Senior Penetration Tester / Cybersecurity Red Team Lead(Certified: OSCP / OSCE / OSWE / CREST / CISSP)

Location: Remote (EU / UK / US Time Zones)

Contract Type: Full-Time or Long-Term Contract

Compensation: Competitive day rate or salary commensurate with expertise

About the Role

We’re seeking an elite, hands-on penetration tester to lead complex red-team and vulnerability-assessment engagements across cloud, web, infrastructure, and operational technology (OT/ICS) environments. You’ll work alongside battle-tested CTOs and cybersecurity engineers within Neurotic Ltd., a global technology house known for delivering high-impact results for energy, FMCG, and enterprise clients in the UK and US. This isn’t a checkbox-based “run the scanner” role, we’re looking for someone who thinks like an adversary, writes like a strategist, and mentors like a leader.

Key Responsibilities

• Lead and execute full-scope offensive security engagements (external, internal, web, cloud, and wireless).
• Design and run red-team simulations, purple-team exercises, and social-engineering scenarios.
• Build and maintain custom exploits, scripts, and tooling (Python, Go, PowerShell, Bash).
• Perform in-depth threat modeling, risk assessments, and adversary emulations.
• Deliver executive and technical reports with remediation roadmaps aligned to NIST, ISO 27001, SOC 2, and MITRE ATT&CK frameworks.
• Coordinate with defensive teams to improve detection and response capabilities.
• Mentor junior analysts, shape internal testing methodologies, and uphold the highest ethical standards.

Required Certifications & Credentials

We’re looking for a top-1% operator, ideally holding several of the following (or equivalent real-world mastery):

• Offensive Security: OSCP, OSCE, OSEP, OSWE, OSEE
• CREST: CRT, CCT INF / CCT APP
• SANS / GIAC: GPEN, GXPN, GAWN, GWAPT, GREM
• Cloud Security: AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer
• General Security: CISSP, CISM, CEH (Practical), CompTIA Pentest+
• Bonus: Red Team Operator (CRTO I/II), eLearnSecurity eCPTX/eWPTX, or experience in bug bounty programs (HackerOne, Synack, Bugcrowd)

Required Experience

• 8–12+ years of hands-on experience in penetration testing, exploit development, or adversary emulation.
• Strong knowledge of network protocols, operating systems (Windows/Linux), and cloud infrastructures.
• Deep understanding of offensive TTPs (techniques, tactics, and procedures).
• Proven track record leading engagements with enterprise or regulated clients (finance, energy, healthcare).
• Demonstrated ability to write clear, client-ready reports with both technical detail and board-level summaries.
• Experience working within SOC 2 / ISO 27001 environments.
• Familiarity with threat-intel integration, MITRE ATT&CK mapping, and detection-engineering collaboration.

Soft Skills

• Obsessive attention to detail and operational discipline.
• Strong communicator, able to brief both engineers and executives.
• Proactive, low-ego, high-ownership mindset.
• Comfortable operating in high-trust, autonomous environments.
• Passion for continuous learning and open-source contribution.

Nice to Have

• Experience with OT/ICS pentesting (energy, LNG, manufacturing environments).
• Experience integrating with SIEMs, SOAR, and EDR tools during engagements.
• Prior work in defense, government, or regulated financial environments.
• Contributions to open-source security tools or research publications.

Why Join Neurotic Ltd.

• Work directly with CTOs and CISOs from enterprise and fast-growth companies.
• Access to cutting-edge projects, from LNG infrastructure to AI-powered data platforms.
• Global remote culture with vetted experts across the UK, EU and US
• No bureaucracy, just exceptional people solving complex problems.