Join to apply for the Penetration Tester role at Pentest People.
Pentest People is a UK-based security consultancy specialising in providing Penetration Testing as a Service to all its clients. Our approach combines consultant-led penetration testing with ongoing vulnerability assurance through our SecurePortal, providing a continuous threat management system throughout the contract duration.
As a Penetration Tester specialising in Infrastructure testing or Web Apps, you will conduct formal penetration testing assessments, deliver detailed written reports that meet industry standards and deadlines, and assist with pre-engagement activities such as scoping projects and drafting proposals. You will also research vulnerabilities in infrastructure and applications, adhere to responsible disclosure practices, and share findings with the team.
* Conduct formal and comprehensive pentests and, where necessary, other penetration testing assessments.
* Deliver clear, well-structured technical and non-technical reports in English.
* Perform vulnerability assessments and provide detailed findings along with recommended remediation actions.
* Assist with client pre-engagement tasks, including scoping activities and drafting proposals.
* Manage and execute penetration testing projects, ensuring completion within tight deadlines.
* Collaborate with the team to research infrastructure and related components, identifying new vulnerabilities and adhering to responsible disclosure practices.
* Provide guidance and mentorship to Graduate and Junior Penetration Testers, as appropriate.
About You
* Demonstrated experience in penetration testing, along with expertise in various other types of assessments.
* In-depth knowledge of both Windows and Linux environments, with a strong understanding of Active Directory and wireless technologies.
* Comprehensive understanding of multiple Operating Systems and network principles.
* Familiarity with assessing cloud and hybrid environments, particularly AWS and Azure.
* Knowledge of modern solution architecture and deployment across diverse platforms.
* Proficiency in programming or scripting in your preferred language.
* Relevant security certifications (e.g., OSCP, CREST CRT, OSEP, CCT INF, CTM).
* Solid understanding of virtualisation technologies.
While this role is advertised as remote, it will require occasional visits to client sites and the office as needed. Candidates must be based in the UK and have the right to work, as we are unable to provide sponsorship at this time.
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Information Technology
Industries
* IT Services and IT Consulting
We are an equal opportunity employer and celebrate diversity, committed to creating an inclusive environment for all employees.
#J-18808-Ljbffr