People jobs in United Kingdom

Pentest People is a UK-based security consultancy specialising in providing Penetration Testing as a Service to all its clients. Our innovative approach to security testing merges the benefits of consultant-led penetration testing with ongoing vulnerability assurance through our advanced SecurePortal. This provides clients with a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment.

As CHECK Team Leader, you will lead and oversee penetration testing engagements for government and critical infrastructure clients, ensuring compliance with NCSC methodologies while delivering exceptional technical and strategic value. This role is suitable for an existing CHECK Team Leader (App) seeking a new challenge and the opportunity to work on exciting projects. You must hold a valid CSTL App or CCT App certification, a valid security clearance (SC or DV) and a UK Cyber Security Council title of either Principal or Chartered in Security Testing.

• Lead complex penetration testing engagements across the application security testing domain, ensuring adherence to NCSC CHECK methodologies. You will personally conduct advanced security assessments when required, demonstrating expertise in web application security, being familiar with modern technology stacks, API, desktop applications and the ability to understand coding languages would be an added advantage.
• Maintain final accountability for all technical deliverables, conducting rigorous quality assurance reviews of vulnerability findings, exploitation techniques, and remediation recommendations. Your technical oversight ensures that all testing remains within agreed rules of engagement while maximising value through comprehensive security coverage. You will stay current with emerging threats, zero-day vulnerabilities, and advanced persistent threat techniques, incorporating cutting-edge attack methodologies into team capabilities.
• Contribute to the success and growth of our high-performing penetration testing team through mentorship, technical training, and career development support. You will conduct performance reviews, identify skill gaps, and create targeted development plans that advance both individual capabilities and team effectiveness. Foster a culture of knowledge sharing through internal training sessions, technical workshops, and collaborative problem-solving.
• Serve as the primary technical interface with client stakeholders, translating complex security vulnerabilities into business risk language that resonates with C-level executives and board members. You will lead scoping meetings to understand client objectives, regulatory requirements, and risk tolerance, developing tailored testing approaches that address specific organisational needs.
• Manage sensitive client communications during active testing phases, providing regular status updates and immediate notification of critical findings.
• Build long-term strategic partnerships through exceptional service delivery, thought leadership, and proactive security guidance.
• Ensure all penetration testing activities comply with NCSC CHECK scheme requirements, maintaining meticulous documentation and audit trails. You will implement and maintain quality management processes aligned with ISO 9001 and ISO 27001 standards, driving continuous improvement in service delivery and client satisfaction.
• Review and approve penetration testing reports, ensuring technical accuracy, comprehensive coverage, and actionable remediation guidance. Your attention to detail ensures that findings are properly risk-rated using CVSS scoring while considering the specific business context and threat landscape. Maintain professional indemnity insurance compliance and ensure all testing activities remain within legal boundaries.
• Support pre-sales activities through technical expertise and client presentations, contributing to proposal development and service scoping. You will participate in client pitches, demonstrating technical capabilities and articulating value propositions that differentiate our services in a competitive market.
• Identify opportunities for service expansion and new offering development based on emerging threats and market demands. Contribute to thought leadership through blog posts, white papers, and conference presentations that establish organisational authority in specialised security domains. Build strategic relationships with industry partners, professional associations, and government stakeholders to enhance market positioning.

• Current CREST CCT Application (CCT APP) OR The Cyber Scheme CSTL Application certification.
• Professional title at a minimum level of Principal Cyber Security Professional (PriCSP) in the Security Testing specialism.
• Valid security clearance at a minimum level of SC, DV is preferred
• Thorough understanding of the requirements outlined by the CHECK Scheme
• Minimum 3 years of hands-on penetration testing experience, including on-site work.
• Proven track record leading security assessments as part of a larger team
• Experience working with government, defence, or critical infrastructure sectors
• Demonstrated ability to scope, plan, and deliver complex multi-phase security assessments
• Exceptional written communication for technical reporting and executive summaries. Strong verbal presentation skills for client meetings and board-level briefings. Ability to explain complex technical concepts to non-technical audiences while maintaining accuracy and relevance.
• High-level reporting standards, in both authoring and providing detailed quality feedback to colleagues
• As part of the senior team, you will be required to assist in developing and mentoring colleagues and trainee team members, which includes 1 on 1 sessions, group presentations and the creation and delivery of internal bootcamps.

• Capability to perform penetration testing of API, Mobile (Android & iOS), Desktop/Thick Client Apps
• Understanding or practical experience of Code reviews, including CI/CD pipelines.

While this role is advertised as remote, it will require occasional visits to client sites and the office as needed. Candidates must be based in the UK and have the right to work, as we are unable to provide sponsorship at this time.

We understand that job descriptions offer only a glimpse of the role. For more details, please feel free to reach out or apply, and we will be happy to provide additional information. Pentest People is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.