Are you an ambitious Cyber Security BDM or Account Executive looking to elevate your career and be rewarded by one of the best commission schemes offered. Join a CREST-accredited cyber security consultancy thats trusted by leading organisations to defend against todays most advanced threats. This is your chance to represent a brand built on credibility, innovation, and proven client success. Why Youll Love This Role: Growth with balance: Start by leading new business initiatives, then transition into a hybrid role where youll nurture long-term client relationships and manage key accounts. Rewards that reflect your impact: Earn from one of the most lucrative commission structures in the industry, uncapped & paid monthly designed to truly recognise top performance. A complete cybersecurity portfolio: Offer clients end-to-end solutions spanning penetration testing, offensive security, managed SOC, cloud security, and compliance, empowering you to sell with confidence and deliver real value. What Were Looking For Proven success in cyber security sales, ideally within penetration testing, managed SOC, threat intelligence or Cyber Essentials Strong experience in new business B2B sales The ability to engage senior stakeholders at UK SMEs and mid-market organisations A collaborative, driven mindset with exceptional organisational and communication skills Whats In It For You: The role offers a base salary of £40,000 with a realistic first-year £90k OTE Established team members typically earn £125k+ and top performers are exceeding this. Uncapped commission and a competitive benefits package Ongoing training, certifications, professional development and support A purpose-driven, inclusive culture where every voice matters The satisfaction of seeing your work directly strengthen clients security and success If youre ready to join a consultancy where your expertise is valued, your results are rewarded, and your growth is limitless, wed love to hear from you. JBRP1_UKTJ
05/12/2025
Full time
Are you an ambitious Cyber Security BDM or Account Executive looking to elevate your career and be rewarded by one of the best commission schemes offered. Join a CREST-accredited cyber security consultancy thats trusted by leading organisations to defend against todays most advanced threats. This is your chance to represent a brand built on credibility, innovation, and proven client success. Why Youll Love This Role: Growth with balance: Start by leading new business initiatives, then transition into a hybrid role where youll nurture long-term client relationships and manage key accounts. Rewards that reflect your impact: Earn from one of the most lucrative commission structures in the industry, uncapped & paid monthly designed to truly recognise top performance. A complete cybersecurity portfolio: Offer clients end-to-end solutions spanning penetration testing, offensive security, managed SOC, cloud security, and compliance, empowering you to sell with confidence and deliver real value. What Were Looking For Proven success in cyber security sales, ideally within penetration testing, managed SOC, threat intelligence or Cyber Essentials Strong experience in new business B2B sales The ability to engage senior stakeholders at UK SMEs and mid-market organisations A collaborative, driven mindset with exceptional organisational and communication skills Whats In It For You: The role offers a base salary of £40,000 with a realistic first-year £90k OTE Established team members typically earn £125k+ and top performers are exceeding this. Uncapped commission and a competitive benefits package Ongoing training, certifications, professional development and support A purpose-driven, inclusive culture where every voice matters The satisfaction of seeing your work directly strengthen clients security and success If youre ready to join a consultancy where your expertise is valued, your results are rewarded, and your growth is limitless, wed love to hear from you. JBRP1_UKTJ
Senior Penetration Tester Location: Fully Remote (UK-Based) Salary Range: £50,000 - £85,000 (dependent on experience) Position: Permanent, Full-Time My client is a dynamic and growing cybersecurity consultancy dedicated to providing top-tier security services to a diverse range of clients. They believe in empowering the team with the flexibility of remote work while tackling challenging and engaging projects that make a real difference to their clients' security posture. The Role We are seeking a highly skilled and motivated Senior Penetration Tester to join our remote team. You will be responsible for leading and executing complex penetration tests against a variety of systems, networks, and applications. The ideal candidate is not just a proficient tester but a critical thinker who can articulate risks clearly and provide pragmatic remediation advice to clients. Key Responsibilities Plan, lead, and execute sophisticated penetration tests across infrastructure, web applications, APIs, and internal networks. Conduct advanced Red Team exercises to simulate real-world adversary attacks and test organisational defences. Produce high-quality, clear, and concise reports for both technical and executive audiences, detailing findings, risks, and actionable remediation strategies. Mentor and provide guidance to junior members of the team, promoting best practices and knowledge sharing. Collaborate with clients to scope engagements, present findings, and provide expert advice on mitigating identified vulnerabilities. Stay abreast of the latest security vulnerabilities, attack vectors, tools, and methodologies. Contribute to the continuous improvement of our testing methodologies and service offerings. Essential Skills & Qualifications Must hold active CREST Certified Tester (CRT) certification. (Non-negotiable) Proven commercial experience in a penetration testing role. Deep technical knowledge of networking protocols, operating systems (Windows, Linux), and common infrastructure vulnerabilities. Strong experience in web application penetration testing (OWASP Top 10). Proficiency with common penetration testing tools (e.g., Burp Suite Pro, Metasploit, Nmap, Cobalt Strike, etc.). Excellent written and verbal communication skills, with a proven ability to write detailed technical reports. A proactive and self-motivated attitude, capable of working effectively in a fully remote environment. Desirable Skills & Qualifications Experience with or knowledge of implementing Cyber Essentials and Cyber Essentials Plus schemes is highly desirable. Additional certifications such as: CREST Certified Simulated Attack Specialist (CCSAS) / Certified Simulated Attack Manager (CCSAM) Offensive Security Certified Professional (OSCP) Certified Information Systems Security Professional (CISSP) SANS GIAC Penetration Tester (GPEN) or Web Application Penetration Tester (GWAPT) Experience in mobile application (iOS/Android) testing, cloud security (AWS/Azure/GCP), or social engineering. Experience scripting in Python, PowerShell, or Bash to develop custom tools or exploits. What We Offer A competitive salary of £50,000 - £85,000 . Fully remote working - work from anywhere in the UK. A supportive and collaborative culture with a strong focus on professional development.
