Junior Security Testing Consultant

Our client is a large UK cyber and digital organisation delivering security testing services into Government, Defence, and Financial Services environments. They operate as part of a wider cyber capability that includes threat intelligence and incident response, working in regulated and high-assurance settings.

This is a junior, hands-on delivery role focused on real security testing work. You will be involved in live security testing engagements from day one, working under experienced testers, with clear progression into more advanced objective-based and intelligence-led testing as your capability develops.

What you'll be doing

Supporting the delivery of end-to-end security testing engagements, including scoping support and client wash-up sessions.

Conducting hands-on security testing across:

• Web applications
• Mobile applications
• Infrastructure and networks
• Objective-based and intelligence-led tests

Producing clear, accurate written reports and contributing to presentations for both technical and non-technical stakeholders.

Using testing tools and techniques safely and responsibly in sensitive client environments.

Working to defined testing methodologies, processes, and controls.

Learning and applying new tools, scripts, and techniques under the guidance of senior testers.

Collaborating with colleagues across security testing, threat intelligence, and incident response teams.

This is a junior role in terms of seniority, not capability. You must already be hands-on and able to contribute to live engagements.

Essential

• CREST certification or equivalent CHECK-aligned capability
• Proven hands-on experience delivering security testing activities
• Experience testing real systems rather than lab-only environments
• Understanding of how to operate safely in regulated or restricted environments
• Ability to communicate findings clearly in written reports
• Strong interest in offensive security and technical development
• Active SC clearance, UK Eyes Only
• Eligibility for DV clearance is a strong advantage

Nice to have

• Experience working with Government, Defence, or Financial Services clients
• Scripting or programming experience, for example Python, C or C++
• Exposure to application testing, infrastructure testing, or vulnerability research
• Interest in adversary emulation or emerging attack techniques

You will gain structured exposure to real-world, mission-critical systems, supported by experienced security testers and established delivery processes. The role offers clear progression into senior security testing and red team roles, strong technical mentoring, and experience that carries weight in the UK cyber market. It suits someone who wants to build long-term credibility through disciplined, hands-on delivery rather than short-term experimentation.