Job Title: Penetration Tester
Location: Remote (UK-based)
Travel: Occasional travel to client sites or company events
Our client is a respected and rapidly growing leader in the cybersecurity and risk consulting space. Working with a wide range of organizations — from FTSE 100 companies to critical infrastructure and government entities — they provide high-quality security testing and advisory services across various industries.
This is an excellent opportunity to join a team that values your expertise, supports your growth, and offers the flexibility of remote working with the stimulation of varied engagements.
Key Responsibilities:
- Conduct thorough penetration tests on infrastructure, networks, cloud environments, and web applications.
- Deliver high-quality, client-ready reports detailing findings, impact, and practical remediation advice.
- Collaborate directly with client stakeholders during scoping, testing, and results presentations.
- Keep current with emerging threats, vulnerabilities, and tools in the offensive security landscape.
- Contribute to internal development of testing methodologies, tooling, and knowledge sharing.
Desirable Skills:
- Experience with red teaming, threat simulation, or assumed breach testing.
- Scripting/automation with Python, Bash, or PowerShell.
- Previous consultancy or client-facing experience.
- Eligibility for or possession of UK Security Clearance (preferred but not required).
- Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK).
- Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc.
- Excellent communication and reporting skills.
Required Qualifications:
- Demonstrable experience in penetration testing (minimum 2 years preferred).
- Hold at least one of the following certifications:
- OSCP (Offensive Security Certified Professional)
- CRT (CREST Registered Tester)
- CCT-INF (CREST Certified Infrastructure Tester)
- CCT-Web App (CREST Certified Web Application Tester)