Cyber Security Consultant

£30,000 £45,000 per annum

Melton Mowbray

We re a growing MSP based in Melton Mowbray, helping organisations of all sizes strengthen their security posture and achieve recognised certifications. We re looking for a skilled Cyber Security Consultant specialising in Penetration Testing to deliver high-quality security testing and assurance across a diverse client base. You ll lead and support security assessments including network, web application, mobile, cloud, wireless, and internal infrastructure testing, alongside Cyber Essentials and Cyber Essentials Plus (CE/CE+) assessments.

This role suits someone who enjoys hands-on technical work, clear reporting, and helping clients improve their security posture in practical, measurable ways. This is primarily an office-based role that will require occasional travel to client sites.

Penetration Testing and Security Assessments:

• Deliver CREST-aligned penetration tests across external and internal networks, web applications and APIs, mobile applications (iOS/Android), and Cloud environments (Azure, AWS, GCP).
• Wireless networks and remote working setups.
• Security configuration and segmentation reviews.
• Perform vulnerability assessments and risk-based testing using industry best practices.
• Validate findings, reproduce issues, and advise on realistic remediation.
• Support red team / adversarial simulation exercises where appropriate.

Cyber Essentials and Cyber Essentials Plus:

• Conduct Cyber Essentials readiness reviews, gap assessments, and remediation guidance.
• Lead Cyber Essentials Plus technical audits, including sampling, evidence review, and on-site/remote verification.
• Help clients interpret requirements and maintain compliance across re-certification cycles.
• Ensure assessments are completed to scheme standards and timelines.

Reporting and Client Engagement:

• Produce clear, high-quality technical reports with actionable remediation advice.
• Present findings to technical and non-technical stakeholders.
• Provide pragmatic risk prioritisation and security improvement roadmaps.
• Contribute to scoping calls, statements of work, and test planning.

Continuous Improvement:

• Maintain current knowledge of security threats, tooling, and testing methodologies.
• Contribute to internal playbooks, checklists, and training materials.
• Support junior consultants through mentoring and peer review.

Essential Skills and Experience:

• Proven experience delivering penetration tests in commercial or consultancy settings.
• Strong understanding of OWASP Top 10 / ASVS, common exploitation techniques and mitigations, network protocols, Active Directory, and Windows/Linux environments, and cloud security fundamentals.
• Hands‑on ability with common tools such as Burp Suite, Nmap, Metasploit, Nessus/Qualys, Wireshark, BloodHound, etc.
• Confident communicator with excellent report‑writing skills.
• Solid grasp of compliance‑driven security testing (esp. Cyber Essentials/CE+).
• Full UK Driving Licence.

Desirable Skills and Certifications:

• CREST CRT/CCRT/CCT or CHECK Team Member.
• OSCP / OSWE / OSEP / GPEN / eCPPT / similar.
• Experience with secure code review, SAST/DAST pipelines, or DevSecOps.
• Familiarity with ISO 27001 or wider GRC frameworks.

What We Offer:

• Competitive salary and annual performance bonus.
• Training budget and certification support.
• Clear progression path into Senior/Lead Consultant roles.
• Flexible working and wellbeing support.
• Exposure to varied, interesting client environments and modern tech stacks.
• Collaborative team culture focused on quality and continuous learning.