At a Glance
- Tasks: Lead hands-on penetration testing across web apps, APIs, and cloud environments.
- Company: Join a growing security consultancy focused on high-quality security testing.
- Benefits: Competitive salary, flexible working, and opportunities for professional growth.
- Other info: Collaborative team environment with a focus on continuous improvement.
- Why this job: Make a real impact by identifying and mitigating security risks.
- Qualifications: Experience in penetration testing and strong communication skills required.
The predicted salary is between 55000 - 70000 £ per year.
About the Role
Great role for an experienced Senior Penetration Tester to join a growing security consultancy and play a key role in delivering high‑quality, security testing across a wide range of environments. This role is suited to someone who enjoys being hands‑on, is comfortable leading engagements end‑to‑end and takes pride in producing clear, defensible findings that help organisations reduce real security risk. You will work closely with technical teams and stakeholders to test applications and infrastructure, explain risk in practical terms, and support effective remediation.
What You’ll Be Doing
- Plan, scope, and deliver manual penetration testing engagements across web applications, APIs, infrastructure and cloud environments.
- Lead testing activities from initial scoping through execution, reporting and client or stakeholder read‑outs.
- Identify, validate and exploit security weaknesses using a combination of tooling and manual techniques.
- Clearly document findings, impact and remediation guidance in high‑quality technical and non‑technical reports.
- Communicate risk effectively to a range of audiences, including engineers, product owners and non‑technical stakeholders.
- Support remediation efforts by working collaboratively with development, infrastructure and security teams.
- Contribute to internal quality assurance, peer review and continuous improvement of testing methodologies.
- Share knowledge within the team through mentoring, tooling contributions and technical discussions.
- Maintain awareness of emerging attack techniques, vulnerabilities and defensive controls relevant to modern environments.
What you’ll need
- Hands‑on penetration testing experience, delivering tests across multiple environments.
- Strong understanding of web application and infrastructure security, including common attack vectors and misconfigurations.
- Confidence using industry‑standard tools such as Burp Suite, Nmap, Metasploit, and similar assessment tooling.
- Ability to perform manual testing beyond automated findings, including business logic flaws and chained vulnerabilities.
- Strong communication skills and confidence discussing security risk with non‑technical audiences.
- A methodical, ethical approach to testing and handling sensitive information.
Desirable but not essential
- Experience testing mobile applications, cloud‑native architectures, or containerised environments.
- Scripting or programming experience (e.g. Python, Bash, PowerShell) to support testing or automation.
- Involvement in internal research, tooling development, or methodology improvement.
- Relevant industry certifications such as OSCP, CREST CRT, or equivalent.
- Experience supporting compliance‑driven testing (e.g. Cyber Essentials Plus or similar).
Interested? Apply now for more information!
Penetration Tester in Derby employer: The Engage Partnership Recruitment
Join a dynamic and innovative security consultancy that values hands-on expertise and fosters a collaborative work culture. As a Senior Penetration Tester, you will not only lead critical testing engagements but also benefit from continuous professional development opportunities and a supportive environment that encourages knowledge sharing and mentorship. Located in a vibrant area, the company offers a unique chance to work on diverse projects while making a tangible impact on clients' security posture.
Contact Details:
The Engage Partnership Recruitment Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Penetration Tester in Derby
✨Tip Number 1
Network like a pro! Attend industry meetups, conferences, or webinars where you can connect with fellow penetration testers and security professionals. You never know who might have the inside scoop on job openings or can refer you to their company.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, including detailed reports of your findings and remediation strategies. This will not only impress potential employers but also demonstrate your hands-on experience and problem-solving abilities.
✨Tip Number 3
Practice makes perfect! Keep your skills sharp by participating in Capture The Flag (CTF) competitions or contributing to open-source security projects. This hands-on experience will help you stay updated on the latest attack techniques and tools, making you a more attractive candidate.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got some fantastic opportunities waiting for talented penetration testers like you. Plus, applying directly shows your enthusiasm and commitment to joining our team!
We think you need these skills to ace Penetration Tester in Derby
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Penetration Tester role. Highlight your hands-on experience, tools you've used, and any relevant certifications. We want to see how your skills match what we're looking for!
Showcase Your Projects:Include specific examples of past penetration testing projects you've led or contributed to. This helps us understand your approach and the impact of your work. Don't be shy about sharing your successes!
Be Clear and Concise:When writing your application, keep it clear and to the point. We appreciate well-structured information that gets straight to the heart of your experience and skills. Remember, clarity is key!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get all the updates directly from us. Plus, it’s super easy!
How to prepare for a job interview at The Engage Partnership Recruitment
✨Know Your Tools Inside Out
Make sure you’re well-versed in the industry-standard tools mentioned in the job description, like Burp Suite and Nmap. Be ready to discuss how you've used these tools in past projects and any unique techniques you've developed.
✨Prepare for Technical Questions
Expect to dive deep into your technical knowledge during the interview. Brush up on common attack vectors and misconfigurations, and be prepared to explain how you would approach testing different environments, including web applications and cloud setups.
✨Communicate Clearly
Since you'll need to explain risks to non-technical stakeholders, practice articulating complex security concepts in simple terms. Use examples from your experience to demonstrate how you’ve successfully communicated findings in the past.
✨Show Your Passion for Continuous Learning
Stay updated on emerging attack techniques and vulnerabilities. During the interview, share any recent research or methodologies you've explored, and express your enthusiasm for contributing to the team’s knowledge base and improvement efforts.
