Specialist Penetration Tester

About the Role

This position requires hands-on experience in offensive security and a deep understanding of network, application, and cloud-based vulnerabilities. To succeed in this role, you’ll need a solid background in penetration testing or offensive security, along with hands-on experience using industry-standard tools and frameworks. A strong grasp of security principles and methodologies is essential, as is the ability to communicate findings clearly and effectively. Other qualifications and skills include:

• Proficiency with tools like Burp Suite, Nmap, Metasploit, Nessus, and Kali Linux, plus scripting skills in Python, Bash, or PowerShell,
• Strong understanding of OWASP Top 10, MITRE ATT&CK, CVSS scoring, and familiarity with cloud platforms (AWS, Azure, GCP) and container security,
• Relevant certifications such as OSCP, CREST CRT, or eCPPT are highly desirable, along with excellent written and verbal communication skills

Desirable:

• Ability to mentor junior testers and contribute to internal tooling

What the job involves

As a Penetration Tester within the internal cybersecurity team, you’ll play a key role in identifying and mitigating security risks across the organisation’s digital landscape. You’ll be responsible for conducting thorough penetration tests, simulating real-world attacks, and delivering actionable insights to both security and development teams. Collaboration and continuous learning are central to the role, ensuring our defences stay ahead of emerging threats.

• Performing penetration tests on web applications, networks, APIs, mobile apps, and cloud environments
• Simulating real-world attack scenarios to assess system and infrastructure resilience
• Producing detailed technical reports and executive summaries for stakeholders
• Collaborating with internal teams to validate findings and support remediation efforts
• Staying up to date with emerging threats, vulnerabilities, and offensive security techniques

How to Apply