Are you looking for an exciting new opportunity? Join a London based, product-agnostic consultancy specialising in information security governance, risk, and compliance management for clients across Europe. With a deep-rooted passion for cyber risk, the team excels at developing measurable controls that align with an organisation’s risk appetite, capacity, and tolerance for breaches. Known for crafting innovative and cost-effective Information Security Management Systems (ISMS), the consultancy enables quantifiable compliance with key information security legislation, regulations, and industry standards, including PCI DSS, the UK Data Protection Act 2018 (DPA 2018), GDPR, and ISO/IEC 27001.
If you would like to learn more about this opportunity, feel free to reach out and apply today!
Responsibilities:
* Conduct web, mobile, API, infrastructure, cloud, and wireless penetration testing.
* Create detailed technical reports and deliver test findings directly to clients.
* Provide remediation advice and post-assessment consultancy.
* Contribute to internal testing methodologies and Red Team/social engineering activities.
* Mentor junior team members and support collaborative delivery of projects.
* Occasionally support the creation of marketing materials such as research papers and articles.
Skills / Must have:
* Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches.
* Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit.
* Familiarity with cloud platform security testing (AWS, Azure, GCP).
* Understanding of mobile security (Android & iOS), networking protocols, and the OSI model.
* Excellent verbal and written communication skills, especially for client-facing engagements.
* Highly organised, analytical, and able to manage multiple projects independently.
* Ability to explain technical risks to non-technical stakeholders and C-level executives.
Desirable (“nice to have”) Skills:
* Experience with programming, databases, and IoT security.
* Exposure to CI/CD security, Docker/container security, and AI/LLM testing.
* Hands-on experience with Red Teaming tools (e.g., Cobalt Strike) and social engineering.
* Familiarity with bug bounty platforms and vulnerability disclosure best practices.
Benefits:
* Competitive salary with regular performance reviews
* Annual training and personal development plan
* Access to conferences and professional events
* Supportive and knowledgeable team culture
* Hybrid work flexibility after probation
Salary:
* Competitive (dependent on experience)
#J-18808-Ljbffr