Security Consultant

We are seeking a highly skilled and DV-cleared Penetration Tester operating at CHECK Team Member (CTM) or CHECK Team Leader (CTL) level to join our cyber security team. You will be responsible for conducting rigorous penetration testing, vulnerability assessments, and red team engagements for critical national infrastructure, government departments, and sensitive defence systems.

This role requires a professional with an in-depth understanding of offensive security who can work under strict security protocols and in high-assurance environments.

Key Responsibilities:

Perform authorised simulated attacks on networks, applications, and systems (infrastructure and web application testing).

*

Lead and/or participate in Red Team engagements and scenario-based threat simulations (for CTLs).

*

Produce high-quality technical and executive-level reports detailing findings, risks, and remediation advice.

*

Collaborate with clients to understand their security requirements and advise on best practices and mitigation strategies.

*

Ensure compliance with NCSC CHECK standards and relevant industry frameworks (e.g., ISO 27001, NIST, Cyber Essentials+).

*

Maintain operational security and confidentiality in line with government protocols.

Essential Requirements:

*

Active DV (Developed Vetting) Clearance – must be current and transferable.

*

Valid CREST CRT qualification (or equivalent) – CHECK status as CTM or CTL required.

*

Demonstrable experience in penetration testing, ideally within defence, government, or highly regulated environments.

*

Strong knowledge of network protocols, common vulnerabilities (e.g., OWASP Top 10), exploitation techniques, and mitigation strategies.

*

Familiarity with tools such as Burp Suite, Metasploit, Nmap, Nessus, Cobalt Strike, etc.

*

Solid understanding of Red Team / Adversary Simulation methodologies (for CTL-level roles).

*

Excellent written and verbal communication skills.

Desirable:

*

Experience with Purple Teaming or threat intelligence-driven testing.

*

Certifications such as OSCP, OSCE, OSEP, or CISSP.

*

Experience with cloud environments (AWS, Azure) and container security.

*

Knowledge of secure development and DevSecOps practices.

Benefits:

*

Opportunities to work on high-impact national security projects.

*

Continuous professional development and training budget.

*

Flexible working options (where security clearance allows).

*

Competitive salary and performance-based bonuses