Salary: £60,000 - 60,000 per year Requirements: We require CREST Registered Tester (CRT) certification. We require OSCP certification. We are looking for around 2-3 years of hands-on penetration testing experience. We need a strong understanding of web application and infrastructure testing methodologies. We expect experience with tools such as Burp Suite, Nmap, Nessus, and Metasploit. We need a solid understanding of the OWASP Top 10 and common attack vectors. We require strong report writing and communication skills. Consultancy or client-facing experience is beneficial. Additional certifications such as CPSA or cloud security certifications would be advantageous. Security clearance is beneficial but not required. Responsibilities: We deliver web application penetration testing. We carry out infrastructure and internal network testing. We perform external vulnerability assessments. We conduct Active Directory and privilege escalation testing. We deliver cloud security assessments across Azure and AWS. We produce security reports and support remediation discussions with clients. We work closely with senior testers and technical leads. We gain exposure to a wide variety of technologies, environments, and engagement types. Technologies: AWS Active Directory Azure Cloud Support Network OWASP Security Web More: We are a well-established cyber security organisation continuing to invest heavily in our offensive security capability following sustained client growth across both commercial and regulated environments. We offer a collaborative, highly technical, and supportive environment where you can continue developing your offensive security career. This is a remote role with occasional onsite client visits, and the salary is £50-60k DOE. last updated 21 week of 2026