Penetration Tester jobs in United Kingdom

ProCheckUp, an elite independent cybersecurity consultancy serving FTSE 100 corporations, UK government authorities, and international financial institutions, is seeking an experienced Penetration Tester with SC Clearance to join our expanding remote team. This is an exceptional opportunity to conduct high‑impact security assessments across diverse enterprise environments while maintaining work‑life balance through flexible remote working.

You’ll contribute to ProCheckUp’s ambitious expansion phase, working alongside industry‑leading security professionals on mission‑critical infrastructure, applications, and network security testing for the UK’s most security‑conscious organisations.

• Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients
• Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments
• Execute social engineering assessments and physical security testing
• Produce detailed scoping documents and executive‑level penetration testing reports aligned with CREST and NCSC standards
• Lead incident response investigations and digital forensic analysis when required
• Work independently on client‑facing assessments whilst collaborating with senior consultants and team leaders
• Maintain compliance with legal frameworks governing penetration testing and disclosure

• SCADA / OT environment security testing
• Cloud infrastructure penetration testing (AWS, Azure)
• Web services and API security
• Mobile application testing (iOS / Android)

• Minimum 3+ years professional penetration testing experience
• Demonstrable expertise in network, application, and infrastructure security testing
• Strong hands‑on proficiency with penetration testing frameworks, exploitation techniques, and security tools (Metasploit, Burp Suite, Wireshark, custom tools)
• Deep technical knowledge of Windows, Linux, Unix operating systems and TCP/IP networking protocols
• Proven ability to perform source code reviews and application security analysis
• Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies
• Excellent report writing and executive communication skills—ability to translate technical findings into business risk
• Ability to work autonomously and adapt to client‑specific environments
• Current SC Security Clearance (or SC‑eligible with security vetting background)

• CREST / CyberScheme CCTM / CSTM CCT / CSTL-INF or CCT / CSTL-APP (current)
• NCSC CHECK Team Leader (CTL) (current) or CHECK Team Member (CTM) (current) preferred but not essential
• CEH Advanced (AECH) or OSCP
• SANS GCIH, GPEN, or GWAPT
• EnCase Certified Examiner (EnCE)
• CWSP (Certified Wireless Security Professional)
• Published security research, CVE disclosures, or white papers
• Previous government, financial services, or critical infrastructure experience

• Curiosity and passion for emerging security threats and attack methodologies
• Drive to mentor junior consultants and contribute to technical innovation
• Professional demeanour with excellent client‑facing communication
• Attention to detail in all deliverables, particularly technical reports and evidence documentation

• ✓ Proven Track Record : 25+ years delivering security services to world‑leading organisations; holders of NCSC CHECK, CREST, PCI QSA, and PCI ASV accreditation's
• ✓ Prestigious Client Base : Work directly with FTSE 100 companies, UK government bodies, international law firms, and critical infrastructure operators
• ✓ Technical Leadership : Collaborate with industry experts who publish research, present at major conferences, and drive the cybersecurity industry forward
• ✓ Flexibility & Autonomy : Remote‑first working with complete location flexibility across the UK—work from home, co‑working spaces, or client sites as you prefer
• ✓ Career Progression : Clear advancement pathway from Consultant > Senior Consultant > Team Leader > Technical Director; investment in advanced certifications and professional development
• ✓ Competitive Remuneration : Market‑leading salary package (£65,000–£85,000+ depending on experience and certifications) plus comprehensive benefits
• ✓ Backing of a Stable, Well‑Funded Firm : Work for an independent, profitable, growth‑focused security consultancy—not a commodity testing mill
• ✓ Continuous Learning : Access to research funding, certification sponsorship, conference attendance, and exposure to cutting‑edge threat landscapes

This is a carefully selected search—we’re looking for genuine penetration testing professionals with the technical depth to advise enterprise clients, not script‑runner‑test shops.

• Submit your CV (including certifications, security clearance status, and estimated clearance renewal date)
• Write a brief covering letter (150–250 words) addressing
• Why ProCheckUp’s mission and client base appeal to you
• Your remote working setup and availability (notice period, start date)
• Email to : hr@procheckup.com
• Subject Line : "SC Cleared Pen Tester – Remote – [Your Name]"

• Screening call with HR (15 mins) : Verify background, clearance status, and role fit
• Technical interview with Senior Consultant (45 mins) : Deep‑dive on penetration testing methodology, recent case studies, and security trends
• Final interview with Hiring Manager / Technical Director (30 mins) : Culture fit, growth ambition, and team dynamics

| Position Type | Full‑Time, Permanent |

| Location | Remote, United Kingdom |

| Security Clearance | SC (Minimum) |

| Working Arrangements | Flexible remote; occasional travel for client engagements |

| Salary | £65,000–£95,000+ based on experience, certifications, and client‑facing impact |

| Benefits Package | Competitive pension, health insurance, professional development budget, |

| Notice Period | 2‑8 weeks preferred; negotiable for exceptional candidates |

Founded in 1999, ProCheckUp has evolved from a specialist penetration testing firm into a multi‑disciplinary cybersecurity consultancy trusted by the world’s most security‑conscious organisations. Our team of CHECK Team Leaders, CREST Certified Testers, and forensic specialists delivers:

• Penetration Testing & Security Audits : Infrastructure, application, and mobile assessments
• Compliance Advisory : PCI DSS, GDPR, ISO27001 implementations and certifications
• Incident Response & Forensics : 24 / 7 emergency response and digital evidence analysis
• Specialist Services : SCADA testing, social engineering, business continuity planning

Based in Portsmouth and operating across the UK and internationally, ProCheckUp punches above its weight against larger consulting firms by prioritizing technical excellence, transparent client relationships, and sustainable career development for our consultants.

ProCheckUp is an equal opportunities employer. We celebrate diversity and are committed to building an inclusive environment for all employees, regardless of gender, race, ethnicity, religion, disability, age, sexual orientation, or gender identity. We encourage applications from underrepresented groups in cybersecurity.

All successful candidates will be subject to UK security vetting procedures. Applicants must have resided in the UK for the last 5+ years to be eligible for SC clearance (or provide documented reasons for absence). Previous security clearance experience is valued but not essential.