We are seeking a Penetration Tester to join a growing Offensive Security team within a specialist cyber security consultancy. This is an exciting opportunity to join at a time of significant investment and growth, helping to strengthen existing testing services while contributing to the development of new capabilities across areas such as Red Teaming, Operational Technology (OT), Threat-Led Security Testing and emerging technologies.

The successful candidate will play a key role in delivering penetration testing engagements, supporting process improvement initiatives, and helping to build a scalable and mature testing function. This position offers excellent opportunities for professional development, certification support and future progression into senior or leadership positions.

JOB ROLE – PENETRATION TESTER

LOCATION – LONDON (OCCASIONAL ON-SITE WORK)

SALARY – £45,000-£55,000 + BENEFITS

Key Responsibilities

• Conduct vulnerability assessments and penetration testing engagements across:
  • Internal infrastructure
  • External infrastructure
  • Web applications
  • Networks and systems
• Perform configuration and build reviews using recognised security frameworks and benchmarks.
• Produce clear, concise and actionable technical reports detailing findings, risk ratings and remediation recommendations.
• Utilise industry-standard security testing tools including Burp Suite, Nessus, Metasploit, Nmap, Wireshark and related technologies.
• Work directly with clients and stakeholders, presenting findings and providing remediation guidance where required.
• Support the continuous improvement of testing methodologies, processes and documentation.
• Assist in creating and maintaining standard operating procedures, testing guides and knowledge-sharing materials.
• Collaborate with wider cyber security teams to support service development and research initiatives.
• Contribute to research and development activities across new security testing disciplines and technologies.
• Participate in occasional out-of-hours and on-site engagements where client requirements dictate.

Required Skills & Experience

• Minimum 2–3 years' experience in penetration testing, vulnerability assessment or offensive security.
• Experience conducting:
  • Internal and external infrastructure testing
  • Web application security testing
  • Security assessments and audits
  • Vulnerability identification and validation
• Strong understanding of networking concepts, protocols, routing and firewall technologies.
• Experience working with Windows, Linux and macOS environments.
• Familiarity with security assessment tools such as:
  • Burp Suite
  • Nessus
  • Metasploit
  • Nmap
  • Wireshark
• Experience producing high-quality technical reports and client-facing documentation.
• Excellent communication and stakeholder management skills.
• Strong organisational skills and ability to manage workload independently.
• Comfortable working in a consultancy or client-facing environment.
• Eligible to obtain UK Security Clearance.

Desirable Skills & Certifications

• CREST CRT, CPSA, CCT or equivalent certification.
• OSCP or similar offensive security qualification.
• Cyber Scheme accreditation.
• CHECK Team Member status.