Cybersecurity Penetration Tester
Join to apply for the Cybersecurity Penetration Tester role at Portal Londrinatur.
Location: Remote (with UK-wide regular on-site client visits; approximately 50% monthly travel for on-site pen testing).
What The Role Has To Offer
* Safeguard UK Defence systems through advanced penetration testing and red teaming on critical military platforms
* Tackle complex threat simulations and exploit development across IT, OT, cloud, and embedded environments
* Use cutting‑edge tools with funded training and certifications (CHECK, CREST, OSCP, GIAC)
* Develop your own impact on future capability
Key Responsibilities And Tasks
* Lead end‑to‑end penetration testing across networks, applications, cloud infrastructures, and embedded systems
* Drive advanced vulnerability assessments and exploit development, executing post‑exploitation activities within authorised scopes
* Orchestrate red and purple team engagements, simulating sophisticated threat scenarios against defence systems
* Produce high‑impact technical reports and executive briefings, translating complex findings into clear risk narratives, business impact assessments, and prioritised remediation strategies
* Partner with defensive operations and risk management teams to sharpen detection, accelerate response, and embed proactive resilience across the enterprise
* Stay ahead of adversaries by maintaining expert knowledge of tactics, techniques, and procedures (TTPs) employed by state and non‑state actors in the defence sector
* Advance security testing methodologies and tooling, contributing to innovative threat modelling approaches tailored for complex, high‑assurance environments
* Champion compliance and assurance by aligning practices with MOD, NCSC, and international standards (JSP 440, ISO 27001, NIST, CHECK, CREST)
Essential Qualifications
* Degree in Computing, Cybersecurity, or related field – or equivalent professional experience
* CHECK Team Leader accreditation currently held
* Demonstrated track record as a Penetration Tester, Red Team Operator, or equivalent offensive security specialist
* Proven ability to manage small technical teams, demonstrating strong people skills, mentorship, and collaborative leadership
* Deep expertise in network protocols, application security, operating systems, and cloud platforms across IT and OT environments
* Hands‑on proficiency with industry‑standard tools including Burp Suite, Metasploit, Cobalt Strike, Nmap, Nessus, and custom scripting in Python, PowerShell, and Bash
* Proven experience conducting penetration tests across diverse systems: Windows, Linux, Android, iOS, Web Applications, and Cloud infrastructures
* Familiarity with defence and government environments, including secure handling of classified information
* Exceptional written and verbal communication skills, able to translate complex technical findings into clear, actionable insights
* SC or DV clearance (mandatory for project delivery), with eligibility or current holding
Desirable Qualifications
* Recognised certifications such as CREST (CPSA, CRT, CCT INF, CCT APP, CCRTS, CCRTM), CHECK Team Member/Leader, OSCP, OSCE3, CEH, or GIAC (GPEN, GWAPT, GRTP, GXPN)
* Exposure to I‑CS/SCADA, RF systems, or military‑grade communication networks
* Strong grasp of Threat Intelligence, MITRE ATT&CK framework, and adversary emulation techniques
* Previous involvement in projects supporting the MOD, defence primes, or critical national infrastructure (CNI)
* Domain expertise across Defence, Nuclear, Government, Aerospace, CNI, and Transport sectors
Benefits
* Annual bonus (VCP)
* Pension match like‑for‑like up to 7% of annual base salary
* Life Assurance 2 × base salary minimum (8 × salary if part of the pension scheme)
* Income Protection 50% of salary less state benefits for 5 years
* Annual Leave 201 hours, bank holidays, plus 1 company day
* Private Medical Insurance – couples cover
* Half day every Friday, usually finishing around 1:00 pm
* 24/7 Employee Assistance Programme
* 24 hours paid leave for volunteering activities
* Flexible benefits and discounts (dental insurance, buying & selling annual leave, cycle to work, and many more)
Equal Opportunity
At Thales, we are committed to equal opportunities and welcome all talented individuals to consider joining our team. So even if you don't match every statement below but feel you have some of the experience, knowledge or skills needed for this role, we encourage you to apply. It will take all of us working together to deliver solutions to the world's most critical challenges.
UKEO (UK Eyes Only)
This role requires you to be a UK National and achieve Security Clearance (SC) without any caveats. If not currently held, you must obtain SC Clearance prior to commencing employment. Dual nationals from a non‑ITAR country may be considered if approved by the MOD.
For guidance on clearance levels, visit the UKSV website: https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levels/national-security-vetting-clearance-levels.
#J-18808-Ljbffr