Penetration Tester - CHECK Team in Canada

Role: Check Team Leader and Check Team Member

Location: Uk Hybrid

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

CC Group Technical Assurance Services is the home of high-end technical excellence in cybersecurity assessment.

We employ the world’s sharpest minds to demonstrate security weaknesses to clients before a real attacker can take advantage of them.

Through our ‘attacker’s eye view’ we provide unparalleled advice to help clients secure their assets.

We are the largest and most tenured team of its kind in the cybersecurity services market with an uncompromising commitment to deep technical excellence.

The techniques, tools, and insights originating from NCC are used by clients and competitors the world over.

Often imitated, never bettered – we exist to set the highest bar in pursuit of a more secure digital future.

Do you have what it takes to be part of the best technical cybersecurity services team around?

Come find out!

The Opportunity:

As a trusted supplier, NCC Group performs a large amount of work within various Government departments or suppliers; to service the demands of our client base whilst providing consultants with a diverse and varied array of projects we need even more team members to supplement our impressive CHECK team.

The role of CHECK Team Leader involves engagements that are often performed on-site, although we have been successful in demonstrating CHECK work performed remotely over the last year or so.

The role responsibilities includes providing structured programmes of security testing, consultancy and research combined with the delivery of informative reports detailing engagement activities and their results with articulation of risk and remediation priorities for clients.

In addition to enacting these responsibilities, NCC Group will support you in your continued training and development goals on an individual basis.

Key Responsibilities- Check Team Member and Check Team Leader

• Maintaining a suitable technical qualification for the requirements of the NCSC CHECK Scheme.
• Maintaining an SC / DV clearance as required by the NCSC CHECK scheme.
• Performing technical engagements in-line with NCSC CHECK expectations.
• Delivering high quality technical reports to clients.
• Developing self-skills on internal security projects.
• Conducting focused research when not engaged on client billable projects.
• Responsible for adhering to all internal policy and procedures in relation to security and quality best practice.
• Ability to travel to clients sites to perform security engagements of varying durations when necessary.

Additional Accountabilities- Check Team Leader

• Being able to deliver workshops to various type of clients’ stakeholders to present testing methodologies and explain findings.
• Assist in continual development of NCC Group’s People, Processes and Technology.
• Provide guidance and mentoring to adjacent teams and team members.
• Providing technical scoping advice and assisting pre-sales where necessary

Skills

• Current CHECK Team Members status or
• Current CHECK Team Leader status with either, or both
• CTL-WEB
• CTL-INF
• Experience of working both solely and as part of a team
• Knowledge of cyber security principle
• Writing clear and accurate technical documentation

The following additional attributes would be advantageous

• Experience in cloud technologies.
• Experience of working across a range of Government departments.
• Knowledge of cloud security and architect frameworks such as AWS well architected framework, Cloud Adoption Framework, CIS Standards for Cloud.
• Experience of working in a consultancy setting.
• Experience creating solution architectures and designs.
• Agile certification.
• Experience creating solution architectures and designs.
• Use of a variety of network security testing tools and exploits to identify vulnerabilities and be able to recommend corrective action.
• Proven ability to explain the output of a penetration test to a non-technical client.
• Industry standard qualifications such OSCP, CREST or CHECK.
• Ability to lead technical teams on client engagements.
• technical teams on client engagements.

The following qualifications maybe advantageous:

• Amazon Web Services
• AWS Certified Security
• AWS Architect Professional
• AWS Certified Advanced Networking
• Google Cloud Platform
• Professional Cloud Security Engineer
• Professional Cloud Architect
• Professional DevOps Engineer
• Microsoft Azure
• AZ-500 (Microsoft Azure Security Technologies)
• Microsoft Office 365
• MS-500 (Microsoft 365 Security Administration)
• MS-100, MS-101, MS-203, MS-700

Behaviours:

• Client-Focused: Prioritizes client needs and expectations, ensuring that all actions and decisions lead to client satisfaction and success.
• Collaborates as ‘One NCC’: Works in unison with all departments and teams, fostering a united front and shared objectives across the entire organisation.
• Adds Value: Goes beyond the minimum requirements to provide solutions and contributions that enhance the customer’s success and growth.
• Enables and Empowers: Provides tools, resources, and support to team members, fostering an environment where they can thrive and excel.
• Personal Responsibility: Takes ownership of actions, decisions, and outcomes, acknowledging successes as well as areas for improvement.
• Communicates Openly and Respectfully: Shares information transparently while maintaining respect and consideration for all stakeholders.
• Open Mindset: Embraces new ideas, diverse perspectives, and is willing to adapt in response to evolving situations or feedback.
• Growth and Development: Actively seeks opportunities for personal and professional growth, championing learning and evolution for oneself and the organisation.
• Analytical Thinking: Demonstrates a systematic approach to resolving issues and identifying improvements.
• Collaboration: Works effectively across various teams and fosters a collaborative environment.
• Proactive Nature: Anticipates potential service issues or user needs and acts on them before they escalate.
• Continuous Learning: Shows a commitment to personal and professional growth and keeps up with the latest trends and practices.
• Customer-Centric: Always considers the end-user's experience and strives to enhance the quality of IT services delivered.
• Problem-Solving: Demonstrates resilience in finding solutions to complex challenges
• Adaptability: Remains flexible and positive in a constantly evolving environment and handles change constructively.

About NCC Group

The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers.

Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape.

We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference.

We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for.

If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email All personal data is held in accordance with the NCC Group Privacy Policy.

We are committed to diversity and flexibility in the workplace.

If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does.

To apply, you must be willing and able to undergo the vetting process.

This role being advertised will be subject to BS7858 screening as a mandatory requirement.