Penetration Tester - Offensive Security

Mastarrec
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 95K

Job location

Tech stack

API
Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Bash
Burp Suite
Cloud Computing
Cloud Computing Security
Continuous Integration
DNS
Cryptographic Protocols
Hypertext Transfer Protocols (HTTP)
Python
Kali Linux
NMap
Open Web Application Security
Powershell
Phishing
Red Team (Cyber Security)
TCP/IP
Wireshark
Web Applications
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Mitre Att&ck
Firewalls (Computer Science)
Metasploit
Devsecops
Blue Team (Cyber Security)
Vulnerability Analysis

Job description

We are looking for a certified Penetration Tester to join our client's cybersecurity team and help safeguard critical systems through simulated attacks and red team assessments. You'll be responsible for identifying vulnerabilities across networks, applications, and cloud infrastructure and providing actionable insights to reduce risk exposure., * Plan, execute, and report on penetration tests across networks, web applications, APIs, mobile, and cloud environments

  • Conduct red team engagements, including simulated phishing, social engineering, and physical security assessments
  • Identify, document, and prioritise vulnerabilities and misconfigurations
  • Use both manual techniques and automated tools (e.g., Burp Suite, Metasploit, Nmap)
  • Collaborate with blue team and remediation teams to harden systems
  • Produce detailed technical reports and executive summaries for stakeholders
  • Stay up to date with the latest exploits, vulnerabilities (CVEs), and threat actor tactics

Requirements

Ideal candidates have deep experience in offensive security. Testing, a strong understanding of exploits and security protocols, and a drive to continuously evolve with today's fast-moving threat landscape., * Strong proficiency in penetration testing tools (e.g., Kali Linux, Burp Suite, Metasploit, Nmap, Wireshark)

  • Experience with OWASP Top 10, vulnerability scanning, and exploit development
  • Familiarity with MITRE ATT&CK framework and red team methodology
  • Solid knowledge of TCP/IP, firewalls, DNS, HTTP/HTTPS, and encryption protocols
  • Strong reporting and communication skills
  • At least one industry certification (OSCP, CEH, CREST CRT, or similar)

Desired Skills

  • Scripting skills in Python, PowerShell, or Bash
  • Experience with cloud security testing (AWS, Azure, GCP)
  • Familiarity with CI/CD environments and DevSecOps
  • Exposure to purple teaming or adversary emulation
  • Knowledge of physical security and social engineering tactics

Benefits & conditions

  • Competitive salary + performance bonus
  • Paid training and certification reimbursement (OSCP, CREST, etc.)
  • 25 days holiday + bank holidays
  • Private healthcare + mental health support
  • Fully remote or hybrid working options
  • Company-funded attendance at security conferences (DEF CON, Black Hat, etc.)

Apply for this position