Pen Tester

Role Title: Pen Tester
Location: Reading (Hybrid - 3 days on-site per week)
Day Rate: £425 Inside IR35
Contract Duration: 6 months

We are looking for a Security Consultant/Senior Security Consultant with expertise in penetration testing. You will perform penetration testing across Internet, Intranet, wireless, web applications, social engineering, and physical environments. In addition, you will analyse results in-depth and produce reports detailing findings, exploitation procedures, risks, and recommendations.

• Lead engagements from kickoff with clients through scoping, penetration testing, and reporting while adhering to scope and deadlines.
• Perform penetration testing across network, web application, APIs, cloud security, thick client applications, wireless, social engineering, and physical security.
• Execute penetration testing projects using established methodology, tools, and rules of engagement.
• Conduct red team assessments to identify gaps affecting organisational security posture.
• Identify and exploit security vulnerabilities across a variety of systems.
• Analyse penetration testing results and produce comprehensive reports with findings, risks, and recommendations.
• Communicate complex technical security concepts to both technical and non-technical audiences, including executives.
• Perform technical quality reviews and conduct client-facing technical discussions.
• Demonstrate proficiency with OWASP Top 10 and SANS Top 25 vulnerabilities, effectively communicating methodologies with development teams.
• Utilise tools such as BurpSuite, Nessus, Nmap, Kali Linux, and other vulnerability assessment platforms.

• Proficiency with penetration testing tools: Cobalt Strike, Caldera, Atomic Red Team, Pentera, Nessus, Burp, OSINT, etc.
• Strong understanding of software testing methodologies and techniques.
• Experience with manual and automated testing tools.
• Excellent problem-solving and debugging skills.
• Ability to write clear and concise test plans and reports.
• Strong communication and collaboration skills.
• Familiarity with the software development life cycle.
• Proven ability to deliver high-quality security solutions.

• Bachelor's degree in Computer Science, Cybersecurity, or related field; Master's preferred.
• 8+ years of experience in information security with focus on technical cybersecurity.
• Minimum 5 years' experience in network/cloud security environments.
• Relevant certifications such as CISSP, CCSP, OSCP, SANS, or equivalent.
• Certification in one or more cloud vendor offerings (AWS, GCP, Azure, OCI).

• Ready to take you on your next challenging cybersecurity role.
• Work with cutting-edge penetration testing tools and methodologies.
• Contribute to securing critical systems while advancing your technical expertise.