Pentester

Penetration Tester – Web Application & API (UK-Based, Remote)

We are currently recruiting for an exciting Penetration Tester role on behalf of a leading UK-based cyber security consultancy. The company specialises in providing Penetration Testing as a Service, combining consultant-led testing with ongoing vulnerability assurance via their advanced portal, offering continuous threat management for clients.

The Role

As a Penetration Tester, you will conduct formal, in-depth assessments across Web Applications, APIs, and other areas, delivering detailed reports that meet industry standards and deadlines. You will also assist with client-facing activities such as scoping and drafting proposals. This role involves researching new vulnerabilities and technologies, following responsible disclosure practices, and sharing your findings with the internal team.

Key Responsibilities

• Web Application & API Testing: Perform high-quality penetration testing on web applications, APIs, and other platforms.
• Reporting: Deliver clear, well-structured technical and non-technical reports in English.
• Vulnerability Assessments: Identify vulnerabilities and provide actionable remediation recommendations.
• Client Engagement: Assist with pre-engagement activities including project scoping and proposal drafting.
• Project Management: Manage and execute penetration testing projects, ensuring they are completed within set deadlines.
• Research & Collaboration: Investigate new vulnerabilities, share knowledge with the team, and follow responsible disclosure practices.
• Mentorship: Provide guidance and support to Graduate and Junior Penetration Testers, as appropriate.
  
  

Key Requirements

• Experience: Demonstrated experience in Penetration Testing, particularly in Web Applications, APIs, Mobile, and Thick Client environments.
• Technical Knowledge: Solid understanding of multiple Operating Systems, Network Principles, and Cloud/Hybrid environments (AWS, Azure).
• Programming Skills: Proficiency in programming or scripting in your preferred language.
• Certifications: Relevant security certifications such as OSCP, CREST CRT, OSEP, CCT APP, or CTM are highly desirable.
• Virtualisation Knowledge: Strong understanding of virtualisation technologies.
  
  

Additional Details

• Location: Remote (UK-based) with occasional travel to client sites and the office when required.
• Eligibility: Candidates must be based in the UK and hold the right to work, as sponsorship is not available for this position.
  
  

This is a fantastic opportunity for a passionate and skilled Penetration Tester to work in a forward-thinking consultancy, providing cutting-edge services. If you’re ready to take your career to the next level in an innovative and collaborative environment, we’d love to hear from you!