Senior Penetration Tester

Senior Penetration Tester

Posted 5 days ago by SR2 | Socially Responsible Recruitment | Certified B Corporation™

Apply
£600 Per day
Outside
Hybrid
London, England, United Kingdom
Apply
Application Programming Interface (API) Burp Suite Cloud Computing Cloud Technology Common Vulnerability Scoring System (CVSS) Cyber Security Google Cloud Platform (GCP) Metasploit Microsoft Azure MITRE ATT&CK Framework Nmap Open Web Application Security Project (OWASP) Penetration Testing Secure Coding Software Coding Stakeholder Communications Stakeholder Management Web Applications

Summary: The Senior Penetration Tester role involves supporting a large-scale security assessment program for public sector and regulated clients within a cutting-edge Cyber Security Consultancy. The position requires expertise in identifying vulnerabilities and simulating real-world attacks across various environments, including web applications and cloud infrastructures. The role is fully remote with occasional hybrid working requirements and is classified as outside IR35. The contract is for six months with an immediate start date.

Key Responsibilities:

  • Conduct penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP).
  • Identify vulnerabilities and simulate real-world attacks.
  • Help harden complex systems against evolving threats.
  • Utilize tools such as Burp Suite, Nmap, Metasploit, Kali, and custom scripts.
  • Familiarize with MITRE ATT&CK, red teaming methodologies, and reporting best practices.

Key Skills:

  • Proven experience in penetration testing.
  • Strong understanding of OWASP Top 10, CVSS, and secure coding principles.
  • CHECK, CREST, OSCP, or CRTO certifications (highly desirable).
  • Experience working in or alongside UK Government or regulated sectors.
  • Strong reporting, documentation, and stakeholder communication skills.
  • Awareness of compliance frameworks (e.g., ISO27001 and NIST).

Salary (Rate): £600 daily

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: Senior

Industry: IT

Detailed Description From Employer:

Senior Penetration Tester
Penetration Testing / Web & Cloud Security / Red Team / Outside IR35 / Fully Remote / £600 pd / ASAP Start / 6 Months
SR2 have partnered with a cutting-edge Cyber Security Consultancy to recruit a Senior Penetration Tester to support a large-scale security assessment programme for public sector and regulated clients. You'll work across a range of environments, identifying vulnerabilities, simulating real-world attacks, and helping to harden complex systems against evolving threats.

Required Skills and Experience:
Proven experience conducting penetration testing across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP)
Strong understanding of OWASP Top 10 , CVSS, and secure coding principles
Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts
Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting best practices

Highly Desirable:
CHECK, CREST, OSCP, or CRTO certifications
Experience working in or alongside UK Government or regulated sectors
Strong reporting, documentation, and stakeholder communication skills
Awareness of compliance frameworks (e.g., ISO27001 and NIST)

Contract Details:
Outside IR35
Hybrid working - 2 Days per month (London or Cheltenham)
Must be UK based
6 Months
£600 per day
ASAP Start
1-stage interview process

If you’re a seasoned Penetration Tester looking for a new contract, click Apply to get started. Alternatively, directly send a recent copy of your CV to Ben Sheppard at ben.sheppard@sr2rec.co.uk for an immediate discussion.

Apply
Similar Jobs
Loading data...