Senior Penetration Tester/ Check Team Lead

Summary: CCL Solutions Group is seeking an exceptional Senior Penetration Tester with CHECK Team Leader Infrastructure (CTL-INF) qualifications to join our elite team of security professionals.
Location: Home based
Main Job Summary This is more than just a job, we’re looking for individuals with a hacker’s mindset, deep technical expertise, and a relentless drive to secure the UK's most critical assets. You will be leading engagements across secure environments, delivering high-impact assessments, mentoring team members, and shaping the offensive security direction of the business. In return, we offer a highly supportive environment with structured mentoring, paid training days, and access to advanced tooling.
Main Duties & Responsibilities (other duties may be assigned): CCL Solutions Group are more than just a leading provider of cybersecurity services, we are a team committed to making a real difference in protecting communities, businesses, and the critical infrastructure of the UK.
As a Senior Penetration Tester within CCL Solutions Group, your key responsibilities will be:
Lead and deliver end-to-end penetration testing engagements across infrastructure and cloud environments.
Manage and mentor junior CHECK team members, supporting their development and quality of delivery.
Produce comprehensive, high-quality reports that identify risks, remediation strategies, and technical impact.
Support red team simulations, infrastructure reviews, and adversary emulation where required.
Contribute to internal R&D, tooling improvements, and the development of our offensive security services.
Required Skill Set & Experience: This role requires a senior and mature person who can demonstrate leadership, honesty and integrity and who expects high standards. Please understand this is not an entry level role it is essential that you have:
CHECK Team Leader certification (Cyber Scheme Team Leader - INF or CREST CCT-INF).
Minimum of 2 years delivering CHECK engagements as a CTL.
At least 3 years of hands-on penetration testing experience in enterprise environments.
Deep understanding of infrastructure testing, Active Directory security, and cloud technologies (AWS, Azure, Kubernetes).
Strong familiarity with tools such as Nmap, Burp Suite, Metasploit, Impacket, and SMBClient.
Able to articulate technical findings to both technical and non-technical audiences in written and verbal formats.
How to be successful in this role? To be successful in this role you will need a Strong understanding of the following technical competencies:
Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack).
Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10).
Familiarity with scripting and automation using Python, Bash, or PowerShell.
Strong understanding of Active Directory attack chains and common privilege escalation paths.
Experience interpreting logs and event outputs from OS and security appliances.
Certifications: OSCP, OSEP, CRTO, or other advanced offensive security qualifications.
Programming/scripting in Python, Ruby, Go, C#, or Java.
Experience in red teaming, threat emulation, or purple teaming.
Agile experience and knowledge of the common production frameworks is highly desired.
Other Role Requirements: Must have been resident in the UK for a minimum of 5 years.
Full UK driving licence.
Ability to obtain (or currently hold) SC or DV clearance – this is non-negotiable and is set by the NSCS (National Cyber Security Centre ) for all Check Members.
Willingness to travel for client engagements or on-site support. Travel is within the United Kingdom.
CCL is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. In applying for a role you acknowledge that your personal data is necessary to consider you for the advertised role. Your information will be processed in accordance with the CCL Group Privacy Notice and retained for a maximum period of 12 months.
If you would like to apply for this role please send us your current cv and a covering email.
CCL Solutions Group is made up of the following companies: CCL (Solutions) Group Ltd (company number 08128980), CCL-Forensics Ltd (company number 05314495), Evidence Talks Limited (company number 04611669), CCL Cyber Solutions Ltd (company number 11316398), CCL (Computer Consultants) Ltd (company number 02049601)

#J-18808-Ljbffr