation including but not limited to Android and iOS app structures, decompilation, code signing, and traffic interception.

Please note as successful candidates will work closely with seconded Police officers they will be required to undergo a right to work and disclosure check and will be expected to maintain a very high level of confidentiality. This may include a social media check.
If you are interested in applying for this role please apply here.

If you have any further questions about our Student Development or future roles at the Cyber Resilience Centre, please contact us here.