External Attack Surface Cyber Engineer

Circle Group Ltd
Charing Cross, United Kingdom
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 60K

Job location

Charing Cross, United Kingdom

Tech stack

Software System Penetration Testing
Computer Telephony Integration
DNS
IP Addressing
Python
Network Architecture
Open Source Intelligence
Web Applications
Data Processing
Scripting (Bash/Python/Go/Ruby)

Requirements

  • Web application and external infrastructure penetration testing
  • Asset discovery and large-scale enumeration
  • DNS, networking, and internet infrastructure
  • OSINT and cyber threat intelligence (CTI)
  • Python (or similar scripting) for automation and data handling

We'd love to speak if...

Give you a company name, domain, or IP address and you'll naturally start building a structured reconnaissance plan.

You enjoy discovering unknown assets, investigating infrastructure, validating findings, and understanding how an attacker would approach a target. Dark web research, OSINT, CTI, and investigative work genuinely interest you.

You're comfortable working through ambiguity, separating signal from noise, and prioritising real risk over theoretical issues.

You'll also be confident communicating with technical stakeholders, explaining not just what you've found, but why it matters.

Because this is a continuous external attack surface management service, experience automating workflows, parsing data, and building tooling in Python or similar scripting languages would be highly beneficial.

Benefits & conditions

External Attack Surface Cyber Engineer - Remote (UK) | £45,000-£60,000 + Excellent Development Opportunities

I'm recruiting for a genuinely different opportunity for an attack-minded cyber security professional who enjoys thinking like an attacker just as much as being one.

This is a remote-first role open to UK-based candidates with full, unrestricted UK right to work. Some fully expensed office time will be required during onboarding and for occasional team collaboration.

Is this you?

Perhaps you're currently working in penetration testing or offensive security consulting but find yourself enjoying the reconnaissance, planning, and investigative side of an engagement more than the exploitation itself.

Or maybe you're a technically strong cyber professional who loves answering questions like:

  • What does this organisation's external attack surface really look like?
  • Where are the most likely attack paths?
  • What should be prioritised before an attacker finds it first?

If that sounds familiar, this role could be an excellent fit.

What you'll be doing

You'll help organisations continuously understand and reduce their external attack surface through structured reconnaissance, asset discovery, technical investigation, and risk-driven analysis.

Rather than delivering one-off penetration tests, you'll be helping clients answer the bigger questions-identifying exposed assets, uncovering potential attack paths, validating findings, and prioritising what genuinely matters.

You'll combine technical expertise with client-facing communication to explain your methodology, findings, assumptions, and recommendations clearly.

What the business offers

  • Remote-first working
  • Excellent technical and personal development
  • Freedom to research, innovate, and shape the service offering
  • A highly skilled, collaborative team that genuinely enjoys solving difficult problems

Apply for this position