Penetration Tester

We are seeking a Penetration Tester to join a growing Offensive Security team within a specialist cyber security consultancy. This is an exciting opportunity to join at a time of significant investment and growth, helping to strengthen existing testing services while contributing to the development of new capabilities across areas such as Red Teaming, Operational Technology (OT), Threat-Led Security Testing and emerging technologies.

The successful candidate will play a key role in delivering penetration testing engagements, supporting process improvement initiatives, and helping to build a scalable and mature testing function. This position offers excellent opportunities for professional development, certification support and future progression into senior or leadership positions.

JOB ROLE - PENETRATION TESTER

LOCATION - LONDON (OCCASIONAL ON-SIRE WORK)

SALARY - £45,000-£55,000 + BENEFITS

Key Responsibilities  
Conduct vulnerability assessments and penetration testing engagements across:  
Internal infrastructure
External infrastructure
Web applications
Networks and systems   
Perform configuration and build reviews using recognised security frameworks and benchmarks.
Produce clear, concise and actionable technical reports detailing findings, risk ratings and remediation recommendations.
Utilise industry-standard security testing tools including Burp Suite, Nessus, Metasploit, Nmap, Wireshark and related technologies.
Work directly with clients and stakeholders, presenting findings and providing remediation guidance where required.
Support the continuous improvement of testing methodologies, processes and documentation.
Assist in creating and maintaining standard operating procedures, testing guides and knowledge-sharing materials.
Collaborate with wider cyber security teams to support service development and research initiatives.
Contribute to research and development activities across new security testing disciplines and technologies.
Participate in occasional out-of-hours and on-site engagements where client requirements dictate.  Required Skills & Experience  
Minimum 2–3 years' experience in penetration testing, vulnerability assessment or offensive security.
Experience conducting:  
Internal and external infrastructure testing
Web application security testing
Security assessments and audits
Vulnerability identification and validation   
Strong understanding of networking concepts, protocols, routing and firewall technologies.
Experience working with Windows, Linux and macOS environments.
Familiarity with security assessment tools such as:  
Burp Suite
Nessus
Metasploit
Nmap
Wireshark   
Experience producing high-quality technical reports and client-facing documentation.
Excellent communication and stakeholder management skills.
Strong organisational skills and ability to manage workload independently.
Comfortable working in a consultancy or client-facing environment.
Eligible to obtain UK Security Clearance.  Desirable Skills & Certifications  
CREST CRT, CPSA, CCT or equivalent certification.
OSCP or similar offensive security qualification.
Cyber Scheme accreditation.
CHECK Team Member status