Penetration Tester

Lawrence Harvey
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Intermediate
Compensation
£ 100K

Job location

Remote

Tech stack

Java
Microsoft Windows
API
iOS
Apple Mac Systems
Software System Penetration Testing
User Authentication
Burp Suite
C Sharp (Programming Language)
C++
Linux
Perl
Mobile Application Software
Python
Kali Linux
Network Protocols
Open Web Application Security
Ruby
Reverse Engineering
Scripting (Bash/Python/Go/Ruby)
Data Storage Technologies
GWAPT
Metasploit
Nessus
Operational Systems
Workday
Mobile Data
Programming Languages

Job description

A rapidly growing leader in proactive cybersecurity services is expanding its consulting team and seeking a Security Consultant with a strong background in mobile application penetration testing. This role is ideal for a hands-on penetration tester who enjoys uncovering complex vulnerabilities and delivering meaningful security improvements for enterprise clients., You will work alongside experienced security professionals, leveraging advanced tooling, automation, and research-driven methodologies to perform deep technical testing across mobile applications and APIs. The focus of this role is on producing high-quality, actionable findings that help organizations strengthen their security posture., * Perform penetration testing engagements on mobile applications (iOS and Android) and associated APIs

  • Identify weaknesses related to data storage, network communications, authentication, and cryptography
  • Analyze mobile application behaviour, sandboxing, and OS-level security controls
  • Produce clear, well-structured penetration testing reports aligned with client-specific standards and workflows
  • Collaborate with internal teams and clients to explain findings and recommend remediation strategies
  • Research and develop new tools, techniques, and testing methodologies to improve assessment quality
  • Support consulting operations through documentation, reporting, and engagement-related administrative tasks

Requirements

  • 2-3+ years of experience conducting application or mobile penetration testing
  • Hands-on experience with offensive security tools such as:
  • Kali Linux, Burp Suite, Metasploit, Nessus
  • Mobile-focused tools including Frida, Drozer, Objection, and Ghidra
  • Solid understanding of mobile data security, encryption, and secure communications
  • Strong working knowledge of Android and iOS operating systems
  • Familiarity with common offensive and defensive security concepts and network protocols
  • Deep understanding of the OWASP Top 10 and relevant security frameworks
  • Working knowledge of Windows, Linux, and macOS internals
  • Ability to work independently while collaborating effectively within a team
  • Strong written and verbal communication skills
  • Willingness to travel up to 5-10%
  • Ability to support an 8-hour workday, with occasional evenings or weekends as required by project timelines

Preferred Experience

  • Mentoring or coaching junior team members
  • Sharing security knowledge through blogs, webinars, or conference presentations
  • Experience with Scripting or programming languages such as Python, Ruby, Perl, Java, C/C++, or C#
  • Industry-recognized offensive security certifications (eg, OSCP, GPEN, GXPN, GWAPT, CISSP)
  • Experience with ARM reverse engineering
  • Development of Frida scripts or tools to bypass protections or exploit mobile application vulnerabilities

Apply for this position