Penetration Tester - 6 months - Hybrid (Reading) - Inside IR35
Rate: £400 per day (Inside IR35)
Duration: 6 months
Working Model: Hybrid - 3 days per week onsite in Reading
Role Type: Contract
Role Overview
We are seeking an experienced Penetration Tester to join a delivery-focused security testing function supporting multiple technology initiatives within a complex enterprise environment. This is a hands-on role requiring strong technical expertise across offensive security, red teaming, and vulnerability assessment.
You will lead and execute penetration testing engagements end-to-end, working closely with clients, developers, and security stakeholders to identify, exploit, and clearly communicate security risks while supporting improved organisational security posture.
Key Responsibilities
* Lead penetration testing engagements from client kickoff through scoping, execution, and final reporting, ensuring adherence to agreed scope and deadlines.
* Perform penetration testing across network, web applications, APIs, cloud environments, thick client applications, wireless, social engineering, and physical security.
* Execute penetration testing projects using established methodologies, tools, and rules of engagement.
* Conduct red team assessments to identify gaps and weaknesses impacting organisational security posture.
* Identify, validate, and exploit security vulnerabilities across a wide range of systems and environments.
* Perform in-depth analysis of findings and produce high-quality reports detailing exploitation paths, business risk, and remediation recommendations.
* Apply strong knowledge of OWASP Top 10 and SANS Top 25, effectively aligning findings to industry standards.
Essential Skills & Experience
* Strong hands-on experience delivering professional penetration testing engagements.
* Proficiency with penetration testing and red team tooling including Cobalt Strike, Caldera, Atomic Red Team, Pentera, Nessus, Burp Suite, Nmap, Kali Linux, and OSINT tools.
* Solid understanding of offensive security methodologies and attack frameworks.
* Experience with both manual and automated security testing techniques.
* Strong analytical, problem-solving, and vulnerability analysis skills.
* Ability to write clear, concise, and actionable penetration testing reports.
* Good understanding of the software development life cycle (SDLC) and secure development practices.