Associate Security Consultant

Security Consultant Accelerator Program / Ethical Hacking / Graduate Program

About Nettitude

LRQA Nettitude is an award-winning provider of Cyber Security and Assurance, Incident Response, and Technology services to organizations worldwide. We are currently in an exciting phase, both in terms of our company's growth and in response to the evolving Cyber Security landscape. We are seeking individuals who are ready to tackle the challenges presented by the advancements in the IT industry and the evolving threats faced by organizations. Nettitude is at the forefront of this arena, and we are looking for the right people to join our team and drive this change. Find out more about LRQA Nettitude at nettitude.com.

Location

Applicants for the Accelerator Program must be residents of either the UK, Greece or Portugal.

The Role

In this role, you will join a 6-month training program before transitioning into the workforce as a fully-fledged Cyber Security Consultant, working within our information assurance and penetration testing team.

A Unique Experience

You will be part of a team embarking on a journey within one of the most exciting, technically driven, and rapidly growing industries. LRQA Nettitude’s Accelerator Program offers incredible opportunities to immerse yourself in a range of deep-dive technical cyber subjects, providing you with the best possible start to your career. You will learn not only how to hack traditional infrastructure and web applications but also be exposed to reverse engineering, cryptography, and threat intelligence, taught by our seasoned principal security consultants who hold the highest industry qualifications and accreditations.

An Innovative Approach

At LRQA Nettitude, you will be immersed in an environment where you will be taught through a robust curriculum, consisting of carefully planned modules covering foundation, core, and advanced topics. This will give you the necessary skills to start your career as a security consultant on the right foot. Unlike many junior consultants who learn how to hack without understanding its real-world implications, at LRQA Nettitude, you will learn how to hack with a real-world perspective.

What You’ll Be Doing

• You will learn and progress through our comprehensive cyber assurance training program, leading to sitting the widely respected OSCP exam.
• You will participate in group-based penetration testing, working alongside some of the most highly experienced and qualified testers in the country.
• You will gain real-world experience, putting theory into practice in a controlled and supported setting.
• Spend time within our Research & Innovation Department, working on projects directly related to LRQA Nettitude’s core mission and your personal interests.
• Spend time working directly with clients through our sales and account managers.

No two weeks are the same within LRQA Nettitude’s Accelerator Program! Each week offers a different approach, covering various subjects at a deliberately changed pace and style to ensure you can adapt and progress to your best potential. These sessions are backed up with practical workshops, hands-on real-world experience, shadowing, project work, and, as time progresses, attending on-site engagements. Towards the end of the program, you will also have the opportunity to lead engagements with real clients under the supervision and guidance of senior consultants.

Key Skills

Our Accelerator Program is designed for:

• Graduates, career changers, and anyone else looking to enter the offensive side of the cybersecurity industry. No professional penetration testing experience required!
• We select individuals based on a number of data points that favor strong aptitude and a credible interest in the industry.

Individuals who can demonstrate a credible interest in the industry often have one or more of the following:

• Completed a degree, course, or certification in something cybersecurity-related.
• Written a blog related to cybersecurity.
• Demonstrated motivation and self-development, such as through a home lab setup with vulnerable machines, participation in CTFs, or similar activities.
• Membership in a security-focused group, e.g., at university, or in the wider industry (e.g., OWASP chapter participation, etc.).
• Attended or contributed to community conferences in some way.
• Contributed to software projects, potentially including their own small projects.

What We Offer

• A competitive salary for graduate schemes.
• The opportunity to learn from experienced and skilled penetration testers.
• A comprehensive training course covering web application, external infrastructure, and internal infrastructure.
• Opportunities to become certified in cloud and Offensive Security.
• Regular clinic days where the whole team attends presentations by other team members or guest speakers. These can also include CTFs and digital detox days.
• Continued and supported professional development as a Security Consultant.

How to Apply

To apply, you need to:

• Submit your CV and cover letter.
• Complete our Capture the Flag exercise.
• Send us a written file outlining how you managed to capture the flag.

Once you have applied through the Capture the Flag exercise, your application will be reviewed within a week. If your application is successful, we will schedule an interview with you at the next available date.

The Capture the Flag exercise will require out-of-the-box thinking and problem-solving skills to capture the flag. You will encounter a mixture of disciplines and may need to do some research. We will not only be looking for the flags you capture but also the challenges you had to overcome in your written analysis. More details on the rules and conditions for the Capture the Flag exercise can be found here. Good luck, and enjoy!

Please sign up for an account on our LRQA Nettitude Accelerator Program Capture the Flag site here.

For all flags corresponding to VM-based challenges, you need to submit a written file as well. This will be a text file containing a brief description of how you managed to capture the flag. Non-VM-based challenges do not require a written analysis.

You can submit a written analysis even if you didn’t capture the flag; we appreciate the thought process, not just reaching the destination and capturing the flag. While we encourage people to attempt all the challenges we offer, completion of all challenges is not required to be considered for the program. Two well-written analyses would be enough to apply and be considered for the role.

Rules of Engagement

All rules are specified on our CTF system; you must read and abide by the rules of engagement.

The labs.nettitude.com website and all associated infrastructure (e.g., CTF registration server, etc.) are strictly out of scope. The system clearly states what is in scope.

If you encounter any issues, please contact an admin at administrator@acceleratorscheme.com.

We will be reviewing candidates’ submissions weekly and will contact those who are successful via e-mail to arrange a telephone interview.