Internal Penetration Tester - Hybrid in London - Inside IR35 - 6 months
Posted 4 days ago by Hamilton Barnes
£500 Per day
Inside
Hybrid
Hybrid in London, UK
Summary: We are seeking an experienced Internal Penetration Tester to join an international client in London for a hybrid role. The position involves conducting manual and automated security assessments to identify vulnerabilities and enhance security measures. The ideal candidate will have extensive experience in offensive security practices and will collaborate with various teams to ensure robust security outcomes. This role is critical in securing networks and applications in compliance-driven environments.
Key Responsibilities:
- Plan and execute penetration tests - perform manual and automated testing across applications, APIs, internal/external networks, cloud environments, and Active Directory.
- Identify, exploit, and validate vulnerabilities - uncover security flaws such as insecure authentication, authorization bypasses, misconfigurations, and privilege escalation paths.
- Simulate real-world attacks - use adversary techniques and offensive tools to test the resilience of networks, systems, and security controls.
- Develop detailed reports - produce both technical and executive-level documentation outlining findings, risk impact, and remediation steps.
Key Skills:
- Application security knowledge - strong grasp of OWASP Top 10 and API security issues.
- Hands-on pentesting experience - 3-7+ years in penetration testing, red teaming, or offensive security across networks, cloud, AD, and web apps.
- Offensive security tooling - expertise with Nmap, Nessus, Masscan, Burp Suite, Metasploit, Cobalt Strike, Mimikatz, SQLmap, ScoutSuite, Pacu, etc.
- Reporting expertise - ability to produce professional pentest reports with CVSS scoring and MITRE ATT&CK mapping for both technical and executive stakeholders.
Salary (Rate): £500 daily
City: London
Country: UK
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Internal Penetration Tester - Hybrid in London - Inside IR35 - 6 months
We are seeking an experienced Internal Pentester to join an international client secure their networks. This critical role, based in London (2-3 days per week), requires deep expertise in conducting manual and automated security assessments across networks, applications, cloud platforms, and infrastructure. You will identify and exploit vulnerabilities, simulate real-world attacks, and deliver actionable remediation guidance to strengthen defenses. As a trusted advisor on offensive security practices, reporting standards, and threat simulation, you will play a key role in enhancing collaboration with development, cloud, and infrastructure teams, while ensuring robust security outcomes in sensitive and compliance-driven environments.
Key Responsibilities:
- Plan and execute penetration tests - perform manual and automated testing across applications, APIs, internal/external networks, cloud environments, and Active Directory.
- Identify, exploit, and validate vulnerabilities - uncover security flaws such as insecure authentication, authorization bypasses, misconfigurations, and privilege escalation paths.
- Simulate real-world attacks - use adversary techniques and offensive tools to test the resilience of networks, systems, and security controls.
- Develop detailed reports - produce both technical and executive-level documentation outlining findings, risk impact, and remediation steps
What You Will Ideally Bring:
- Application security knowledge - strong grasp of OWASP Top 10 and API security issues.Contract Details:
- Hands-on pentesting experience - 3-7+ years in penetration testing, red teaming, or offensive security across networks, cloud, AD, and web apps.
- Offensive security tooling - expertise with Nmap, Nessus, Masscan, Burp Suite, Metasploit, Cobalt Strike, Mimikatz, SQLmap, ScoutSuite, Pacu, etc.
- Reporting expertise - ability to produce professional pentest reports with CVSS scoring and MITRE ATT&CK mapping for both technical and executive stakeholders.
Contract Details:
- Duration: 6 months (with view to extend)
- Day Rate: Up to £500 per day (Inside IR35)
- Location: London (3x a week)
- Start Date: ASAP
Internal Penetration Tester - Hybrid in London - Inside IR35 - 6 months