Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct penetration testing and identify vulnerabilities in web apps, APIs, and cloud environments.
- Company: Join a cutting-edge Cyber Security Consultancy focused on public sector security assessments.
- Benefits: Enjoy fully remote work, competitive pay of Β£600 per day, and a flexible hybrid model.
- Why this job: Be part of a dynamic team tackling real-world cyber threats and enhancing system security.
- Qualifications: Proven experience in penetration testing with knowledge of OWASP, CVSS, and various security tools.
- Other info: Contract is outside IR35 with an ASAP start and a straightforward one-stage interview process.
The predicted salary is between 43200 - 64800 Β£ per year.
SR2 have partnered with a cutting-edge Cyber Security Consultancy to recruit a Senior Penetration Tester to support a large-scale security assessment programme for public sector and regulated clients. You will work across a range of environments, identifying vulnerabilities, simulating real-world attacks, and helping to harden complex systems against evolving threats.
Required Skills and Experience:
- Proven experience conducting penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP)
- Strong understanding of OWASP Top 10, CVSS, and secure coding principles
- Experience with tools such as Burp Suite, Nmap, Metasploit, Kali, and custom scripts
- Familiarity with MITRE ATT&CK, red teaming methodologies, and reporting best practices
Highly Desirable:
- CHECK, CREST, OSCP, or CRTO certifications
- Experience working in or alongside UK Government or regulated sectors
- Strong reporting, documentation, and stakeholder communication skills
- Awareness of compliance frameworks (e.g., ISO27001 and NIST)
Contract Details:
- Outside IR35
- Hybrid working - 2 Days per month (London or Cheltenham)
- Must be UK based
- 6 Months
- Β£600 per day
- ASAP Start
- 1-stage interview process
If youβre a seasoned Penetration Tester looking for a new contract, click Apply to get started. Alternatively, directly send a recent copy of your CV to Ben Sheppard for an immediate discussion.
Senior Penetration Tester employer: SR2
Contact Detail:
SR2 Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Senior Penetration Tester
β¨Tip Number 1
Network with professionals in the cybersecurity field, especially those who have experience in penetration testing. Attend relevant meetups or online forums to connect with others and gain insights into the industry.
β¨Tip Number 2
Stay updated on the latest trends and tools in penetration testing. Familiarise yourself with the latest versions of tools like Burp Suite and Metasploit, as well as emerging threats in web and cloud security.
β¨Tip Number 3
Prepare for potential technical interviews by practising common penetration testing scenarios. This could include mock tests or simulations that focus on identifying vulnerabilities in web apps and cloud environments.
β¨Tip Number 4
Highlight your experience with compliance frameworks like ISO27001 and NIST during discussions. Understanding these frameworks can set you apart, especially when working with public sector clients.
We think you need these skills to ace Senior Penetration Tester
Some tips for your application π«‘
Tailor Your CV: Make sure your CV highlights your experience in penetration testing, especially with web apps, APIs, and cloud environments. Include specific tools you've used like Burp Suite and Metasploit, and mention any relevant certifications such as OSCP or CREST.
Craft a Strong Cover Letter: Write a cover letter that showcases your understanding of the role and the company. Mention your familiarity with compliance frameworks and your experience working with public sector clients to demonstrate your fit for the position.
Highlight Relevant Skills: In your application, emphasise your knowledge of OWASP Top 10, CVSS, and secure coding principles. Discuss your experience with red teaming methodologies and your ability to communicate effectively with stakeholders.
Proofread Your Application: Before submitting, carefully proofread your CV and cover letter for any errors. A polished application reflects your attention to detail, which is crucial in the field of cybersecurity.
How to prepare for a job interview at SR2
β¨Showcase Your Technical Skills
Be prepared to discuss your experience with penetration testing tools like Burp Suite, Nmap, and Metasploit. Highlight specific projects where you identified vulnerabilities and how you approached the testing process.
β¨Understand the OWASP Top 10
Make sure you can explain the OWASP Top 10 vulnerabilities in detail. This shows that you have a solid grasp of secure coding principles and can effectively communicate these concepts to stakeholders.
β¨Familiarise Yourself with Red Team Methodologies
Brush up on red teaming methodologies and the MITRE ATT&CK framework. Being able to discuss these frameworks will demonstrate your understanding of real-world attack scenarios and how to mitigate them.
β¨Prepare for Scenario-Based Questions
Expect scenario-based questions where you may need to outline your approach to a hypothetical penetration test. Practising these scenarios can help you articulate your thought process and problem-solving skills effectively.
