Consultant Penetration Tester

Consultant - Offensive Security Testing

Role Overview:

We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including OT, IT, web applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial tactics, excellent communication skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture.

Responsibilities:

• Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach.
• Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current threat landscape knowledge and attacker TTPs.
• Develop and maintain detailed test plans and use cases informed by threat intelligence analysis.
• Identify and prioritize critical OT and IT assets based on potential threats and exposure.
• Plan and schedule testing engagements based on threat assessments and client needs.
• Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences.
• Communicate complex security concepts and threat insights effectively to technical and non-technical stakeholders.
• Collaborate with client IT and cybersecurity teams to improve security protocols and address vulnerabilities.
• Monitor remediation efforts and provide updates highlighting threat reduction.
• Conduct proactive security research and contribute to technical content on emerging threats and attack techniques.
• Enhance security monitoring by sharing offensive insights to improve detection and response.
• Drive patching efforts for vulnerabilities based on threat intelligence and exploitation potential.

Skills and Qualifications:

• At least 5 years of professional penetration testing experience with a focus on adversarial tactics and threat intelligence.
• Understanding of OT and IT assets, technologies, and security best practices within the current threat landscape.
• Deep knowledge of network protocols, cryptography, vulnerabilities, and attack vectors used by sophisticated threat actors.
• Proficiency with a range of penetration testing tools and methodologies, especially those related to threat analysis.
• Experience in planning and executing complex, threat-driven penetration tests.
• Excellent communication skills for articulating technical findings and threat insights clearly.
• Strong organizational skills to manage multiple engagements effectively.
• Current CREST CRT certification or higher is required.
• Eligibility for SC Clearance is required.

Desirable Skills:

• Experience with Breach Attack Simulation tools and threat-informed vulnerability management.
• Knowledge of Risk Management frameworks and their integration with threat intelligence.
• Hands-on experience with cloud security reviews (AWS, Azure, GCP) considering cloud-specific threats.
• Familiarity with ISO 27001 audits and threat-informed compliance practices.
• Additional certifications such as CISM, CISSP, ECSA, CREST CCT are advantageous.

We’re a global business empowering local teams with exciting work that makes a difference. Our portfolio spans consulting, applications, cloud, and infrastructure services, enabling you to collaborate with talented colleagues and clients on innovative projects.

Our inclusive environment promotes mutual respect, accountability, and continuous learning, fostering diversity, collaboration, and innovation. We also support various Inclusion Networks such as Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network, and Parent Network.

For more on our Diversity, Equity, and Inclusion initiatives, visit: Creating Inclusion Together at NTT DATA UK | NTT DATA

We provide tailored benefits supporting your physical, emotional, and financial wellbeing. Our Learning and Development programs ensure ongoing growth, and flexible work options are available.

Learn more about us at: https://uk.nttdata.com/

We are committed to diversity and inclusion. As a Disability Confident Employer, we guarantee an interview for applicants with disabilities who meet the role requirements and offer reasonable adjustments during recruitment. Join us in building a diverse, empowered team.