01/10/2025
Full time
Senior Penetration Tester Location: Fully Remote (UK-Based) Salary Range: £50,000 - £85,000 (dependent on experience) Position: Permanent, Full-Time My client is a dynamic and growing cybersecurity consultancy dedicated to providing top-tier security services to a diverse range of clients. They believe in empowering the team with the flexibility of remote work while tackling challenging and engaging projects that make a real difference to their clients' security posture. The Role We are seeking a highly skilled and motivated Senior Penetration Tester to join our remote team. You will be responsible for leading and executing complex penetration tests against a variety of systems, networks, and applications. The ideal candidate is not just a proficient tester but a critical thinker who can articulate risks clearly and provide pragmatic remediation advice to clients. Key Responsibilities Plan, lead, and execute sophisticated penetration tests across infrastructure, web applications, APIs, and internal networks. Conduct advanced Red Team exercises to simulate real-world adversary attacks and test organisational defences. Produce high-quality, clear, and concise reports for both technical and executive audiences, detailing findings, risks, and actionable remediation strategies. Mentor and provide guidance to junior members of the team, promoting best practices and knowledge sharing. Collaborate with clients to scope engagements, present findings, and provide expert advice on mitigating identified vulnerabilities. Stay abreast of the latest security vulnerabilities, attack vectors, tools, and methodologies. Contribute to the continuous improvement of our testing methodologies and service offerings. Essential Skills & Qualifications Must hold active CREST Certified Tester (CRT) certification. (Non-negotiable) Proven commercial experience in a penetration testing role. Deep technical knowledge of networking protocols, operating systems (Windows, Linux), and common infrastructure vulnerabilities. Strong experience in web application penetration testing (OWASP Top 10). Proficiency with common penetration testing tools (e.g., Burp Suite Pro, Metasploit, Nmap, Cobalt Strike, etc.). Excellent written and verbal communication skills, with a proven ability to write detailed technical reports. A proactive and self-motivated attitude, capable of working effectively in a fully remote environment. Desirable Skills & Qualifications Experience with or knowledge of implementing Cyber Essentials and Cyber Essentials Plus schemes is highly desirable. Additional certifications such as: CREST Certified Simulated Attack Specialist (CCSAS) / Certified Simulated Attack Manager (CCSAM) Offensive Security Certified Professional (OSCP) Certified Information Systems Security Professional (CISSP) SANS GIAC Penetration Tester (GPEN) or Web Application Penetration Tester (GWAPT) Experience in mobile application (iOS/Android) testing, cloud security (AWS/Azure/GCP), or social engineering. Experience scripting in Python, PowerShell, or Bash to develop custom tools or exploits. What We Offer A competitive salary of £50,000 - £85,000 . Fully remote working - work from anywhere in the UK. A supportive and collaborative culture with a strong focus on professional development.
