Excellent opportunity for a Senior Penetration Tester to join a highly-skilled and growing CREST-certified cybersecurity consultancy committed to excellence, innovation and integrity.

The company offers great career progression opportunities, a generous training and development budget, and time to support research projects that allow you to break new ground in testing. You will need to be enthusiastic about continuous development and either have or wish to gain a current CRT qualification.

The role is predominantly home based although will include some travel to customer sites and attendance at company meetings as needed.

The Role at a Glance:

Senior Penetration Tester
Home based with visits to client sites and company meetings as required
Up to £70,000 to £80,000 Per Annum depending on experience & qualifications
Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities.

Growth: A structured career development plan and training

Hours: 09:00 am to 17:30 pm Monday – Friday

Development Opportunity: Career progression and training opportunities available
Company: Specialist information and cyber security consultancy and audit services

Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose.

Your Skills / Background: 4+ years hands-on penetration testing experience and ideally an existing CRT qualification or the aspiration to gain the qualification. You will also be a tenacious problem solver and good communicator.

The Senior Penetration Tester Opportunity:

As Senior Penetration Tester, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. In return, you will work in an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects.

This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans, and support/sponsorship to attain future qualifications.

Key Responsibilities:

• Delivering high quality infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout penetration tests, along with cloud security assessments
• Working with client teams to research potential vulnerabilities and then plan accordingly
• Working with clients to research and identify new and emerging attack vectors
• Conducting vulnerability assessment scanning and unauthorised host discovery exercises
• Analysing findings and translating them into actionable recommendations
• Delivering high-quality technical reports, outlining technical and business risk
• Providing support to clients during on-going incidents
• Creating and developing tooling, knowledge/threat libraries, methodologies and policies that ensure high quality and informed testing assessments are undertaken
• Creating and developing internal documentation to ensure our reporting is meaningful
• Authoring appropriate thought leadership papers, articles, online posts, and marketing materials

About You:

• A tenacious tester with 4+ years' demonstrable hands-on penetration testing experience
• Have mastered a variety of security testing tools
• Current and relevant technical understanding of technologies, security threats and trends
• Familiar with relevant bodies and security standards
• Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with good reporting writing and client presentation skills
• Current CRT, OSCP and/or CTM / CTL qualification would be advantageous, but we are also considering applications from candidates with relevant work experience who would be ready and keen to obtain these qualifications in the near future (with relevant company sponsorship)
• The desire to gain new skills, continuous learning and development, attend training courses and obtain future qualifications / accreditations
• Strong verbal and written communication skills including report writing
• Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum, but we are unfortunately not able to offer sponsorship)

About Us:

We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats.

We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus.

Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure.

Services include:

• Security consulting across the area of security governance, risk, compliance and standards alignment
• Penetration testing
• Security architecture for cloud and infrastructure
• Detection and response
• Fractional heads and virtual support
• NCSC Assurance service provider for Cyber Essentials and a Certifying Body
• Security auditing across varying standards such as ISO27001, NIST, PCI DSS and Cyber E Essentials
• Training and awareness

Interested? Apply here for a fast-track path to our Hiring Manager

Application notice... We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details.

If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.