Salary: £90,000 - 90,000 per year Requirements: We are looking for experienced Penetration Testers with CHECK and/or CREST qualifications, including CHECK Team Member (CTM), CHECK Team Leader (CTL), CREST Registered Tester (CRT), or CREST Certified Tester (CCT), or we are open to candidates actively progressing along either pathway at a senior level. We need hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional consultancy environment. We require a strong understanding of common vulnerability classes, including the OWASP Top 10, exploitation techniques, and remediation guidance. We are looking for confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences. We need strong written reporting skills and the ability to produce clear, well-structured deliverables. We value a genuine passion for offensive security, demonstrated through CTFs, labs such as Hack The Box or TryHackMe, research, certifications, or community involvement. We are considering candidates at mid to senior level. We welcome candidates with existing clearance, but we can sponsor SC or DV clearance where required. Responsibilities: We will expect you to deliver web application, API, and infrastructure penetration tests, owning engagements end-to-end from scoping through to final report delivery. We want you to lead client-facing engagements and communicate high-risk findings as they are identified so remediation can happen quickly. You will produce clear, professional reports tailored to each clients context and business risk. You will support broader offensive security activity, including red team and purple team engagements, phishing simulations, and assumed-breach style assessments where relevant. You will contribute to internal QA and help mentor more junior consultants. You will support report quality across the team. You will stay current with the evolving threat landscape and contribute to internal R&D, tooling, and knowledge sharing. You will attend client site visits as required. Technologies: API Support OWASP Security Web Swift More: We are one of the UKs larger dedicated offensive security practices, with a team of around 70 testers working across CHECK and CREST engagements. We deliver high-quality assessments for a broad client base, offering genuine variety in engagement type, sector, and technical depth. Our team is split into two streams: commercially driven CREST work and deeper, security-led CHECK work, giving you a clear path depending on the direction you want to take your career. This is a permanent, full-time role based fully remote in the UK, with client site visits as required. We offer a salary of £55,000 to £90,000 depending on experience, certifications, and clearance level, plus travel and expenses for client work, an overnight bonus for site visits, a company pension scheme, and clearance sponsorship where needed. last updated 21 week of 2026