Job Title: Penetration Tester
Location: Remote (UK-based)
Travel: Occasional travel to client sites or company events
Our client is a respected and rapidly growing leader in the cybersecurity and risk consulting space. Working with a wide range of organizations — from FTSE 100 companies to critical infrastructure and government entities — they provide high-quality security testing and advisory services across various industries.
This is an excellent opportunity to join a team that values your expertise, supports your growth, and offers the flexibility of remote working with the stimulation of varied engagements.
Key Responsibilities:
* Conduct thorough penetration tests on infrastructure, networks, cloud environments, and web applications.
* Deliver high-quality, client-ready reports detailing findings, impact, and practical remediation advice.
* Collaborate directly with client stakeholders during scoping, testing, and results presentations.
* Keep current with emerging threats, vulnerabilities, and tools in the offensive security landscape.
* Contribute to internal development of testing methodologies, tooling, and knowledge sharing.
Desirable Skills:
* Experience with red teaming, threat simulation, or assumed breach testing.
* Scripting/automation with Python, Bash, or PowerShell.
* Previous consultancy or client-facing experience.
* Eligibility for or possession of UK Security Clearance (preferred but not required).
* Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK).
* Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc.
* Excellent communication and reporting skills.
Required Qualifications:
* Demonstrable experience in penetration testing (minimum 2 years preferred).
* Hold at least one of the following certifications:
* OSCP (Offensive Security Certified Professional)
* CRT (CREST Registered Tester)
* CCT-INF (CREST Certified Infrastructure Tester)
* CCT-Web App (CREST Certified Web Application Tester)