Associate Security Consultant

Associate Security Consultant - This is your launchpad into ethical hacking Cheltenham – Office-based during probation, then hybrid The Opportunity At NCC Group, our incredible Technical Assurance division is looking for Associate Security Consultants to embark on a journey of growth and development. Kicking off on the 19th of January 2026 , you will be based in our Cheltenham office where you will work with and learn from some of the best minds in the industry. This opportunity is available to candidates from various backgrounds and specialisms, whether you are changing careers or looking to move into another area of Cyber Security. Our industry-renowned and awarded training program will teach you to perform web application security assessment, network and infrastructure testing, applied research, consultancy skills, and more. You will propel your career and be on the fast track to becoming a full fledge Penetration Tester (aka Security Consultant). The wealth of experience and knowledge available to learn from is invaluable and can often lead to you finding interests in cyber security that you didn’t know you had. The challenge: You’ll spend your first 6 months in our Cheltenham office engaging in structured learning, a mix of guided classroom sessions, 1:1 mentoring, and self-paced modules You’ll be paired with experienced consultants who guide your technical development and help you build consultancy soft skills, from client communication to report writing You’ll work through real-world scenarios using tools like Burp Suite, Kali Linux, and custom NCC Group platforms. Expect to learn manual testing techniques alongside automated approaches You’ll observe live client engagements, gaining exposure to different industries, threat models, and testing methodologies Midway through the programme, you’ll deliver a graduation project; this could be a research piece, a custom tool, or a deep-dive into a specific technique Once trained, you’ll begin contributing to billable client work, supported by your mentor and line manager. You’ll start with scoped tasks and gradually take on full engagements Regular check-ins and performance reviews throughout, will ensure you’re progressing technically and professionally, with clear milestones and support. Expected outcomes in your first 12 months: Deliver a graduation project that demonstrates technical depth and presentation skills On successful completion of the training you will sit an industry wide qualification (such as CRT or CSTM) before commencing billable client facing work. After gaining CRT or CSTM, you will apply to NCSC for CHECK Team Member accreditation. Transition into client-facing delivery work with confidence and credibility Build a strong foundation in penetration testing and consultancy, ready to specialise or broaden into other areas of cyber security. A successful Associate Has a good level of English command, both written and spoken Asks smart questions, loves solving problems, and showing initiative Communicates clearly with clients and colleagues Demonstrates curiosity and drive to learn continuously. You’ll bring genuine passion for cyber security, and ideally, you will have some degree of experience or exposure in at least 3 of the following: Pen testing, web dev frameworks (React, Flask, etc.) Networking (TCP/IP, routing/switching) Cryptography (applied, PQC, symmetric