Penetration Tester

We are an independent Cyber Security Consultancy thatdelivers a variety of Security Consultancy, Penetration Testing,and Managed Security Services. We serve an array of clients,including multinational corporations, government organisations, andsmall businesses looking to strengthen their security postures.As aUK Government-approved supplier and an accredited Cyber EssentialsCertification Body, we also offer services ranging from CyberSecurity, Cloud Security, and Data Privacy Consultancy toVulnerability Scanning, Cloud Security Assessments, and PenetrationTesting.Join Our Team!We’re seeking a motivated and passionatePenetration Tester to expand our CREST-accredited team. The idealcandidate will be driven, detail-oriented, and possess excellentcommunication skills to ensure the best possible experience for ourclients.As a small consultancy with ambitious growth plans, weprovide a clear career path and foster a close-knit, supportiveenvironment for our team, partners, and clients.Role Summary:Inthis position, you will conduct penetration testing across a widerange of technologies, including web applications, APIs, publiccloud platforms, mobile apps, and networks.You’ll delivercomprehensive security testing services for clients spanning boththe public and private sectors, from SMEs to start-ups. The rolewill also involve documenting findings, providing analysis, andoffering remediation guidance post-testing.Since some clients arewithin the Public Sector, existing SC clearance or eligibility forSC clearance (requiring five years of UK residency) isessential.Key Responsibilities:Perform penetration tests for webapplications, APIs, networks, mobile apps, IoT, wireless systems,and public cloud environments.Engage in Red Team exercises andsocial engineering assessments.Participate in proposal drafting andscoping discussions with clients.Prepare detailed reports andpresent findings to clients.Offer guidance on remediation based ontesting outcomes.Support junior team members with theirdevelopment.Required Qualifications, Experience, and Skills:2–5years of experience conducting security testing.Certifications suchas OSCP, OSCE, CRT, CCT, or CSTM.Hands-on experience with WebApplication, API, and microservices testing.Expertise ininfrastructure and cloud security assessments.Proficiency withtools like Nmap, Burp Suite, Nessus, Qualys, Metasploit, or KaliLinux.Strong understanding of OWASP testing methodologies.Priorexperience in a client-facing role or consultancyenvironment.Preferred Skills:Experience with Public Sectorpenetration testing.Ability to analyse code in Java, Python, orJavaScript for vulnerabilities.CHECK Team Member (CTM) or Leader(CTL) status.Existing SC clearance.What We Offer:Performance-basedannual bonus (up to 10%).Funded training in InfoSec and allocatedself-study time.Flexible 40-hour work weeks.Remote work, with 1 dayon-site at our South Manchester Office per month.25 days of annualleave (plus bank holidays).Private healthcare.Generous companypension.Robust sick pay policy.Covered expenses.Opportunities forcareer progression.Regular team events and meals.A collaborativeand fun workplace culture.Schedule: Monday to FridayLocation:Remote