Security Testing Analyst | London (Hybrid) | £30-35k
We are working with a well-established cyber security consultancy that is looking for a Security Testing Analyst to join their growing security testing team.
This is a hands-on role with a clear development path - ideal for someone with around one to two years of experience in vulnerability assessment or junior penetration testing who wants structured progression toward deeper VAPT capability in a real client environment.
The consultancy works with clients across regulated industries and PE-backed businesses, delivering penetration testing, VAPT, GRC advisory, and AI security services. You'll be joining a team that invests in its people: mentoring, funded certifications, and a performance-based progression model, not a time-served one.
About the Role:
The primary focus of the role is vulnerability assessment, external attack surface management, scan management, finding validation, and remediation follow-up. Alongside that, you'll be carrying out practical penetration testing activity - particularly across external infrastructure and internet-facing services - with direct mentoring from senior testers as you build out your capability.
This isn't a role where you run a scan, export the report, and move on. You'll be expected to investigate findings properly, understand exploitability, reduce false positives, and produce ...