Penetration Tester, Fresha

Salary not provided

AWS

Python

Elixir

Jenkins

Kali

Senior level

London

4+ days a week in office

Booking software for beauty & wellness brands

Job no longer available

Booking software for beauty & wellness brands

201-500 employees

B2BMarketplaceInternal toolsProductivitySaaSBeautyWellbeing

Job no longer available

Salary not provided

AWS

Python

Elixir

Jenkins

Kali

Senior level

London

4+ days a week in office

201-500 employees

B2BMarketplaceInternal toolsProductivitySaaSBeautyWellbeing

Company mission

To empower beauty and wellness businesses and help millions look and feel their best.

Job

Company

Role

Who you are

The perfect candidate will have solid experience in manual pen testing, but with a mindset focused on automation, bringing the best-of-breed open source and commercial tooling to catch SQLi, XSS, CSRF, and other vulnerabilities
Home grown development may also be needed to ensure new code is safe from past vulnerabilities
Expertise on SAST, DAST, OSS vulnerability scanners, Kali, sqlmap, fuzzing, along with scripting languages, and CI tools such as CircleCI or Jenkins, is what we are after
Knowledge of Elixir and Python is very desirable too
Over 5 years doing penetration testing
Expert using penetration testing tools such as Burp, OWASP ZAP, and other OSS tools such as Nuclei
Expert in penetration testing of web applications, native mobile apps, and cloud infrastructure (AWS)
Experienced in threat modelling
Interested in latest technologies around Generative AI
Creative thinking and problem-solving mindset
Ability to interact with people from across the business and build strong relationships, including the ability to effectively influence upwards
Happy to roll sleeves up and assist the team when required (team player)
Self-starter and proactive approach
Comfortable working in a fast-paced and changing environment

What the job involves

Given our exciting and progressive growth plans, we are looking for an exceptional Penetration Tester to come join our global business
Reporting directly to the Head of Security, and working with stakeholders (internally and externally)
Your primary responsibility is the automation of security tests, enabling the product teams to continue to deliver features at light speed
Performing manual pen testing on a quarterly basis
Categorisation and prioritisation of findings
Development of attack proof-of-concept
Development and maintenance of tools to automate vulnerability discovery
Development of internal phishing attack exercises
Management of future bug bounty programs
Participation in raising security awareness across the company
Participation in the development of plans and policies
Participation in Incident Response events, both simulated and real
Participation in internal and external audits for current and future certifications (such as ISO27001 and SOC 2)

Salary benchmarks

Otta's take

Sam Franklin

CEO of Otta

Fresha allows consumers to discover, book and pay for beauty and wellness appointments with local businesses via its centralised marketplace, while beauty and wellness businesses and professionals use its all-in-one platform to manage their entire operations.

The company has taken a different approach compared to rivals in the salon management space. Rather than charging monthly, its software is free to use, and charges when a booking is made through the system. Fresha's platform also offers a range of financial products, making it an appealing option for salon operators. This has allowed the company to swiftly build a network of merchants for its marketplace, and it has over 80,000 partner businesses processing over 30 million appointments a month.

Now that Fresha has solved the chicken-and-egg problem of starting a marketplace, it is using its market position to scale quickly. It now has 100,000 partner venues and is working within 120 countries. Between 2021 and 2023, it enjoyed 190% growth in its global bookings.

Insights

Top investors

Some candidates hear
back within 2 weeks

28% female employees

4% employee growth in 12 months

Glassdoor (3.8)

Company

Funding (last 2 of 9 rounds)

Dec 2021

$52.5m

SERIES C

Jun 2021

$100m

SERIES C

Total funding: $195m

Company benefits

Work from home opportunities
Fast track career progression
Yoga and Pilates through WeWork membership
Travel coverage when visiting teammates - through workshops and social events
A vibrant and collaborative company culture
Company social events

Company values

Empathy
Imagination
Creativity
Commitment

Company HQ

London, UK

Articles

Fresha launches online shop functionality Fresha Store

Fresha, the world's leading beauty and wellness platform acquires Australia's Bookwell

Fresha, a business platform for salons, spas and beauty and wellness pros, extends Series C by $52.5M at a $640M+ valuation

COTU VENTURES LAUNCHES FIRST FUND WITH $54 MILLION

Fresha accelerates global growth and expands into new markets with launch of platform in nine languages

Founders

William Zeqiri

(CEO)

Previously VP of Technology at Dubai Holding (investment management). Digital Services Manager for New Zealand Human Rights Convention

Nick Miller

(Product Chief)

Previously a Programme Manager for New Zealand Trade and Enterprise. Founded a business with William in 2005 (a strong signal of their partnership)

People progressing

Michal

Joined as a Junior Developer. Promoted to Front End Developer after 10 months.

Share this job

View 22 more jobs at Fresha