Lead Penetration Tester in Bristol

We’re looking for a highly skilled Lead Penetration Tester with CHECK Team Lead (CTL) status to join our dynamic security team. This is a senior, hands‑on role where you’ll lead and deliver complex penetration testing engagements across infrastructure, cloud, web, and mobile applications for a diverse range of clients, including software, fintech, manufacturing, engineering, legal, and public sector organisations. You’ll play a pivotal role in shaping our offensive security services, coordinating end‑to‑end testing, mentoring junior testers, and contributing to the evolution of our methodologies. If you thrive on tackling challenging security problems, enjoy working in a collaborative environment, and want to keep pushing your technical boundaries, we’d love to hear from you.

What You’ll Do

• Lead and execute penetration tests across infrastructure, cloud, web, and mobile applications.
• Manage end‑to‑end engagements: from scoping and kick‑off sessions to delivery and client debriefs.
• Produce detailed, actionable reports outlining vulnerabilities and tailored remediation steps.
• Stay ahead of emerging threats by researching new offensive techniques and integrating them into our methodology.
• Automate repetitive tasks and streamline testing processes through scripting.
• Mentor and coach junior testers, supporting their technical growth and career development.
• Enhance tools and methodologies, ensuring our services remain cutting‑edge.
• Support pre‑sales efforts as a subject‑matter expert in penetration testing.
• Communicate findings effectively to both technical and non‑technical stakeholders.
• Contribute to thought leadership through blogs, white papers, or speaking engagements.

Essential Skills

• CHECK Team Lead (CTL) status – Infrastructure or Web Applications
• Current UK SC Clearance.
• Minimum 5 years’ penetration testing experience, with a proven track record of complex engagements.
• Proven experience in cloud security reviews (AWS, Azure, GCP).
• Deep expertise in web, mobile, and network penetration testing methodologies.
• Advanced knowledge of operating systems (Linux, Windows, Active Directory).
• Familiarity with cloud environments and ability to perform cloud security reviews.
• Proficiency with tools such as BurpSuite Pro, Nmap, Nessus, Metasploit, and Kali Linux.
• Strong scripting skills (Python, Shell, etc.).
• Excellent communication and technical report writing skills.

Nice‑to‑Have

• Additional certifications: OSCP, CSTL/CCT, Cyber Scheme, CREST.
• UK Cyber Security Council Chartership (Principal or above).
• Experience with Hack The Box or Capture the Flag simulations.
• Exposure to advanced testing techniques and red team engagements.

Why Join Instil?

• A discretionary annual performance bonus that rewards your impact and contribution to our success.
• Flexible working arrangements and summer hours, because life isn’t 9 to 5, and balance matters.
• A highly competitive pension scheme with generous employer contributions, private healthcare, and life assurance for peace of mind.
• Employee Assistance Programme, mental health support, cycle‑to‑work scheme, and regular social events to keep our culture vibrant.
• 35 days holiday, enhanced maternity pay, and family‑first policies so you can focus on what matters most.
• From courses to certifications, we’ll invest in your development so you can keep growing and shaping what’s next.
• Opportunities to volunteer, give back, and be part of initiatives that make Instil a truly inclusive and connected workplace.

Instil has been delivering world‑class software engineering and technology solutions for over 20 years, trusted by global brands to solve complex challenges and drive innovation. From modernising legacy systems to building cutting‑edge applications, we help our clients navigate an ever‑changing digital landscape with confidence and agility. We’re proud to be an award‑winning employer, reflecting how our people are at the heart of everything we do.