If you enjoy understanding how systems fail — and using that knowledge to make organisations more secure — this opportunity will interest you.
Our client is an established and growing cyber security consultancy, trusted to deliver high-quality offensive security services across the UK. They are expanding their CHECK capability and investing heavily in building out their Offensive Security practice.
They’re looking for a penetration tester who wants to join at a genuine growth stage — not just deliver work, but help shape the capability as it scales.
Role: Penetration Tester – Offensive Security
Salary: Up to £65,000
Location: London | Hybrid
The Opportunity This role offers a 60% / 40% split:
60% Cyber Essentials & Cyber Essentials Plus assessments
40% Hands-on penetration testing across infrastructure and applications As the organisation grows its CHECK capability, there is clear progression and accreditation support. If you are already a Cyber Essentials Assessor accredited professional, the business will support you through further CHECK qualifications as the practice expands.
What You’ll Be Doing
Delivering penetration tests and vulnerability assessments across networks, infrastructure, and applications
Conducting Cyber Essentials and Cyber Essentials Plus assessments
Supporting and leading testing engagements alongside senior testers
Producing clear, well-structured reports with practical remediation advice
Using tools such as Metasploit and Burp Suite
Keeping up to date with emerging tools, techniques, and attack methods
Collaborating with consultancy and SOC teams, with potential progression into threat hunting What You Must Have One of the following:
CHECK Team Member (CTM)
Cyber Scheme Team Member (CSTM)
OSCP
Cyber Essentials Lead Assessor Plus:
At least 6 months of hands-on penetration testing experience
Strong written and verbal communication skills
Experience with networks and Windows, Linux, and macOS environments
Eligibility for UK Security Clearance
A proactive mindset and strong team ethic Desirable Experience
Web and mobile application testing
Cloud technologies including M365, Azure, and Sentinel
IoT and SCADA environments
SOC or security operations exposure
CREST CRT or other relevant certification