About the Company
We are seeking technically strong and strategically oriented offensive security professionals to support and lead hands-on security testing across a variety of environments. The role involves simulating realistic attack scenarios, identifying exploitable weaknesses, and outlining practical remediation steps that help organisations strengthen their overall security posture.
About the Role
Senior-level hires will be responsible for conducting in-depth assessments of infrastructure, applications, cloud platforms, and related technologies, while collaborating closely with clients to improve their defence capabilities against modern threats.
Responsibilities
* Plan and perform security testing across networks, applications (web/mobile), cloud services, APIs, and related technologies.
* Deliver assessments such as threat simulation, social engineering, and red/purple-team style exercises, including regulated or framework-driven testing where applicable.
* Translate technical findings into clear, actionable reports tailored for both technical teams and senior stakeholders.
* Provide strategic recommendations to support long-term remediation and resilience improvements.
* Work alongside colleagues in intelligence, incident response, and governance to deliver integrated security solutions.
* Build or refine tools, scripts, and proof-of-concepts that enhance testing capability and efficiency.
* Contribute to internal knowledge development, methodologies, and mentoring activities (level-dependent).
* Support pre-sales or scoping discussions where required (typically at Senior Consultant level).
Qualifications
* Degree in a relevant field (e.g., computer science, cybersecurity) or equivalent hands-on experience.
* Approximately 3+ years of practical penetration testing/offensive security experience (5+ years for managerial-level roles).
Required Skills
* Strong familiarity with common security testing tools (e.g., proxy tools, scanners, exploitation frameworks, reconnaissance and enumeration tools).
* Solid understanding of common attack techniques and threat models, including application, infrastructure, and cloud-based vectors.
* Proficiency in at least one scripting or programming language such as Python or PowerShell.
* Industry-recognised certifications in offensive security (e.g., OSCP, OSCE, CREST, GPEN, or similar).
Preferred Skills
* Experience assessing major cloud ecosystems or containerised environments.
* Ability to lead client discussions, present findings confidently, and manage complex or sensitive engagements.
* Aware of relevant security standards and regulatory frameworks.
* Strong written and verbal communication skills, especially in producing clear, concise, and business-focused reporting.
Pay range and compensation package
Day rate is negotiable