Penetration Tester

Kashfox Ltd
Birmingham, United Kingdom
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 88K

Job location

Remote
Birmingham, United Kingdom

Tech stack

API
Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Cloud Computing
Cloud Computing Security
Cloud Engineering
Computer Security
Computer Networks
Infrastructure as a Service (IaaS)
Network Security
Network Architecture
Citrix Systems
Platform as a Service (PAAS)
Comptia Pentest+ CE
vSphere
Web Applications
Load Balancing
GWAPT
Operational Systems
ISO/IEC 27002
Vulnerability Analysis

Job description

We are seeking an experienced Penetration Tester to join our cybersecurity team. The successful candidate will be responsible for assessing the security posture of our clients network infrastructure, applications, and systems by conducting authorised simulated cyberattacks. This role requires a deep understanding of computer networking, information security, and various operating systems, with the aim of identifying vulnerabilities before malicious actors can exploit them. The ideal applicant will possess a strong background in network security, incident response, and compliance with standards such as NIST and ISO 27002. This paid position offers an opportunity to contribute to safeguarding critical infrastructure within a different organisations operating across diverse technological environments including cloud computing and virtualisation., * Conduct internal and external network penetration tests

  • Perform web application and API security testing
  • Execute cloud security assessments across AWS and Azure environments
  • Deliver authenticated and unauthenticated vulnerability assessments
  • Perform wireless and configuration security testing
  • Perform Physical security assessments
  • Produce structured, client-ready technical reports with risk ratings and remediation guidance
  • Present findings to technical and non-technical stakeholders
  • Align testing methodology with industry standards and regulatory expectations
  • Maintain up-to-date knowledge of emerging cybersecurity threats related to IoT devices, cloud architecture (IaaS/PaaS), load balancing solutions, and containerisation technologies like VMware vSphere or Citrix.

Required Certifications

Candidates must hold at least one active CREST certification:

  • CREST Registered Penetration Tester
  • CREST Certified Infrastructure Tester
  • CREST Certified Web Application Tester

In addition, a desired candidate should hold one or more of the following:

  • EC-Council Certified Ethical Hacker
  • Offensive Security Certified Professional
  • GIAC GPEN or GWAPT
  • CompTIA PenTest+

What We Expect

  • Independent delivery with minimal supervision
  • High-quality reporting suitable for board-level review
  • Ethical conduct and strict adherence to testing scope
  • Strong communication skills

This role suits a seasoned penetration tester who wants flexible, project-based work with a growing cybersecurity consultancy serving international clients.

A suitable candidate should be comfortable with travelling for work Within EU and Africa

Cyberkashfox Limited is a cybersecurity and data protection consultancy delivering vulnerability monitoring, compliance audits, and managed security services to organisations across the UK, US, and Africa.

Requirements

Do you have experience in vSphere?, * CREST Registered Penetration Tester (CRT) (preferred)

  • Offensive Security Certified Professional (OSCP), (preferred)
  • GIAC GIAC Penetration Tester (GPEN) (preferred)

Apply for this position