This is a remote role open to candidates based anywhere in the UK, offering the opportunity to work across a diverse range of client environments — from enterprise networks to public sector systems.
You’ll be responsible for delivering hands-on penetration testing engagements, identifying vulnerabilities through systematic and innovative testing, and translating technical findings into meaningful business insights. The role offers strong progression opportunities, access to industry-recognised training, and involvement in advanced security projects.
The organisation is a leading UK-based managed service provider, delivering a comprehensive range of end-to-end technology solutions across Connectivity, Cloud, Collaboration, and Cyber Security. All services are designed, implemented, and supported by in-house specialists using a privately owned, state-of-the-art national infrastructure.
What You’ll Be Doing:
* Conduct end-to-end penetration testing across infrastructure, web applications, and internal networks
* Lead or support security testing engagements and deliver concise, high-quality reports
* Translate technical findings into clear business impact and actionable recommendations
* Communicate effectively with both technical and non-technical stakeholders
* Stay up to date with current vulnerabilities, exploits, and industry best practices
* Contribute to internal development of tools, research, and process improvement initiatives
What We’re Looking For:
* 1–2 years of hands-on experience in manual penetration testing (infrastructure and/or web applications)
* Strong understanding of TCP/IP, networking concepts, and web application architecture
* Familiarity with tools such as Burp Suite, Nmap, Metasploit, or similar
* Excellent written and verbal communication skills, including report writing and client presentations
* Eligibility for SC Clearance (active clearance is a plus)
Nice to Have:
* Working towards or holding a CREST qualification (CRT, CCT, or equivalent)
* Experience conducting security build reviews across common operating systems (e.g. Windows, Linux)
* Scripting or programming experience (e.g. Python, PowerShell, or Bash)
* Knowledge of MITRE ATT&CK, TTPs, and adversary simulation techniques
* Awareness of broader threat environments and current industry trends
What You’ll Get:
* Competitive salary (up to £60,000, depending on experience)
* Hybrid or remote working flexibility within the UK
* Funded training and certification support (CREST, OSCP, or similar)
* Opportunities to progress into red teaming, advanced testing, and leadership roles
Supportive, collaborative environment with a strong focus on professional development