Cyber Advisory BRS – CTEM – Senior Consultant to Manager

The role

We are looking for technically gifted and strategically minded Penetration Testers to deliver and lead offensive security engagements across diverse environments. Youll simulate sophisticated attack scenarios uncover vulnerabilities and provide strategic recommendations that help our clients reduce risk and enhance their overall security posture.

As a Senior Consultant or Manager youll assess infrastructures applications and cloud environments through ethical hacking engagements and work closely with clients to strengthen their resilience against evolving cyber threats.

Key Responsibilities

• Plan execute and report on penetration testing engagements across network infrastructure web and mobile applications cloud environments and APIs.
• Deliver advanced threat emulation social engineering and red/purple team assessments including Threat-Led Penetration Testing (TLPT) and TIBER exercises.
• Analyse and communicate technical findings clearly providing actionable recommendations tailored for both technical and executive stakeholders.
• Provide strategic remediation advice to help clients address vulnerabilities and build long-term resilience.
• Collaborate with internal threat intelligence incident response and governance teams to provide holistic cyber defence solutions.
• Develop and enhance custom tools scripts and proof-of-concepts to improve testing effectiveness.
• Contribute to knowledge sharing methodology development and team mentoring depending on seniority.
• Support business development initiatives through proposal input presentations or technical scoping discussions (Senior Consultant level).

Skills & Experience

• Bachelors degree in Computer Science Cybersecurity or a related discipline (or equivalent practical experience).
• 3 (5 for Manager) years of hands-on penetration testing or offensive security experience.
• Proficiency with tools such as Burp Suite Nmap Metasploit Cobalt Strike Nessus and similar toolsets.
• Deep understanding of common attack vectors including OWASP Top 10 MITRE ATT&CK and cloud-specific threat models.
• Strong scripting capability in Python PowerShell or similar languages.
• Relevant certifications such as OSCP OSCE CREST CRT/CCT GPEN or equivalent industry-recognised credentials.

Desired Skills

• Experience testing cloud platforms (AWS Azure GCP) and container environments (Docker Kubernetes).
• Proven ability to lead client workshops present findings and manage sensitive or complex client discussions.
• Familiarity with compliance frameworks and regulations such as PCI-DSS ISO 27001 NIST DORA and NIS2.
• Excellent report writing and communication skills with the ability to translate technical findings into actionable insights for business leaders.

#LI-RM1