Lead Assurance Consultant (New York)
Context Information Security
 NY (New York)
We are looking for penetration testers who are passionate about working for a consultancy at the cutting edge of information security. At Context, we pride ourselves on our unique, dynamic and meticulous approach to penetration testing to ensure our clients get a true picture of their exposure to a wide range of potential threat actors. This provides our clients with actionable intelligence which can be used to significantly reduce the likelihood of a compromise. We empower our consultants to utilise all of their technical ability on engagements, be creative and really get in to the mind-set of an attacker in order to find vulnerabilities that others simply can't.

A Lead Consultant within our New York Assurance team at Context will have many opportunities to advance their technical skills in all areas of penetration testing through on the job experience, training and qualifications as well as gaining valuable insight into the inner workings of large scale systems supporting critical business functions within some of the world’s largest organisations. Additionally, consultants at this level have the opportunity to advance their careers through development of important consultative, managerial and leadership skills.

A successful candidate will be able to demonstrate strong technical penetration testing skills with practical experience of using common penetration testing tools to identify and exploit vulnerabilities in addition to standard industry qualifications. Context globally supports the CREST standard for penetration testing qualifications (http://www.crest-approved.org). Successful candidates will be encouraged and supported to obtain the full range of CREST qualifications from Crest Registered Tester (CRT) to Crest Certified Tester (CCT) and beyond.

Person Specification

  • Ability to deliver a broad range of penetration testing services, including advanced/expert level proficiency in at least one discipline.
  • Lead client-facing jobs and manage projects through to completion, dealing with client issues acting as a project lead and as an interface between Context and the client.
  • Take responsibility for improving areas of the methodologies, tools and processes used by Context.
  • Provide training and mentoring to other consultants on projects.
  • Write reports to a high standard, and provide technical QA for the work of others.
  • Carry out research and development work as required, to continue to advance core knowledge areas/develop niche interests and specialisms.
  • Industry specific technical accreditations such as OSCP, OSCE.
Who we are

Founded in 1998, Context is independently operated with FTSE 100 backing. We work with many high profile blue chip companies and government organisations and are recognised as thought leaders in the industry. With offices in the US, UK, Germany and Australia, we are ideally placed to work with clients worldwide. Context has played an integral role in developing cyber security frameworks; for example, the development of the CBEST framework in the UK which uses a bespoke intelligence-led approach to perform full red-team style security tests against some of the world’s largest retail and investment banks. Context has taken its existing holistic approach to penetration testing to the US market in order to assess an organisation’s overall capability to prevent, detect and respond to security incidents.

Our clients look to us to provide solutions to their most complex information security challenges, in order to protect their most critical resources. Our clients trust us with this great responsibility because of the quality of our people; leaders in their field, inquisitive, driven, determined and capable of rising to the most complex of challenges. We are passionate about developing our staff, through provision of continuous on the job and classroom based training and development opportunities. We also pride ourselves on our flexible and social working environment.

Context offers a competitive salary and benefits package. 

Employees shall comply with applicable data protection legislation in the course of their employment including the General Data Protection Regulation.  In particular, they shall inform the data protection officer of any processing activities which uncover personal data.