Senior Security Consultant Penetration Testing (Web, API & Product Security) Location: Remote (UK) | Competitive Salary Bonus Training & Certs Join a CREST-accredited Cyber Security consultancy delivering high-quality penetration testing services across web, mobile, cloud and product environments for organisations in finance, healthcare, SaaS and critical infrastructure. They are looking for a Senior Penetration Tester with strong commercial experience who is keen to advance their career into more Red Team / Offensive security engagements. Youll take a lead role in delivering assessments, improving testing approaches, and guiding junior team members, while gaining the opportunity to participate in red team activities as part of your growth. What youll do: Deliver Web Application and API penetration tests, including complex and modern architectures. Lead assessments across infrastructure, cloud and product security, identifying and exploiting real-world risks. Produce high-quality reports and communicate findings clearly to both technical and non-technical stakeholders. Support offensive security tooling improvements and internal research initiatives. Mentor junior testers and play a key part in continuous improvement across testing capabilities. Progressively support red-team style engagements, building the skills and experience needed for full-scope simulations. What were looking for Proven experience in commercial Web App and API security testing. Software development literacy or System Admin background. Strong ability in at least one domain: Cloud (Azure/AWS), Product Security, Mobile Testing, or Active Directory exploitation. High-standard reporting and client-facing communication skills. Certifications such as OSCP, CRT, CRTO, OSEP, or GWAPT are advantageous. Desire to grow into red-team delivery .