Pentest People is a UK-based security consultancy specialising in providing Penetration Testing as a Service to all its clients. Our innovative approach to security testing merges the benefits of consultant-led penetration testing with ongoing vulnerability assurance through our advanced SecurePortal. This provides clients with a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment.

As a Penetration Tester specialising in Infrastructure testing, you will conduct thorough and formal penetration testing assessments, delivering detailed written reports that meet industry standards and deadlines. You will also assist with pre-engagement activities such as scoping projects and drafting proposals. Additionally, you will research vulnerabilities in infrastructure and applications, adhere to responsible disclosure practices, and share your findings with the team.

We would prefer CTM equivalents but relevant experience will be considered.

Key responsibilities include:

• Conduct formal and comprehensive infrastructure and, where necessary, other penetration testing assessments.
• Deliver clear, well-structured technical and non-technical reports in English.
• Perform vulnerability assessments and provide detailed findings along with recommended remediation actions.
• Assist with client pre-engagement tasks, including scoping activities and drafting proposals.
• Manage and execute penetration testing projects, ensuring completion within tight deadlines.
• Collaborate with the team to research infrastructure and related components, identifying new vulnerabilities and adhering to responsible disclosure practices.
• Provide guidance and mentorship to Graduate and Junior Penetration Testers, as appropriate.

About you:

• Demonstrated experience in infrastructure penetration testing, along with expertise in various other types of assessments.
• In-depth knowledge of both Windows and Linux environments, with a strong understanding of Active Directory and wireless technologies.
• Comprehensive understanding of multiple Operating Systems and network principles.
• Familiarity with assessing cloud and hybrid environments, particularly AWS and Azure.
• Knowledge of modern solution architecture and deployment across diverse platforms.
• Proficiency in programming or scripting in your preferred language.
• Relevant security certifications (e.g., OSCP, CREST CRT, OSEP, CCT INF, CTM).
• Solid understanding of virtualisation technologies.

While this role is advertised as remote, it will require occasional visits to client sites and the office as needed. Candidates must be based in the UK and have the right to work, as we are unable to provide sponsorship at this time.

Please send your resume and a cover letter to careers@pentestpeople.com

Job Type: Full-time

Benefits:

• Casual dress
• Company pension
• Cycle to work scheme
• Gym membership
• Health & wellbeing programme
• Work from home

Schedule:

• Monday to Friday

Experience:

• Penetration testing: 2 years (required)

Work authorisation:

• United Kingdom (required)

Work Location: Remote

Reference ID: PT - PP