At a Glance
- Tasks: Lead advanced penetration testing engagements and enhance client security using threat intelligence.
- Company: Join Advanced Resource Managers, a leader in IT services and consulting.
- Benefits: Earn up to £600 per day with flexible, ad-hoc work arrangements.
- Other info: Must be eligible for SC Clearance; remote work options available.
- Why this job: Make a real impact on cybersecurity while working with cutting-edge technologies.
- Qualifications: 5+ years in penetration testing; CREST certification required.
The predicted salary is between 48000 - 72000 £ per year.
1 day ago Be among the first 25 applicants
Direct message the job poster from Advanced Resource Managers
Up to 60 days over the next year (days differ week to week – ad-hoc basis) – Outside IR35 - up to £600 per day
Must be eligible for SC Clearance. Must have CREST certification CRT or higher
Role Overview:
We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus understanding on threat intelligence and attack methods. The ideal candidate will be responsible for managing and conducting advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across a variety of environments, including OT, IT, web applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial approaches, excellent communication skills, and the ability to provide strategic and actionable recommendations to significantly enhance our clients\' security posture.
Responsibilities:
- Lead and manage the full lifecycle of complex penetration testing engagements, applying a strong threat intelligence-led approach.
- Execute advanced penetration tests across a broad range of environments (applications, infrastructure, web, APIs, O365, Azure, AWS, OT), directly applying your knowledge of current threat landscapes and attacker TTPs.
- Develop and maintain sophisticated test plans, execution plans, and targeted use cases directly informed by in-depth threat intelligence analysis.
- Identify and prioritize OT and IT assets, services, and systems based on their criticality and potential exposure to identified threats.
- Strategically prioritize, plan, and schedule penetration testing engagements based on comprehensive threat assessments and client-specific requirements.
- Produce high-quality, detailed reports that clearly articulate technical findings, potential business impact, and strategic, actionable remediation recommendations for both technical and non-technical stakeholders.
- Clearly and effectively communicate complex security concepts, adversarial tactics, and critical threat intelligence insights to diverse audiences.
- Collaborate closely with client IT and cybersecurity teams to drive the enhancement of security protocols and ensure effective, threat-informed remediation of identified vulnerabilities.
- Track the progress of remediation efforts and provide regular, concise updates to stakeholders, highlighting the reduction of identified threats.
- Conduct proactive security research and contribute to the creation of technical content on emerging threats, advanced attack techniques, and threat intelligence-led testing methodologies.
- Contribute to strengthening security monitoring (blue team) capabilities by providing valuable insights into offensive techniques and adversarial behaviours to enhance detection and response effectiveness.
- Drive the patching regime for identified vulnerabilities, prioritizing remediation efforts based on threat intelligence and the potential for exploitation by advanced threat actors.
Skills and Qualifications:
- Minimum of 5 years of demonstrable professional experience in penetration testing, with a strong emphasis on understanding, emulating, and leveraging adversarial tactics and threat intelligence.
- Comprehensive understanding of OT and IT asset profiles, technologies, and security best practice principles, with a proven ability to contextualize them within the current threat landscape.
- In-depth knowledge of network protocols, cryptography, security vulnerabilities, and common attack vectors employed by sophisticated threat actors.
- Demonstrated proficiency in utilizing a wide range of penetration testing tools and methodologies, including those specifically used for threat intelligence analysis and application.
- Proven experience in scoping and executing complex penetration tests, particularly those directly informed and driven by threat intelligence.
- Exceptional written and verbal communication skills, with the ability to articulate complex technical findings and nuanced threat intelligence insights clearly and concisely to diverse audiences.
- Strong organizational and time management skills, with a proven ability to effectively manage and prioritize multiple concurrent engagements.
- Current CREST CRT certification or higher is essential.
- Must hold or be eligible for SC Clearance.
- Experience with Breach Attack Simulation tools and methodologies.
- Experience in Vulnerability Management processes and integrating threat intelligence.
- Understanding of Risk Management frameworks and how threat intelligence informs risk assessments.
- Hands-on experience with security reviews of AWS, Azure, and GCP environments, incorporating cloud-specific threats.
- Experience with ISO 27001 auditing/implementation, understanding the role of threat intelligence in compliance.
- Other advanced cybersecurity certifications such as CISM, CISSP, ECSA, CREST CCT.
Seniority level
Seniority level
Mid-Senior level
Employment type
Employment type
Contract
Job function
Job function
Information TechnologyIndustries
IT Services and IT Consulting
Referrals increase your chances of interviewing at Advanced Resource Managers by 2x
Get notified about new Security Consultant jobs in London Area, United Kingdom .
Graduate Information Security Consultant
London, England, United Kingdom 1 month ago
London, England, United Kingdom 2 months ago
Security Consultant (Hybrid, UK - 1 day per week with possible to increase)
London, England, United Kingdom 1 month ago
London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 3 weeks ago
Graduate Information Security Consultant
London, England, United Kingdom 3 weeks ago
London, England, United Kingdom 1 week ago
Cyber Security Assistant Manager/Manager
London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 1 day ago
London, England, United Kingdom 2 months ago
Cyber Security Consultant - Risk Advisory / GRC
London, England, United Kingdom 3 days ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom £40,000.00-£50,000.00 1 month ago
Greater London, England, United Kingdom 3 hours ago
Information Security Consultant Secure Change
London, England, United Kingdom 3 days ago
Information Security Consultant - Secure change
London, England, United Kingdom 3 days ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 day ago
Security Services Group - Office Manager
London, England, United Kingdom 1 week ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrOffensive Security Consultant in London employer: Advanced Resource Managers
At Advanced Resource Managers, we pride ourselves on fostering a dynamic and inclusive work culture that empowers our employees to excel in their roles. As an Offensive Security Consultant, you will benefit from competitive compensation, flexible working arrangements, and opportunities for professional development in the vibrant tech hub of London. Join us to collaborate with industry experts and contribute to cutting-edge security solutions while enjoying a supportive environment that values innovation and growth.
Contact Details:
Advanced Resource Managers Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Offensive Security Consultant in London
✨Get Active on Cybersecurity Forums
Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.
✨Show Off Your Skills with Public Projects
Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.
✨Attend Local Conferences and Meetups
Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!
✨Market Yourself Smartly
Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!
We think you need these skills to ace Offensive Security Consultant in London
Some tips for your application 🫡
Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help Advanced Resource Managers understand what you're capable of.
Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!
Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.
Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at Advanced Resource Managers.
How to prepare for a job interview at Advanced Resource Managers
✨Showcase Your Cybersecurity Skills
As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.
✨Prepare Your Portfolio
Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.
✨Stay Updated on Trends and Tools
Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.
✨Pitching Your Value as a Freelancer
When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help Advanced Resource Managers protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.
