Talent.com
This job offer is not available in your country.
Penetration Tester

Penetration Tester

ConfidentialUnited Kingdom, United Kingdom
3 days ago
Job type
  • Full-time
Job description

We are an independent Cyber Security Consultancy that delivers a variety of Security Consultancy, Penetration Testing, and Managed Security Services. We serve an array of clients, including multinational corporations, government organisations, and small businesses looking to strengthen their security postures.

As a UK Government-approved supplier and an accredited Cyber Essentials Certification Body, we also offer services ranging from Cyber Security, Cloud Security, and Data Privacy Consultancy to Vulnerability Scanning, Cloud Security Assessments, and Penetration Testing.

Join Our Team!

We’re seeking a motivated and passionate Penetration Tester to expand our CREST-accredited team. The ideal candidate will be driven, detail-oriented, and possess excellent communication skills to ensure the best possible experience for our clients.

As a small consultancy with ambitious growth plans, we provide a clear career path and foster a close-knit, supportive environment for our team, partners, and clients.

Role Summary :

In this position, you will conduct penetration testing across a wide range of technologies, including web applications, APIs, public cloud platforms, mobile apps, and networks.

You’ll deliver comprehensive security testing services for clients spanning both the public and private sectors, from SMEs to start-ups. The role will also involve documenting findings, providing analysis, and offering remediation guidance post-testing.

Since some clients are within the Public Sector, existing SC clearance or eligibility for SC clearance (requiring five years of UK residency) is essential.

Key Responsibilities :

  • Perform penetration tests for web applications, APIs, networks, mobile apps, IoT, wireless systems, and public cloud environments.
  • Engage in Red Team exercises and social engineering assessments.
  • Participate in proposal drafting and scoping discussions with clients.
  • Prepare detailed reports and present findings to clients.
  • Offer guidance on remediation based on testing outcomes.
  • Support junior team members with their development.

Required Qualifications, Experience, and Skills :

  • 2–5 years of experience conducting security testing.
  • Certifications such as OSCP, OSCE, CRT, CCT, or CSTM.
  • Hands-on experience with Web Application, API, and microservices testing.
  • Expertise in infrastructure and cloud security assessments.
  • Proficiency with tools like Nmap, Burp Suite, Nessus, Qualys, Metasploit, or Kali Linux.
  • Strong understanding of OWASP testing methodologies.
  • Prior experience in a client-facing role or consultancy environment.

    • Preferred Skills :

  • Experience with Public Sector penetration testing.
  • Ability to analyse code in Java, Python, or JavaScript for vulnerabilities.
  • CHECK Team Member (CTM) or Leader (CTL) status.
  • Existing SC clearance.

    • What We Offer :

  • Performance-based annual bonus (up to 10%).
  • Funded training in InfoSec and allocated self-study time.
  • Flexible 40-hour work weeks.
  • Remote work, with 1 day on-site at our South Manchester Office per month.
  • 25 days of annual leave (plus bank holidays).
  • Private healthcare.
  • Generous company pension.
  • Robust sick pay policy.
  • Covered expenses.
  • Opportunities for career progression.
  • Regular team events and meals.
  • A collaborative and fun workplace culture.

    • Schedule : Monday to Friday

    Location : Remote