Senior Security Consultant - Organization Security (United Kingdom Remote)

About CENSUS

CENSUS is an internationally acclaimed cybersecurity services provider. We support the needs of multiple industries, providing IT and OT security services to public and private organizations around the world, ranging from financial institutions and critical infrastructure to automotive and secure communications, including Fortune 500 companies. Powered by cutting‑edge research, scientific analysis and in‑depth engineering experience across various industries & technologies, CENSUS delivers unparalleled security consulting & assessment services for products (software, services, devices, and large‑scale platforms), infrastructure, and organizations.

About the Job / Key Responsibilities

We are looking for talented & ambitious professionals to grow our Security Engineering team and join our ongoing mission to deliver in‑depth and top‑tier cybersecurity services to our valued clients. As part of this role, you will use your knowledge and experience in Penetration Testing and Application Security domains – to execute security assessments and mitigation consulting activities scoped across organizations and products of various industries.

• Conduct penetration tests (network, social, physical, adjacent, and more) that target Organizations, Networks, Application and Cloud infrastructure and evaluate their security defenses in depth.
• Assess the security posture of applications (mobile, web/cloud, core networks, etc.) via functional testing, fuzz testing and other applicable methodologies.
• Review the security maturity of edge systems (IoT, kiosk terminals, operator terminals, etc.) that are interconnected via public or private networks.
• Conduct targeted research to understand vendor‑specific technology, identify its security‑critical components, and prioritize impactful attack vectors.
• Document and present security risks & mitigation recommendations in both technical‑ and business‑oriented language.

Qualifications

• BSc or MSc in Electrical Engineering, Computer Science, Computer Engineering, or equivalent practical experience.
• 4+ years of experience in VAPT, IT security or application security (mobile, web front‑end, backend, etc.) related roles.
• Proven experience in vulnerability assessment, penetration testing or security testing at the network, application, or system level.
• Active Directory and Cloud Infrastructure Knowledge.

Key Skills

• Experience with Information Security fundamentals (risk management, security best practices, data protection, communication encryption, authentication, authorization, etc.) and cyber threats of modern systems & networks.
• Experience with the technologies and security controls present in application (web full‑stack, WAF, EDR, data encryption, transport protection, etc.), network (firewalls, segmentation, IDS/IPS, VPN, etc.) and Windows / Linux system (privileges, roles/groups, AV/Endpoints, secret storage, etc.) architectures.
• Experience identifying, exploiting, and reporting vulnerabilities in the context of Red Team / VAPT tasks (OWASP Web / Mobile Top10 vulnerabilities, access control, insecure configurations, secrets management, etc.).
• Experience with Active Directory attacks (Pass‑the‑Hash, Pass‑the‑Ticket, Kerberoasting, Golden Ticket, Silver Ticket, DCSync, Credential dumping, Abuse of ACLs, Lateral movement via SMB, etc.).
• Experience using pentest and other security related tools for information gathering, vulnerability discovery, exploitation, evasion, persistence, and pivoting in Cloud environments.
• Experience with authentication, authorization, role‑based ACL, identity, and access management methods, such as OAuth, MFA, SSO, JWT, PKI, Cloud IAM, etc.
• Experience with basic cryptographic primitives, such as symmetric & asymmetric encryption, authenticated encryption, key derivation, and key exchange.
• Ability to monitor the current threat landscape, emerging threads and follow their technical analysis & published exploitation techniques.
• Problem‑solving skills, analytical thinking, and willingness to learn/grow.
• Proficient in English and excellent communication skills.

Our Values & Core Competencies

• Act with Integrity — We uphold the highest ethical standards and take full responsibility in every action.
• Collaborate with Trust — We bring together diverse perspectives across disciplines and borders.
• Challenge with Curiosity — We question deeply, explore fearlessly, and pursue knowledge relentlessly.
• Innovate to Protect — We create with purpose, building secure, scalable, and forward‑looking solutions.
• Adapt with Precision — We move with speed and discipline – learning from failure and refining our approach.

Ready to Make an Impact? Apply today!