External Attack Surface Cyber Engineer
Role details
Job location
Tech stack
Requirements
- Web application and external infrastructure penetration testing
- Asset discovery and large-scale enumeration
- DNS, networking, and internet infrastructure
- OSINT and cyber threat intelligence (CTI)
- Python (or similar scripting) for automation and data handling
We'd love to speak if...
Give you a company name, domain, or IP address and you'll naturally start building a structured reconnaissance plan.
You enjoy discovering unknown assets, investigating infrastructure, validating findings, and understanding how an attacker would approach a target. Dark web research, OSINT, CTI, and investigative work genuinely interest you.
You're comfortable working through ambiguity, separating signal from noise, and prioritising real risk over theoretical issues.
You'll also be confident communicating with technical stakeholders, explaining not just what you've found, but why it matters.
Because this is a continuous external attack surface management service, experience automating workflows, parsing data, and building tooling in Python or similar scripting languages would be highly beneficial.
Benefits & conditions
External Attack Surface Cyber Engineer - Remote (UK) | £45,000-£60,000 + Excellent Development Opportunities
I'm recruiting for a genuinely different opportunity for an attack-minded cyber security professional who enjoys thinking like an attacker just as much as being one.
This is a remote-first role open to UK-based candidates with full, unrestricted UK right to work. Some fully expensed office time will be required during onboarding and for occasional team collaboration.
Is this you?
Perhaps you're currently working in penetration testing or offensive security consulting but find yourself enjoying the reconnaissance, planning, and investigative side of an engagement more than the exploitation itself.
Or maybe you're a technically strong cyber professional who loves answering questions like:
- What does this organisation's external attack surface really look like?
- Where are the most likely attack paths?
- What should be prioritised before an attacker finds it first?
If that sounds familiar, this role could be an excellent fit.
What you'll be doing
You'll help organisations continuously understand and reduce their external attack surface through structured reconnaissance, asset discovery, technical investigation, and risk-driven analysis.
Rather than delivering one-off penetration tests, you'll be helping clients answer the bigger questions-identifying exposed assets, uncovering potential attack paths, validating findings, and prioritising what genuinely matters.
You'll combine technical expertise with client-facing communication to explain your methodology, findings, assumptions, and recommendations clearly.
What the business offers
- Remote-first working
- Excellent technical and personal development
- Freedom to research, innovate, and shape the service offering
- A highly skilled, collaborative team that genuinely enjoys solving difficult problems