Senior Penetration Tester / Cybersecurity Red Team Lead (Certified: OSCP / OSCE / OSWE / CREST / CISSP)
Contract Type: Full-Time or Long-Term Contract
Compensation: Competitive day rate or salary commensurate with expertise
About the Role
We’re seeking an elite, hands‑on penetration tester to lead complex red-team and vulnerability‑assessment engagements across cloud, web, infrastructure, and operational technology (OT/ICS) environments.
You’ll work alongside battle‑tested CTOs and cybersecurity engineers within Neurotic Ltd., a global technology house known for delivering high‑impact results for energy, FMCG, and enterprise clients in the UK and US.
This isn’t a checkbox‑based “run the scanner” role, we’re looking for someone who thinks like an adversary, writes like a strategist, and mentors like a leader.
Key Responsibilities
• Lead and execute full‑scope offensive security engagements (external, internal, web, cloud, and wireless).
• Design and run red‑team simulations, purple‑team exercises, and social‑engineering scenarios.
• Build and maintain custom exploits, scripts, and tooling (Python, Go, PowerShell, Bash).
• Perform in‑depth threat modeling, risk assessments, and adversary emulations.
• Deliver executive and technical reports with remediation roadmaps aligned to NIST, ISO 27001, SOC 2, and MITRE ATT&CK frameworks.
• Coordinate with defensive teams to improve detection and response capabilities.
• Mentor junior analysts, shape internal testing methodologies, and uphold the highest ethical standards.
Required Certifications & Credentials
We’re looking for a top‑1% operator, ideally holding several of the following (or equivalent real‑world mastery):
• Cloud Security: AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer
• Bonus: Red Team Operator (CRTO I/II), eLearnSecurity eCPTX/eWPTX, or experience in bug bounty programs (HackerOne, Synack, Bugcrowd)
Required Experience
• 8–12+ years of hands‑on experience in penetration testing, exploit development, or adversary emulation.
• Strong knowledge of network protocols, operating systems (Windows/Linux), and cloud infrastructures.
• Deep understanding of offensive TTPs (techniques, tactics, and procedures).
• Proven track record leading engagements with enterprise or regulated clients (finance, energy, healthcare).
• Demonstrated ability to write clear, client‑ready reports with both technical detail and board‑level summaries.
• Experience working within SOC 2 / ISO 27001 environments.
• Familiarity with threat‑intel integration, MITRE ATT&CK mapping, and detection‑engineering collaboration.
Soft Skills
• Obsessive attention to detail and operational discipline.
• Strong communicator, able to brief both engineers and executives.
• Comfortable operating in high‑trust, autonomous environments.
• Passion for continuous learning and open‑source contribution.
Nice to Have
• Experience with OT/ICS pentesting (energy, LNG, manufacturing environments).
• Experience integrating with SIEMs, SOAR, and EDR tools during engagements.
• Prior work in defense, government, or regulated financial environments.
• Contributions to open‑source security tools or research publications.
Why Join Neurotic Ltd.
• Work directly with CTOs and CISOs from enterprise and fast‑growth companies.
• Access to cutting‑edge projects, from LNG infrastructure to AI‑powered data platforms.
• Global remote culture with vetted experts across the UK, EU and US
* No bureaucracy, just exceptional people solving complex problems.
#J-18808-Ljbffr