Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct penetration tests on web applications, APIs, and infrastructure while leading client engagements.
- Company: Join a leading UK consultancy in offensive security with a dynamic team of 70 testers.
- Benefits: Enjoy a competitive salary, remote work, travel expenses, and a pension scheme.
- Other info: Flexible roles available with excellent career growth and mentorship opportunities.
- Why this job: Make a real impact in cybersecurity while working remotely and visiting clients as needed.
- Qualifications: Must have CHECK/CREST qualifications and hands-on experience in penetration testing.
The predicted salary is between 55000 - 90000 £ per year.
Location: Fully Remote, UK (with client site visits as required)
Salary: £55,000 - £90,000 DOE + expenses + overnight bonus for site work
Type: Permanent, Full-Time
Summary:
We are looking for experienced Penetration Testers to join one of the UK's larger dedicated offensive security practices. With a team of around 70 testers split across CHECK and CREST work, this is a well-established consultancy delivering high-quality assessments across a broad client base, with genuine variety in engagement type, sector, and technical depth.
The team is structured across two streams, more commercially-driven engagements through CREST, and deeper, security-led work through CHECK, so there's a clear path whichever direction you want to lean. Multiple roles are available across mid and senior levels, and the company is flexible on starting clearance level.
This role is fully remote with client site visits as required. No two weeks look the same.
Key Responsibilities:
- Deliver web application, API, and infrastructure penetration tests, taking ownership of engagements end-to-end from scoping through to final report delivery.
- Lead client-facing engagements, communicating high-risk findings as they are identified to support swift remediation.
- Produce clear, professional reports tailored to client-specific context and business risk.
- Support broader offensive security activities including red and purple team engagements, phishing simulations, and assumed-breach style assessments where relevant.
- Contribute to internal QA, mentor more junior consultants, and support report quality across the team.
- Stay up to date with the evolving threat landscape and contribute to internal R&D, tooling, and knowledge sharing.
Requirements:
- CHECK Team Member (CTM), CHECK Team Leader (CTL), CREST Registered Tester (CRT), or CREST Certified Tester (CCT) qualified, or actively progressing along either pathway at a senior level.
- Hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional consultancy setting.
- Strong understanding of common vulnerability classes (e.g. OWASP Top 10), exploitation techniques, and remediation guidance.
- Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences.
- Strong written reporting skills, with the ability to produce clear, well-structured deliverables.
- A genuine passion for offensive security, demonstrated through CTFs, labs (e.g. Hack The Box, TryHackMe), research, certifications, or community involvement.
Clearance:
Clearance requirements vary by role, some do not require any clearance, others are looking for SC or DV. The company will put successful candidates through the relevant clearance process where required, so existing clearance is welcomed but not essential across the board.
Benefits:
- Salary: £55,000 - £90,000, depending on experience, certifications and clearance level
- Fully remote working
- Overnight bonus for client site visits
- Travel and expenses covered for client work
- Clearance sponsorship (SC / DV) where required for the role
- Company pension scheme
Penetration Tester (CHECK / CREST) in Woking employer: Oscar Associates (UK) Limited
Contact Detail:
Oscar Associates (UK) Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Penetration Tester (CHECK / CREST) in Woking
✨Tip Number 1
Get your networking game on! Connect with professionals in the cybersecurity field on LinkedIn or attend local meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Practice makes perfect! Before any interviews, run through common penetration testing scenarios and be ready to discuss your past experiences. We recommend setting up a lab environment to showcase your skills and knowledge during discussions.
✨Tip Number 3
Don’t forget to tailor your approach! When you’re applying for roles like Penetration Tester, make sure to highlight relevant projects and experiences that align with the job description. We want to see how you fit into our team!
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who take the initiative to engage directly with us.
We think you need these skills to ace Penetration Tester (CHECK / CREST) in Woking
Some tips for your application 🫡
Keep Your CV Fresh: Before you hit that apply button, make sure your CV is up to date. Highlight your relevant experience in penetration testing and any certifications you've got under your belt. We want to see what makes you stand out!
Tailor Your Application: Read through the job specs carefully and tailor your application to match. Use keywords from the description to show us you understand what we're looking for. This helps us see how you fit into our team!
Show Off Your Writing Skills: Since strong written reporting skills are key for this role, make sure your application reflects that. Write clearly and concisely, and don’t forget to proofread! We love a well-structured application.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets to us quickly and efficiently. Plus, it shows you're keen on joining our awesome team!
How to prepare for a job interview at Oscar Associates (UK) Limited
✨Know Your Stuff
Make sure you brush up on your technical skills, especially around web application and API penetration testing. Be ready to discuss common vulnerabilities like those in the OWASP Top 10 and share your experiences with exploitation techniques.
✨Show Off Your Communication Skills
Since this role involves client-facing engagements, practice explaining complex technical findings in simple terms. Think about how you would communicate high-risk issues to a non-technical audience and be prepared to demonstrate this during the interview.
✨Prepare for Scenario Questions
Expect to face scenario-based questions that assess your problem-solving skills. Think through past projects where you took ownership of an engagement from start to finish, and be ready to discuss how you handled challenges and delivered results.
✨Demonstrate Your Passion
Let your enthusiasm for offensive security shine through! Share your involvement in CTFs, labs, or any community activities. This shows that you're not just qualified but genuinely interested in the field, which can set you apart from other candidates.