Job Description
Job Title: Penetration Tester
Location: Leeds / Hybrid
Reports To: Head of Cyber Services
Salary: £55,000 - £60,000
Travel: Occasional client site visits
About Us
We're a rapidly growing cybersecurity reseller and MSP delivering cutting-edge security solutions across network, endpoint, cloud, and offensive security testing. Our mission: empower clients to expose and eliminate critical vulnerabilities before attackers do.
We're expanding our offensive security team and need an experienced Penetration Tester to deliver high-impact, real-world security assessments that drive tangible improvements.
The Role - What You'll Own
You will simulate sophisticated cyberattacks across client environments - from networks and web apps to cloud and endpoints - exposing weaknesses before adversaries can exploit them. Your findings will guide clients to stronger, more resilient security postures.
* Lead internal and external penetration tests, including infrastructure, web, wireless, cloud, and social engineering.
* Execute red team, purple team, and breach simulation exercises tailored to client maturity and objectives.
* Identify and safely exploit vulnerabilities to demonstrate real business impact.
* Deliver clear, actionable reports tailored to both technical teams and executives.
* Drive client engagement through scoping calls, meetings, and remediation planning.
* Continuously refine testing methodologies, tools, and techniques.
* Collaborate closely with cybersecurity, managed services, and compliance teams to integrate offensive findings into wider risk strategies.
* Stay ahead of emerging threats, exploits, and attack techniques through ongoing research.
What You Bring - Skills & Experience
* 2 to 5+ years of hands-on penetration testing experience across network, web, wireless, and cloud environments.
* Expert with core tools: Burp Suite, Metasploit, Cobalt Strike, Nmap, and custom scripting.
* Deep understanding of vulnerabilities (OWASP Top 10, MITRE ATT&CK) and exploitation methods.
* Experience delivering reports aligned to PTES, OWASP, NIST, or OSSTMM standards.
* Exceptional communicator who can translate complex technical issues for diverse audiences.
* Proven certifications like OSCP, eCPPT, CRTO, CREST CPSA/CRT, or equivalent.
Bonus Points
* Red team, purple team, or adversary emulation experience.
* Programming/scripting skills (Python, PowerShell, Bash).
* Cloud pentesting experience (AWS, Azure, GCP).
* Familiarity with threat modeling or risk-based vulnerability assessments.
* Advanced certifications such as OSCE, OSEP, OSWE, CRTP, CREST CRT/CCT.
Join us if you want to make a real impact, tackle diverse challenges, and grow within a dynamic, client-focused security team.
Eames Consulting is acting as an Employment Agency in relation to this vacancy.