Skip to Content

Penetration Tester

--United Kingdom--

Apply Now!

Location: UK (Remote)

Job Type: Contract


The Role


We are seeking an experienced and technically proficient Penetration Tester to join our esteemed team of security experts. You will be responsible for conducting complex technical security assessments across a wide range of client systems, including infrastructure, web and mobile applications, and cloud environments.


This role is client-facing and project-based, with engagements typically lasting between one and three weeks. It requires exceptional communication skills to deliver workshops, provide consultations, and produce formal, high-quality reports. Beyond client projects, you will contribute to our ongoing research into emerging threats and help to refine our market-leading testing methodologies.


Key Responsibilities


  • Execute in-depth penetration tests across diverse environments, including infrastructure, web/mobile applications, and social engineering engagements.
  • Conduct comprehensive security reviews of application source code, system architecture, and designs.
  • Identify and exploit vulnerabilities to assess their real-world impact on client systems.
  • Produce clear, concise, and professionally written reports detailing vulnerabilities, potential impact, and actionable remediation advice.
  • Contribute to the building, hardening, and maintenance of our penetration testing infrastructure and toolsets.
  • Stay abreast of the latest security threats, attack vectors, and technologies, incorporating this knowledge into our service offerings.
  • Assist the sales department in a technical presales capacity when required.
  • Mentor junior team members, sharing knowledge and fostering a culture of continuous learning.
  • Represent the company at industry events, conferences, and forums as a subject matter expert.


Essential Skills & Experience


  • Proven commercial experience in a penetration testing or ethical hacking role.
  • Strong proficiency in manual penetration testing techniques, moving beyond reliance on automated tools.
  • Exceptional written and verbal communication skills, with experience in writing detailed technical reports for various audiences.
  • Solid understanding of network protocols and networking security (e.g., TCP/IP, DNS, MPLS, BGP).
  • Proficiency in the security principles of major operating systems (Windows, Linux/Unix).
  • Experience with scripting or tool development in languages such as Python, Ruby, Java, or C#.
  • A firm grasp of common web application and network security vulnerabilities (e.g., OWASP Top 10).


Desirable Skills & Experience


  • Experience in a development, system administration, or engineering role.
  • Expertise in performing source code reviews (e.g., C/C++, C#, Java, PHP).
  • In-depth knowledge of cloud architecture and security (AWS, Azure, GCP).
  • Familiarity with defensive technologies and SIEM solutions.
  • Experience with advanced security auditing and vulnerability scanning tools.
  • Knowledge of modern development frameworks and methodologies.
  • Public speaking, training, or presentation experience.
  • Qualifications & Certifications
  • A degree in a relevant IT field (or equivalent professional experience) is highly regarded.
  • Must hold a current, industry-leading certification such as OSCP, CCT, OSWE etc.
Apply Now!