PENETRATION TESTER

We are seeking a motivated and skilled Mid-Level Penetration Tester with 2 or more years of commercial experience in delivering application security assessments, as well as internal and external infrastructure security assessments. Additional exposure to other engagement types is beneficial. This role is ideal for someone looking to deepen their expertise in cybersecurity while working on varied and challenging projects, with early-career exposure to red team engagements. This is an ideal opportunity for a skilled penetration tester to join a newly provisioned service, with opportunities to assist with the evolution and further development of the service.The successful candidate will play a key role in assessing and improving our clients' security postures, working with a diverse portfolio of organisations across various sectors.Key ResponsibilitiesPerform application security assessments, identifying vulnerabilities and delivering actionable recommendations.Conduct internal and external infrastructure security assessments, simulating real-world attack scenarios to uncover security gaps.Create detailed, professional, and actionable security reports tailored to technical and non-technical stakeholders.Collaborate with clients to understand their unique security challenges and provide tailored solutions.Stay updated with the latest vulnerabilities, exploits, and industry trends.Participate in knowledge-sharing and contribute to team improvements and methodologiesEssential Skills and ExperienceApproximately 2 years of hands-on commercial experience in penetration testing or a similar role.Proven experience conducting:Application security assessments.Internal and external infrastructure security assessments.Familiarity with common penetration testing tools and frameworks (e.g., Burp Suite, Metasploit, Nmap, Wireshark, Nessus).Strong understanding of security principles, OWASP Top 10, and MITRE ATT&CK.Excellent verbal and written communication skills, with the ability to articulate technical findings to varied audiences.Desirable (Certifications)CREST CPSA (Practitioner Security Analyst)CREST CRT (Registered Tester)Cyber Scheme certificationsCompTIA Pentest+Certified Ethical Hacker (CEH)Certified Red Team Operator (CRTO)Additional SkillsScripting experience (e.g., Python, Bash, PowerShell) is advantageousExperience with cloud security assessments (AWS, Azure, or GCP) is a plusWhat We OfferCompetitive salary and benefits packageOpportunities for professional development, including support for certificationsA dynamic and supportive team environmentExposure to diverse and challenging projectsFlexible working arrangements where possibleEarly career exposure to Red Team engagements such as physical intrusion simulationSelf-development/ shadowing/ training time