Penetration Tester – Offensive Security
Penetration Tester – Offensive Security
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description
We are looking for a certified Penetration Tester to join our clients cybersecurity team and help safeguard critical systems through simulated attacks and red team assessments. Youll be responsible for identifying vulnerabilities across networks applications and cloud infrastructure and providing actionable insights to reduce risk exposure.
Ideal candidates have deep experience in offensive security. Testing a strong understanding of exploits and security protocols and a drive to continuously evolve with todays fast-moving threat landscape.
Job Responsibilities
- Plan execute and report on penetration tests across networks web applications APIs mobile and cloud environments
- Conduct red team engagements including simulated phishing social engineering and physical security assessments
- Identify document and prioritise vulnerabilities and misconfigurations
- Use both manual techniques and automated tools (e.g. Burp Suite Metasploit Nmap)
- Collaborate with blue team and remediation teams to harden systems
- Produce detailed technical reports and executive summaries for stakeholders
- Stay up to date with the latest exploits vulnerabilities (CVEs) and threat actor tactics
Requirements
Required Skills
- Strong proficiency in penetration testing tools (e.g. Kali Linux Burp Suite Metasploit Nmap Wireshark)
- Experience with OWASP Top 10 vulnerability scanning and exploit development
- Familiarity with MITRE ATT&CK framework and red team methodology
- Solid knowledge of TCP/IP firewalls DNS HTTP/HTTPS and encryption protocols
- Strong reporting and communication skills
- At least one industry certification (OSCP CEH CREST CRT or similar)
Desired Skills
- Scripting skills in Python PowerShell or Bash
- Experience with cloud security testing (AWS Azure GCP)
- Familiarity with CI/CD environments and DevSecOps
- Exposure to purple teaming or adversary emulation
- Knowledge of physical security and social engineering tactics
Benefits
Job Benefits
- Competitive salary performance bonus
- Paid training and certification reimbursement (OSCP CREST etc.)
- 25 days holiday bank holidays
- Private healthcare mental health support
- Fully remote or hybrid working options
- Company-funded attendance at security conferences (DEF CON Black Hat etc.)
Required Skills:
Required Skills In-depth knowledge of ISO 27001 NIST CSF GDPR and risk management frameworks Experience performing security risk assessments internal audits and compliance reviews Strong understanding of cybersecurity controls regulatory mandates and business risk alignment Excellent client communication stakeholder management and reporting skills Familiarity with GRC platforms (e.g. RSA Archer ServiceNow GRC LogicGate) Desired Skills Certifications such as CISM CRISC ISO 27001 Lead Auditor or similar Experience working with financial services healthcare or SaaS industries Understanding of emerging regulations (e.g. DORA NIS2 AI Act) Cloud compliance knowledge (e.g. CSA CCM AWS/Azure/GCP compliance) Familiarity with SOC 2 PCI DSS HIPAA frameworks
Employment Type
Full Time
