Penetration Tester Contract Jobs in London
Android Engineer
Posted 3 days ago by TXP
We are looking for a Senior Android Developer with active SC clearance or eligibility to create high-quality native mobi...
- Rate £510 per day
- Category Undetermined
- Work type Undetermined
- Location London; City of London; East London; Central London; South East London; West London; Canary Wharf; South West London; North London; Greenwich; Stratford
Stay Updated on Contract Jobs
Never miss another opportunity with our email alerts.
Save your searches to be notified as soon as new jobs are added.
Senior AI Engineer - Image Generation Diffusion
Posted 5 days ago by TechNET IT Recruitment Ltd
The Senior AI Engineer role focuses on supporting a major AI transformation program in the online fashion retail sector,...
- Rate Negotiable
- Category Outside
- Work type Hybrid
- Location London Area, United Kingdom
Sort By
Saved Searches
No saved searches yet
Filters
IR35 Status
Working Arrangements
Industry
Sector
Posted By
Country
Seniority Level
Date Posted
Contract Rate
About Our Penetration Tester Contract Roles in London
What does a penetration tester contractor do?
The Penetration Tester contractor role centres on the ability to conduct authorised simulated attacks against an organisation's systems, networks, applications, and people in order to identify security vulnerabilities before malicious actors can exploit them. The work is methodical and technically demanding, requiring the contractor to think and operate like a sophisticated attacker while remaining within the rules of engagement and documenting all findings with the rigour needed to support remediation. Penetration testing contracts span a range of scopes: infrastructure tests targeting internal or external network infrastructure, web application tests against specific applications and APIs, mobile application tests on iOS and Android, social engineering and phishing simulations, and full red team exercises that simulate an advanced persistent threat across a complete attack chain.
Penetration Tester contractors are expected to have deep technical knowledge of offensive security techniques across the relevant domains. Web application penetration testing requires expert-level familiarity with the OWASP Testing Guide, Burp Suite Professional for intercepting and manipulating web traffic, and the ability to manually identify and verify complex vulnerabilities including business logic flaws that automated scanners miss. Network penetration testing requires knowledge of Active Directory attack techniques including Kerberoasting and Pass-the-Hash, post-exploitation and lateral movement methodology, and tools including Nmap, Metasploit, and Bloodhound. Red team contractors need experience with command and control frameworks such as Cobalt Strike or Havoc, custom implant development, and the operational security practices needed to simulate advanced adversaries convincingly. CREST CRT or CREST CCT, OSCP, and CHECK Team Leader credentials are the recognised benchmarks in the UK market and are frequently required by financial services and government clients.
What is the market like for penetration tester contractors?
Penetration Tester contracting is one of the most consistently in-demand and well-paying specialisms within the cybersecurity contractor market. Regulatory requirements for regular penetration testing across financial services, healthcare, critical national infrastructure, and e-commerce ensure a structural floor of demand, and the growing recognition that compliance-driven testing should be supplemented by more sophisticated red team assessments is expanding the market upwards. CREST-certified testers with CHECK approval are in particularly strong demand across government and financial services, where these credentials are required for sensitive system testing. Supply of genuinely skilled penetration testers is limited by the depth of knowledge required and the length of time needed to develop that expertise, maintaining strong rates across the discipline.
What is the contracting market like in London?
London dominates the UK contractor market by volume, depth, and rate levels. The capital concentrates the headquarters and major offices of most FTSE 100 companies, the largest global banks, the Big Four professional services firms, and the central government departments that collectively generate the majority of UK contract demand. Every contracting discipline covered on this site has active demand in London, from niche specialisms like threat intelligence and LLM engineering through to high-volume disciplines like project management and business analysis. The sheer density of employers means contractors in London typically have more choice of engagement at any given time than anywhere else in the UK. Day rates carry a premium of 15 to 25 per cent over the national average across most disciplines, reflecting both the concentration of complex, high-value programmes and the cost of operating in the capital.
How much do penetration tester contractors usually earn in London?
Contract rates for penetration tester roles in London typically range from £550 to £990 per day, depending on the scope of the role, required expertise, and the delivery expectations of the engagement.
How many penetration tester vacancies in London are there on Quality Contracts?
Over the past twelve months, we have tracked over 150 penetration tester contract roles across the site, with London accounting for roughly one in three of those. Data reviewed up to June 2026.