Senior​/Principal Penetration Tester​/Experienced Red Team Consultant

Senior/Principal Penetration Tester / Experienced Red Team Consultant

• Testing Team
• United Kingdom
• Remote working options
• Full Time

Rootshell Security is seeking an experienced Senior / Principal Penetration Tester / Red Team Consultant to join our rapidly expanding Offensive Security team.

This role is suited to a highly capable security professional with extensive experience delivering complex penetration testing and adversary simulation engagements across a range of sectors, including critical national infrastructure, financial services, and government organisations.

You will be responsible for delivering advanced Red Team operations, intelligence-led security assessments, and bespoke attack simulations that help our clients understand their true resilience against modern threat actors. The position involves a combination of remote engagements and on‑site client activities across the United Kingdom.

Rootshell Security is an equal opportunity employer. We welcome and encourage diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability or veteran status.

Please do not apply if you are based outside the UK and/or are not eligible to apply for UK Security Clearance.

• Lead and deliver advanced penetration testing and Red Team engagements
• Conduct intelligence-led adversary emulation and attack simulation exercises
• Deliver engagements aligned to recognised frameworks including TIBER-EU, CBEST, DORA, GBEST and STAR-FS
• Perform threat‑led security assessments against complex enterprise environments
• Develop Red Team infrastructure, tooling, attack paths and operational plans
• Conduct phishing, social engineering and physical assessment activities where authorised
• Support pre‑sales activities including technical scoping and solution design
• Produce high-quality technical reports and executive‑level findings
• Contribute to the development of Rootshell Security methodologies, research and innovation

Mandatory Requirements

• Must be eligible to apply for UK Security Clearance
• Must be permanently based within the United Kingdom
• Must have several years of provable commercial experience delivering Red Team engagements
• Excellent working knowledge of the MITRE ATT&CK Framework
• Demonstrable experience delivering engagements aligned to TIBER-EU, CBEST, DORA and other threat‑led testing frameworks
• Strong knowledge of adversary emulation, attack path development and operational security
• Excellent report writing and client communication skills
• Strong network, infrastructure, Active Directory and cloud attack experience
• Experience operating against Azure, AWS and hybrid enterprise environments

• Must hold or have previously held a recognised Red Team certification demonstrating advanced offensive security capability, Typically CREST or Cyber Scheme
• Currently holds or has held Team Leader certifications in either Infrastructure and/or Applications
• Currently holds professional title of Principal / Chartered or would be eligible to apply
• Social engineering and phishing operation experience
• Physical intrusion testing experience
• Threat intelligence and Purple Team experience
• Malware analysis or custom tooling development
• Experience briefing senior stakeholders and board‑level audiences
• Proficiency in Python, Power Shell or C# development

• Long-term career progression opportunities
• Continuous technical and non-technical training

• Regular attendance at industry conferences, events and community meetups
• Exposure to a diverse range of engagements across multiple sectors
• Dedicated research and innovation time
• Opportunity to influence Rootshell’s offensive security capabilities and methodologies
• Mentoring and career development from senior leadership
• Recognition and reward for innovation, technical excellence and client impact

We are committed to fostering an inclusive and diverse workplace where everyone is valued and respected. We believe that a diverse team drives innovation and excellence, and we welcome applications from individuals of all backgrounds, experiences, and perspectives.

As a proud holder of the Bronze Award under the Defence Employer Recognition Scheme (ERS), we actively support the Armed Forces community, aligning with the principles of the Armed Forces Covenant. We recognise the valuable skills and experiences that service personnel, reservists, and veterans bring to the workplace and encourage them to apply.

Rootshell Security is an equal opportunities employer. We do not discriminate based on age, disability, gender, gender identity, marital or civil partnership status, pregnancy or maternity, race, religion or belief, sexual orientation, or any other characteristic protected by law. If you require any reasonable adjustments during the recruitment process, please let us know—we are happy to support you.