Senior Security Test Engineer £565 pay per day (Inside IR35) 6 month initial contract Job Description: Our client is a leader in providing cutting-edge Technology to the Telco industry and they are looking for a Security Test Engineer to join their tech team. Skills: - Have technical knowledge and hands-on experience with IT/information security/cyber security/Network Security standards and frameworks such as ISO27001, NIST CSF and GITC - Perform Impact assessment of new change requests and whether they will incur security testing to be implemented - subsequently create test scripts, mapping to requirements in ALM, test and raise defects in ALM where it necessitates and run regression test packs. This will include internal, external, and emergency CR's - Good experience in Application & Infrastructure Security Testing including Static Application Secuirty Testing, Dynamic Application Security Testing, Interactive Application Secuirty Testing, Maritime Asset Security And Training, Run Time Application Secuirty Testing and Security Compliance Activities - Good understanding of OWASP and other penetration testing methodologies. Good knowledge on analysing & reviewing the Pen Test Results - Experience of security testing toolsets eg MicroFocus Fortify SCA (Static Analysis) WebInspect (Dynamic Vulnerability), App Defender, Black Duck, Sonatype (opensource), Qualys (DAST) and TripWire (IP360) - Experience in Security QA Testing (compliance controls, Threat Management, Security Architecture Assessment, Cloud 3rd Party Risk Assessment, Vulnerability Mgt.) - Source code review experience. - Experience in using HP ALM, Jira - Needs exposure on Professional security test tools like to perform testing on systems processing personal data which are within scope of GDPR - Experience on Security Incident Event Management (ArcSight & Splunk) - Track record of developing test security scripts, detailed test planning and test delivery of complex requirements involving multiple applications and platforms - Representation of security testing to internal and external Telefónica meetings. - Alignment of the security test strategy document and keeping up to date Role: - Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis - Strong analytical skills with a proven track record of requirements mapping and traceability - Exposure to testing in rigorous security regimes/design - Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure - Interface and collaborate with multiple groups and/or managerial staff to eloquently describe and implement security solutions - Expert knowledge of Cloud infrastructure, security architectures, and standards - Able to demonstrate clear understanding of current threats to Cloud infrastructure/IT infrastructures/Network Infrastructure at technical and managerial levels - Strong technical writing and verbal communication skills required - Knowledge of web security concepts covering network through application layers - Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc... - Good understanding of hardware load-balancing, Firewalls, multi-tiered architectures. - Knowledge of AWS services and security controls. - Proven industry experience in application and infrastructure security testing Responsiblities - Define the security test approach for the project in conjunction with the Project Managers, Programme Test Manager and other parties involved in testing - Derive Impact assessment - Ensure that all relevant and impacted parties have been engaged - Meet with the project/business to document which security test activities are being performed during identified SMIP test phases and which test objectives the business accepts as risks - Ensure test activities are identified to mitigate all test risks. - Act as the main point of contact regarding security test issues for the SMIP - Attend project meetings as required and regularly track the progress of all security test activities - Regularly review and update RAID (Risk, Assumptions, Issues, Dependencies) and the scope of security testing (test objectives) - Issue the test completion reports to timescale - Escalate project test issues to the programme test manager and project managers - Communicate and maintain relationships with the impacted business, operational and technical teams (internal and external) throughout the delivery of project test phases - Ensure deliverables are agreed with external partners and that end delivery meets specification and contractual obligations - Ensure all test results are clearly communicated to the relevant development teams - Ensure the appropriate use of tools, metrics, and processes are applied to achieve security test objectives and targets - Provide direction and support to programme/project managers on all aspects of security testing - Ensure testing issues and defects are escalated in a timely manner to the Project Managers and the SM Programme Test Manager - Log all defects raised during QA, and track them until resolution in collaboration with the Defect test manager - Encourage continuous quality improvement through Root Cause and another Metrics Analysis area - Act as a leader and industry expert in your subject area - Keep at the forefront of research on relevant areas including methodologies, specific technologies, and the digital media marketplace - Identify best practice and recommend how to implement it - Oversee the sharing and embedding of good practice - Contribute to the identification of current and target skill levels Tooling - SIEM - ArcSight, Splunk - Application Security - SAST and DAST - Vulnerability Management- Tripwire IP360 - API Testing tools - SOAP UI - Good experience in identifying the server generated values. - Operating Systems; Unix (Linux and/or Solaris), Windows - Database - Microsoft SQL Server, Oracle RDBMS Desirable: - Certifications in Offensive Security, GIAC, ISECOM, (ISC)2, EC-Council (CEH), OSCP/OSCE, CISA, CEH - Defect Management (ideally using HP ALM) - Proactive, takes action and seeks opportunities. - Excellent communication, reporting & presentation skills. - Familiar with corporate, industry and professional standards. - ISEB Foundation Certificate in Software Testing
05/11/2021
