At a Glance
- Tasks: Conduct hands-on security testing and vulnerability assessments for real clients.
- Company: Join a leading cyber security consultancy with a focus on growth and development.
- Benefits: Competitive salary, funded certifications, mentoring, and hybrid working options.
- Other info: Dynamic team culture with a clear path for career advancement.
- Why this job: Gain real-world experience and progress your career in a supportive environment.
- Qualifications: 1-2 years in security testing or vulnerability assessment; familiarity with key tools.
The predicted salary is between 30000 - 35000 £ per year.
We are working with a well-established cyber security consultancy that is looking for a Security Testing Analyst to join their growing security testing team. This is a hands-on role with a clear development path - ideal for someone with around one to two years of experience in vulnerability assessment or junior penetration testing who wants structured progression toward deeper VAPT capability in a real client environment.
The consultancy works with clients across regulated industries and PE-backed businesses, delivering penetration testing, VAPT, GRC advisory, and AI security services. You'll be joining a team that invests in its people: mentoring, funded certifications, and a performance-based progression model, not a time-served one.
About the Role: The primary focus of the role is vulnerability assessment, external attack surface management, scan management, finding validation, and remediation follow-up. Alongside that, you'll be carrying out practical penetration testing activity - particularly across external infrastructure and internet-facing services - with direct mentoring from senior testers as you build out your capability. This isn't a role where you run a scan, export the report, and move on. You'll be expected to investigate findings properly, understand exploitability, reduce false positives, and produce technical summaries that hold up to scrutiny. The testing team operates to CREST methodology throughout. Early on the role will be office weighted so you can get comfortable with the team. Hybrid working will then be available once you are settled in.
What You'll be Doing:
- Deliver VAPT, vulnerability assessment, and attack surface management services across a range of clients
- Conduct security testing of external infrastructure and internet-facing services, including reconnaissance, enumeration, and vulnerability validation
- Configure, schedule, and monitor vulnerability scans, maintaining accurate asset inventories and scope records
- Triage and prioritise vulnerability findings, focusing on critical and high-severity issues
- Validate findings using approved methods, assessing exploitability and business impact
- Perform basic penetration testing activities under guidance, including reconnaissance and controlled validation
- Support external attack surface reviews, identifying exposed assets and prioritising remediation
- Produce clear summaries and documentation for internal teams, clients, and formal reports
- Assist senior penetration testers with research, evidence collection, and report writing
- Adhere to internal methodologies and industry frameworks, including NIST, OWASP, and CREST best practices
What They're Looking For:
- 1-2 years' experience in vulnerability assessment, security testing, or junior penetration testing
- Good understanding of networking, operating systems, and web technologies (TCP/IP, DNS, HTTP/S, Linux, Windows)
- Hands-on experience with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, or Qualys
- Familiarity with penetration testing tools including Kali Linux, Nmap, Burp Suite, Metasploit, Nikto, and Gobuster
- Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and the OWASP Top 10
- Ability to perform reconnaissance, enumeration, service analysis, and controlled validation of findings
- Strong written communication skills with the ability to produce clear technical reports
- Able to work methodically within defined scope and rules of engagement
- Certs like CPSA, PenTest+, eJPT or PNPT are a nice bonus, as is lab time on HTB or TryHackMe.
Why This Role? Funded certs, direct mentoring from experienced testers, real client exposure from day one, and progression that's based on what you deliver - not how long you've been there. Apply now for immediate consideration!
Security Testing Analyst in Slough employer: Oscar Associates (UK) Limited
Join a leading cyber security consultancy in London that prioritises employee development and offers a dynamic work culture. With a strong focus on mentoring, funded certifications, and a performance-based progression model, this role provides an excellent opportunity for growth in the field of security testing. Enjoy the benefits of hybrid working after settling in, while engaging in meaningful projects that directly impact clients across regulated industries.
Contact Details:
Oscar Associates (UK) Limited Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Security Testing Analyst in Slough
✨Get Involved in the Cybersecurity Community
Dive into local and online cybersecurity meetups or forums. Engage with communities on platforms like Reddit or Discord, which often have dedicated channels for job opportunities and entry-level tips. Making yourself visible here can open doors we didn't even know existed!
✨Show Off Those Skills
Set up a GitHub profile where you can showcase any projects or contributions you’ve made, even if they’re just personal experiments. Potential employers love to see our work in action, and this is a great way to catch the eye of companies like Oscar Associates (UK) Limited while we’re still building our experience.
✨Leverage Online Courses & Certifications
Consider taking some recognised cybersecurity certifications, like CompTIA Security+ or Certified Ethical Hacker. These badges give us an edge and show our commitment to the field. Plus, many courses have job boards and networking opportunities that can lead to our first gig!
✨Apply Early and Often
Entry-level roles in cybersecurity can fill up quickly, so keep an eye on our website for open positions at Oscar Associates (UK) Limited. We should be ready to apply as soon as we see a role pop up. Tailor our applications to highlight relevant skills like problem-solving and attention to detail – these can set us apart!
We think you need these skills to ace Security Testing Analyst in Slough
Some tips for your application 🫡
Show off your technical skills:In the cybersecurity field, we love to see your technical know-how right from the get-go. Include any relevant coursework, certifications (like CompTIA Security+ or CEH), and tools you're familiar with. If you've dabbled in security protocols or have any hands-on experience with firewalls or threat analysis, make sure to highlight that!
Demonstrate your passion for cybersecurity:A cover letter is your chance to show your enthusiasm for cybersecurity—don’t hold back! Talk about why you’re excited about this career path, any personal projects you've been involved with, or security challenges you’ve taken on. It’s all about showing Oscar Associates (UK) Limited that you’re eager to learn and contribute.
Include relevant extracurricular activities:In entry-level applications, we appreciate seeing how you’ve engaged with the cybersecurity community. Mention any clubs, competitions (like Capture The Flag), or volunteer work related to cybersecurity. This will give us insight into your dedication to growing your skills beyond academic learning!
Keep it concise and tailored:We get it—writing about yourself can be tough. But for entry-level roles like Security Testing Analyst at Oscar Associates (UK) Limited, we're looking for clarity and focus. Tailor your CV and application materials to highlight only what matters for this role. Avoid fluff and get straight to your strengths in the context of cybersecurity!
How to prepare for a job interview at Oscar Associates (UK) Limited
✨Know Your Cybersecurity Basics
Make sure you’re clued up on the essential concepts of cybersecurity, like encryption, firewalls, and malware. For an entry-level role like Security Testing Analyst at Oscar Associates (UK) Limited, they might ask you practical questions to test your understanding of these topics, so brush up on the basics and maybe even run through some scenarios.
✨Familiarise Yourself with Tools
You’ll likely be working with various cybersecurity tools and platforms, so get comfortable with common ones like Wireshark and Metasploit. Mention any hands-on experience you have with these tools during your interview, as it shows you’ve taken the initiative to learn and apply your knowledge, which is key for an entry-level position.
✨Show Your Passion for Learning
Since this is an entry-level position, employers at Oscar Associates (UK) Limited will want to see your eagerness to learn. Prepare to discuss any certifications or online courses you've completed, as well as how you stay updated on the latest threats and trends in cybersecurity. This demonstrates your commitment to growing in the field.
✨Prepare for Scenario-Based Questions
Expect some scenario-based questions during your interview. These might include how you'd respond to a phishing attempt or securing a network. Think through a few examples beforehand, so you can showcase your problem-solving skills and thought process, which are critical in cybersecurity.
