About the role
Conduct vulnerability assessments and penetration tests across client infrastructure, web applications and cloud environments. Deliver clear, prioritised findings that help clients understand and address their most significant risks.
What you will do
Conduct vulnerability assessments across client networks, endpoints and web applications
Perform penetration tests using industry-standard methodologies (OWASP, PTES)
Analyse and prioritise findings by real-world exploitability using CVSS and EPSS scores
Produce clear, well-structured reports for both technical and executive audiences
Verify remediation effectiveness and track outstanding vulnerabilities over time
Contribute to vulnerability management programme development for clients
What we are looking for
Hands-on experience with Nessus, OpenVAS or Qualys
Proficiency with Burp Suite Pro for web application testing
Strong understanding of OWASP Top 10 and common vulnerability classes
Ability to write clear, actionable vulnerability reports
CEH, OSCP or equivalent certification — or actively working towards it
Eligibility to work without restriction
Nice to have
These are not required — but they will help your application stand out.
OSCP certification
Experience with API security testing
Cloud security assessment experience (Azure, AWS)
Familiarity with Microsoft Defender for Endpoint