Cyber Security Consultant

Our client is a growing MSP based in Melton Mowbray, helping organisations of all sizes strengthen their security posture and achieve recognised certifications. They are looking for a skilled Cyber Security Consultant specialising in Penetration Testing to deliver high-quality security testing and assurance across a diverse client base. You'll lead and support security assessments including network, web application, mobile, cloud, wireless, and internal infrastructure testing, alongside Cyber Essentials and Cyber Essentials Plus (CE/CE+) assessments.

This role suits someone who enjoys hands-on technical work, clear reporting, and helping clients improve their security posture in practical, measurable ways. This is primarily an office-based role that will require occasional travel to client sites.

Key Responsibilities

Penetration Testing and Security Assessments:

• Deliver CREST-aligned penetration tests across external and internal networks, web applications and APIs, mobile applications (iOS/Android), and Cloud environments (Azure, AWS, GCP).

• Wireless networks and remote working setups.

• Security configuration and segmentation reviews.

• Perform vulnerability assessments and risk-based testing using industry best practices.

• Validate findings, reproduce issues, and advise on realistic remediation.

• Support red team / adversarial simulation exercises where appropriate.

Cyber Essentials and Cyber Essentials Plus:

• Conduct Cyber Essentials readiness reviews, gap assessments, and remediation guidance.

• Lead Cyber Essentials Plus technical audits, including sampling, evidence review, and on-site/remote verification.

• Help clients interpret requirements and maintain compliance across re-certification cycles.

• Ensure assessments are completed to scheme standards and timelines.

Reporting and Client Engagement:

• Produce clear, high-quality technical reports with actionable remediation advice.

• Present findings to technical and non-technical stakeholders.

• Provide pragmatic risk prioritisation and security improvement roadmaps.

• Contribute to scoping calls, statements of work, and test planning.

Continuous Improvement:

• Maintain current knowledge of security threats, tooling, and testing methodologies.

• Contribute to internal playbooks, checklists, and training materials.

• Support junior consultants through mentoring and peer review.

Proven experience delivering penetration tests in commercial or consultancy settings.

• Strong understanding of OWASP Top 10 / ASVS, common exploitation techniques and mitigations, network protocols, Active Directory, and Windows/Linux environments, and cloud security fundamentals.

• Hands-on ability with common tools such as Burp Suite, Nmap, Metasploit, Nessus/Qualys, Wireshark, BloodHound, etc.

• Confident communicator with excellent report-writing skills.

• Solid grasp of compliance-driven security testing (esp. Cyber Essentials/CE+).

• Full UK Driving Licence.

Desirable Skills and Certifications:

• CREST CRT/CCRT/CCT or CHECK Team Member.

• OSCP / OSWE / OSEP / GPEN / eCPPT / similar.

• Experience with secure code review, SAST/DAST pipelines, or DevSecOps.

• Familiarity with ISO 27001 or wider GRC frameworks.

Competitive salary and annual performance bonus.

• Training budget and certification support.

• Clear progression path into Senior/Lead Consultant roles.

• Flexible working and wellbeing support.

• Exposure to varied, interesting client environments and modern tech stacks.

• Collaborative team culture focused on quality and continuous learning.