Senior Security Analyst

Senior Security Analyst (Offensive Security)

Location: London (Hybrid)

Salary: Up to £50,000 + benefits

We’re working with a well-established professional services organisation that’s continuing to invest heavily in its cyber and digital capabilities. They’re looking to hire a Senior Security Analyst with a strong offensive security background to join a growing, hands‑on team delivering real‑world security testing across a diverse client base.

This is a role for someone who enjoys variety — no two engagements are the same — and who wants exposure across a broad range of offensive security work, rather than being pigeonholed into a single testing discipline.

You’ll play a key role in delivering high‑quality offensive security engagements, helping clients understand and reduce real cyber risk.

Responsibilities include:

• Planning and delivering penetration testing and adversary‑led engagements across:
• Web applications and APIs
• Internal and external infrastructure
• Wireless environments
• Mobile applications
• Red and Purple Team operations
• Physical security and hardware testing
• Working closely with clients to shape engagement scope and priorities
• Producing clear, actionable reports with practical remediation guidance
• Continuously improving testing methodologies to reflect the evolving threat landscape
• Mentoring and supporting junior team members
• Staying current with new tools, techniques, vulnerabilities, and attack paths, and sharing knowledge within the team

This role suits someone with strong technical foundations who can also think pragmatically about risk and impact.

• Recognised offensive security certification(s), such as:
• OSCP
• CREST Registered Tester (CRT)
• CHECK Team Member (CTM)
• OSWA
• Solid hands‑on experience in offensive security, gained through consultancy, internal testing, red teaming, bug bounty work, CTFs, or independent research
• Strong understanding of networks, operating systems, services, and modern application architectures
• Experience using common offensive tooling (e.g. Burp Suite, Metasploit, Nessus, C2 frameworks, etc.)
• Ability to clearly communicate technical findings to both technical and non‑technical stakeholders
• Advanced certifications such as OSEP, CCSAM, or CHECK
• Experience writing custom tooling or scripts (Python, Bash, Power Shell, etc.)
• Exposure to red team tradecraft or attack path chaining
• A genuine interest in keeping up with the latest security research and techniques

• Broad exposure across offensive security disciplines
• Hybrid working with a London base
• Strong focus on professional development, learning, and progression
• Supportive team culture with an emphasis on knowledge sharing
• Opportunity to work on meaningful, real‑world security problems for a wide range of clients

If you’re a technically strong offensive security professional looking for variety, development, and the chance to work on high‑impact engagements, this is a great next step.