Specialist Penetration Tester (Cybersecurity)

TL;DR

Specialist Penetration Tester (Cybersecurity): Conducting comprehensive offensive security assessments across digital infrastructure with an accent on web applications, cloud environments, and network resilience. Focus on simulating real-world attack scenarios, documenting security vulnerabilities, and collaborating with internal teams to drive remediation.

Location: Hybrid (must be able to attend London or Cambridge office 2 days per week)

Company

A global leader in AI for cybersecurity, protecting nearly 10,000 organizations from unknown threats using proprietary AI technology.

What you will do

• Perform penetration tests on web applications, APIs, mobile apps, and cloud environments.
• Simulate real-world attack scenarios to evaluate system and infrastructure resilience.
• Produce detailed technical reports and executive summaries for stakeholders.
• Collaborate with internal teams to validate findings and support remediation efforts.
• Stay current with emerging threats, vulnerabilities, and offensive security techniques.

Requirements

• Solid background in penetration testing or offensive security.
• Proficiency with tools such as Burp Suite, Nmap, Metasploit, Nessus, and Kali Linux.
• Scripting skills in Python, Bash, or PowerShell.
• Strong understanding of OWASP Top 10, MITRE ATT&CK, and CVSS scoring.
• Familiarity with cloud platforms (AWS, Azure, GCP) and container security.
• Must be able to work on-site in London or Cambridge 2 days per week.

Nice to have

• Relevant certifications such as OSCP, CREST CRT, or eCPPT.
• Ability to mentor junior team members and contribute to internal security tooling.

Culture & Benefits

• 23 days of holiday plus public holidays, increasing to 25 days after 2 years.
• Private medical insurance covering the employee, partner, and children.
• Life insurance valued at 4 times base salary.
• Salary sacrifice pension scheme and enhanced family leave.
• Additional day off for your birthday and cycle to work scheme.