We are looking for a certified Penetration Tester to join our client’s cybersecurity team and help safeguard critical systems through simulated attacks and red team assessments. You’ll be responsible for identifying vulnerabilities across networks, applications, and cloud infrastructure and providing actionable insights to reduce risk exposure. Ideal candidates have deep experience in offensive security testing, a strong understanding of exploits and security protocols, and a drive to continuously evolve with today’s fast-moving threat landscape. Job Responsibilities Plan, execute, and report on penetration tests across networks, web applications, APIs, mobile, and cloud environments Conduct red team engagements, including simulated phishing, social engineering, and physical security assessments Identify, document, and prioritize vulnerabilities and misconfigurations Use both manual techniques and automated tools (e.g., Burp Suite, Metasploit, Nmap) Collaborate with blue team and remediation teams to harden systems Produce detailed technical reports and executive summaries for stakeholders Stay up to date with the latest exploits, vulnerabilities (CVEs), and threat actor tactics Job Benefits Competitive salary performance bonus Paid training and certification reimbursement (OSCP, CREST, etc.) 25 days holiday bank holidays Private healthcare mental health support Fully remote or hybrid working options Company-funded attendance at security conferences (DEF CON, Black Hat, etc.) Required Skills Strong proficiency in penetration testing tools (e.g., Kali Linux, Burp Suite, Metasploit, Nmap, Wireshark) Experience with OWASP Top 10, vulnerability scanning, and exploit development Familiarity with MITRE ATT&CK framework and red team methodology Solid knowledge of TCP/IP, firewalls, DNS, HTTP/HTTPS, and encryption protocols Strong reporting and communication skills At least one industry certification (OSCP, CEH, CREST CRT, or similar) Desired Skills Scripting skills in Python, PowerShell, or Bash Experience with cloud security testing (AWS, Azure, GCP) Familiarity with CI/CD environments and DevSecOps Exposure to purple teaming or adversary emulation Knowledge of physical security and social engineering tactics