Enable job alerts via email!

Lead Penetration Tester

JR United Kingdom

Slough

Hybrid

GBP 60,000 - 85,000

Full time

3 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading consultancy in the UK is seeking a Senior Consultant to Principal Consultant specializing in infrastructure penetration testing. This is a fantastic opportunity to work on mission-critical projects across defense and operational technologies, utilizing your skills to enhance security in complex environments. You will be part of a high-trust team focused on real-world impact and supported by a flexible hybrid working model.

Benefits

High-trust culture

Flexible hybrid model

Support for client needs with on-site flexibility

Tight-knit, high-performing team

Qualifications

4+ years of experience in penetration testing with a focus on infrastructure.
Strong expertise in Active Directory and privilege escalation.
Familiarity with operational technology and complex network environments.

Responsibilities

Deliver end-to-end infrastructure testing across sensitive environments.
Identify vulnerabilities with minimal documentation.
Communicate technical findings to stakeholders.

Skills

Penetration Testing

Active Directory Attacks

Lateral Movement

Privilege Escalation

Python Scripting

Operational Technology Networks

Communication Skills

Tools

CrackMapExec

BloodHound

PowerView

Social network you want to login/join with:

? Location: London preferred (Hybrid)

? Level: Senior Consultant to Principal Consultant (SC–PC)

Flexible hybrid model | High-trust culture | Mission-critical work

? The Opportunity

Join a high-impact consultancy at the forefront of innovation and digital transformation. You’ll be part of a specialist team delivering critical infrastructure penetration tests across some of the most sensitive environments in the UK — from defence and national security to critical infrastructure and operational technology.

This is not a web application role. We’re looking for an infrastructure-focused penetration tester with the technical confidence and consultancy mindset to work independently, lead engagements, and deliver real-world impact.

If you want to push beyond checklists and automated scans and into deep, hands-on testing — this is the place to do it.

? What You’ll Be Doing

Deliver end-to-end infrastructure and internal network testing (Active Directory, internal corporate networks, etc.)
Identify and exploit vulnerabilities across complex environments with minimal documentation
Communicate technical findings through clear written reports and debriefs to a range of stakeholders
Support sensitive clients operating in production environments — where mistakes matter
Contribute to tooling, methodologies, and continuous improvement of team capability
Engage with a technical and non-technical audience, acting as a trusted security advisor

? What You Bring

Core Skills:

4+ years of penetration testing experience (infrastructure/internal focus)
Strong hands-on expertise with Active Directory attacks, lateral movement, and privilege escalation
Experience navigating live and legacy production systems
Comfortable in Windows and Linux command-line environments
Python scripting or automation experience
Familiarity with OT (Operational Technology) networks
Experience with tools like CrackMapExec, BloodHound, PowerView, etc.

Certifications (a bonus, not a barrier):

OSCP
Lapsed certifications are fine if practical skills are strong
Tight-knit, high-performing team (2–3 people) with deep trust and autonomy
Remote-first culture (approx. 80% remote) with flexibility for client needs (up to 2 days per week on-site if required)
Fast-paced environment with complex technical challenges
Expect to hit the ground running – support is there, but this is a role for a self-starter

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Be an early applicant