Penetration Tester in London

We are seeking a Penetration Tester to join a growing Offensive Security team within a specialist cyber security consultancy. This is an exciting opportunity to join at a time of significant investment and growth, helping to strengthen existing testing services while contributing to the development of new capabilities across areas such as Red Teaming, Operational Technology (OT), Threat-Led Security Testing and emerging technologies.

The successful candidate will play a key role in delivering penetration testing engagements, supporting process improvement initiatives, and helping to build a scalable and mature testing function. This position offers excellent opportunities for professional development, certification support and future progression into senior or leadership positions.

Key Responsibilities

• Conduct vulnerability assessments and penetration testing engagements across:
• Internal infrastructure
• External infrastructure
• Web applications
• Networks and systems
• Perform configuration and build reviews using recognised security frameworks and benchmarks.
• Produce clear, concise and actionable technical reports detailing findings, risk ratings and remediation recommendations.
• Utilise industry-standard security testing tools including Burp Suite, Nessus, Metasploit, Nmap, Wireshark and related technologies.
• Work directly with clients and stakeholders, presenting findings and providing remediation guidance where required.
• Support the continuous improvement of testing methodologies, processes and documentation.
• Assist in creating and maintaining standard operating procedures, testing guides and knowledge-sharing materials.
• Collaborate with wider cyber security teams to support service development and research initiatives.
• Contribute to research and development activities across new security testing disciplines and technologies.
• Participate in occasional out-of-hours and on-site engagements where client requirements dictate.

Required Skills & Experience

• Minimum 2–3 years' experience in penetration testing, vulnerability assessment or offensive security.
• Experience conducting:
• Internal and external infrastructure testing
• Web application security testing
• Security assessments and audits
• Vulnerability identification and validation
• Strong understanding of networking concepts, protocols, routing and firewall technologies.
• Experience working with Windows, Linux and macOS environments.
• Familiarity with security assessment tools such as:
• Burp Suite
• Nessus
• Metasploit
• Nmap
• Wireshark
• Experience producing high-quality technical reports and client-facing documentation.
• Excellent communication and stakeholder management skills.
• Strong organisational skills and ability to manage workload independently.
• Comfortable working in a consultancy or client-facing environment.
• Eligible to obtain UK Security Clearance.

Desirable Skills & Certifications

• CREST CRT, CPSA, CCT or equivalent certification.
• OSCP or similar offensive security qualification.
• Cyber Scheme accreditation.
• CHECK Team Member status.