Penetration Tester

Pentest People is a UK-based security consultancy specialising in providing Penetration Testing as a Service to all its clients. Our innovative approach to security testing merges the benefits of consultant-led penetration testing with ongoing vulnerability assurance through our advanced SecurePortal. This provides clients with a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment.

As a Penetration Tester specialising in Infrastructure testing or Web Apps, you will conduct thorough and formal penetration testing assessments, delivering detailed written reports that meet industry standards and deadlines. You will also assist with pre-engagement activities such as scoping projects and drafting proposals. Additionally, you will research vulnerabilities in infrastructure and applications, adhere to responsible disclosure practices, and share your findings with the team.

• Conduct formal and comprehensive pentests and, where necessary, other penetration testing assessments.
• Deliver clear, well-structured technical and non-technical reports in English.
• Perform vulnerability assessments and provide detailed findings along with recommended remediation actions.
• Assist with client pre-engagement tasks, including scoping activities and drafting proposals.
• Manage and execute penetration testing projects, ensuring completion within tight deadlines.
• Collaborate with the team to research infrastructure and related components, identifying new vulnerabilities and adhering to responsible disclosure practices.
• Provide guidance and mentorship to Graduate and Junior Penetration Testers, as appropriate.

• Demonstrated experience in penetration testing, along with expertise in various other types of assessments.
• In-depth knowledge of both Windows and Linux environments, with a strong understanding of Active Directory and wireless technologies.
• Comprehensive understanding of multiple Operating Systems and network principles.
• Familiarity with assessing cloud and hybrid environments, particularly AWS and Azure.
• Knowledge of modern solution architecture and deployment across diverse platforms.
• Proficiency in programming or scripting in your preferred language.
• Relevant security certifications (e.g., OSCP, CREST CRT, OSEP, CCT INF, CTM).
• Solid understanding of virtualisation technologies.

While this role is advertised as remote, it will require occasional visits to client sites and the office as needed. Candidates must be based in the UK and have the right to work, as we are unable to provide sponsorship at this time.

We understand that job descriptions offer only a glimpse of the role. For more details, please feel free to reach out or apply, and we will be happy to provide additional information. Pentest People is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.