Consultant, Application Security Penetration Tester
🔒 Confidential Employer
Posted 23 April 2026
LOCATION
Remote
TYPE
Full-time
LEVEL
Mid-Senior level
SALARY
£72,810 / year
CATEGORY
Technology
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion
SKILLS
Application penetration testing
Web Application Penetration Testing
Security principles
Programming/scripting languages
Consulting
Report writing
FULL DESCRIPTION
What You'll Do
Working independently and collaboratively with a team to both lead and support
- Perform penetration testing on applications with complex technology stacks from both a: Blackbox & Whitebox perspective
- Dynamically flex your skills when assessing emerging or custom technologies
- Contextualize vulnerabilities and assess realistic impact to a client accounting for mitigating and aggravating factors
- Manage priorities and tasks to achieve utilization targets
- Operate with professionalism both internally and with clients
- Ensure quality reports and services are delivered efficiently and on time
- Maintains strong depth of knowledge in the practice area
- Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables
- Up to 10% travel
What You'll Bring
Application penetration testing and assessment tradecraft and methodologies (including browser-based, API)
- Strong working knowledge of at least two programming or scripting languages
- Strong understanding of security principles and industry best practices
- Minimum of 2 years’ experience in a consulting/professional services role
- Minimum of 2 years’ experience in Application Security and/or Software Development
- Proficiency in Web Application Penetration Testing
Strong overall technical skills, with strong expertise in at least one of the following:
- Mobile Application Penetration Testing
- Thick Application Penetration Testing
- Hardware Penetration Testing
- Secure Code Review
- Container Penetration Testing
- Cloud Penetration Testing
- Network Active Directory Penetration Testing
- AI Penetration Testing
Strong consulting skills including:
- Time management, performing adjacent tasks while ensuring on-time delivery, escalating issues as needed
- Verbal communication, leading client calls for project kickoffs and debrief
- Written communication & Report writing, for both executive audiences and technical staff
- High school diploma required
Bonus Points
UK CREST Certification and eligibility to be approved for and maintain UK SC level Clearance
- Strongly preferred CREST Certifications
- CREST Practitioner Security Analyst (CPSA)
- CREST Practitioner Threat Intelligence Analyst (CPTIA)
- AWAE, OSCP, OSCE, OSEE offensive security certifications
- Significant development and engineering backgrounds
- Cloud Service penetration testing tradecraft and methodologies across multiple service providers (e.g. AWS, GCP, etc.).
- Mobile platform and application penetration testing tradecraft and methodologies across both iOS and Android.
- Red/Purple Team tradecraft and methodologies
- Social engineering in all its forms
- AWS Certified Solutions Architect – Professional, AWS Certified Security, AWS Certified Advanced Networking, AWS Certified SysOps Administrator
- Network, Database, System administration experience and certifications
Sign up free — access 45,000+ UK sponsor-licensed jobs