Contractor
Senior Security Test Engineer £565 pay per day (Inside IR35) 6 month initial contract Job Description: Our client is a leader in providing cutting-edge Technology to the Telco industry and they are looking for a Security Test Engineer to join their tech team. Skills: - Have technical knowledge and hands-on experience with IT/information security/cyber security/Network Security standards and frameworks such as ISO27001, NIST CSF and GITC - Perform Impact assessment of new change requests and whether they will incur security testing to be implemented - subsequently create test scripts, mapping to requirements in ALM, test and raise defects in ALM where it necessitates and run regression test packs. This will include internal, external, and emergency CR's - Good experience in Application & Infrastructure Security Testing including Static Application Secuirty Testing, Dynamic Application Security Testing, Interactive Application Secuirty Testing, Maritime Asset Security And Training, Run Time Application Secuirty Testing and Security Compliance Activities - Good understanding of OWASP and other penetration testing methodologies. Good knowledge on analysing & reviewing the Pen Test Results - Experience of security testing toolsets eg MicroFocus Fortify SCA (Static Analysis) WebInspect (Dynamic Vulnerability), App Defender, Black Duck, Sonatype (opensource), Qualys (DAST) and TripWire (IP360) - Experience in Security QA Testing (compliance controls, Threat Management, Security Architecture Assessment, Cloud 3rd Party Risk Assessment, Vulnerability Mgt.) - Source code review experience. - Experience in using HP ALM, Jira - Needs exposure on Professional security test tools like to perform testing on systems processing personal data which are within scope of GDPR - Experience on Security Incident Event Management (ArcSight & Splunk) - Track record of developing test security scripts, detailed test planning and test delivery of complex requirements involving multiple applications and platforms - Representation of security testing to internal and external Telefónica meetings. - Alignment of the security test strategy document and keeping up to date Role: - Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis - Strong analytical skills with a proven track record of requirements mapping and traceability - Exposure to testing in rigorous security regimes/design - Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure - Interface and collaborate with multiple groups and/or managerial staff to eloquently describe and implement security solutions - Expert knowledge of Cloud infrastructure, security architectures, and standards - Able to demonstrate clear understanding of current threats to Cloud infrastructure/IT infrastructures/Network Infrastructure at technical and managerial levels - Strong technical writing and verbal communication skills required - Knowledge of web security concepts covering network through application layers - Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc... - Good understanding of hardware load-balancing, Firewalls, multi-tiered architectures. - Knowledge of AWS services and security controls. - Proven industry experience in application and infrastructure security testing Responsiblities - Define the security test approach for the project in conjunction with the Project Managers, Programme Test Manager and other parties involved in testing - Derive Impact assessment - Ensure that all relevant and impacted parties have been engaged - Meet with the project/business to document which security test activities are being performed during identified SMIP test phases and which test objectives the business accepts as risks - Ensure test activities are identified to mitigate all test risks. - Act as the main point of contact regarding security test issues for the SMIP - Attend project meetings as required and regularly track the progress of all security test activities - Regularly review and update RAID (Risk, Assumptions, Issues, Dependencies) and the scope of security testing (test objectives) - Issue the test completion reports to timescale - Escalate project test issues to the programme test manager and project managers - Communicate and maintain relationships with the impacted business, operational and technical teams (internal and external) throughout the delivery of project test phases - Ensure deliverables are agreed with external partners and that end delivery meets specification and contractual obligations - Ensure all test results are clearly communicated to the relevant development teams - Ensure the appropriate use of tools, metrics, and processes are applied to achieve security test objectives and targets - Provide direction and support to programme/project managers on all aspects of security testing - Ensure testing issues and defects are escalated in a timely manner to the Project Managers and the SM Programme Test Manager - Log all defects raised during QA, and track them until resolution in collaboration with the Defect test manager - Encourage continuous quality improvement through Root Cause and another Metrics Analysis area - Act as a leader and industry expert in your subject area - Keep at the forefront of research on relevant areas including methodologies, specific technologies, and the digital media marketplace - Identify best practice and recommend how to implement it - Oversee the sharing and embedding of good practice - Contribute to the identification of current and target skill levels Tooling - SIEM - ArcSight, Splunk - Application Security - SAST and DAST - Vulnerability Management- Tripwire IP360 - API Testing tools - SOAP UI - Good experience in identifying the server generated values. - Operating Systems; Unix (Linux and/or Solaris), Windows - Database - Microsoft SQL Server, Oracle RDBMS Desirable: - Certifications in Offensive Security, GIAC, ISECOM, (ISC)2, EC-Council (CEH), OSCP/OSCE, CISA, CEH - Defect Management (ideally using HP ALM) - Proactive, takes action and seeks opportunities. - Excellent communication, reporting & presentation skills. - Familiar with corporate, industry and professional standards. - ISEB Foundation Certificate in Software Testing
