Penetration Tester
A leading financial services firm is looking for a skilled and detail-oriented Penetration Tester to join their Information Security team in London. This hands-on role is ideal for someone with strong technical expertise and the ability to clearly communicate findings to both technical teams and senior stakeholders.
Position Overview:
In this role, you will play a key part in assessing and strengthening the organisation's security posture. You'll be responsible for identifying vulnerabilities, testing defences, and ensuring alignment with internal policies and industry standards.
Key Responsibilities:
- Conduct comprehensive penetration tests across infrastructure, in-house applications, cloud environments, and critical business processes.
- Use both technical attack vectors and social engineering techniques to evaluate security resilience.
- Perform vulnerability assessments and manual exploitation to validate identified risks.
- Evaluate the effectiveness of key security controls, including IAM, endpoint protection, cloud configurations, and DLP.
- Design and execute audit plans and testing procedures based on risk priorities and best practices.
- Produce clear, actionable reports tailored to both technical and non-technical audiences, including executive summaries.
- Present findings and risk assessments to stakeholders, including senior leadership.
Required Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- Proven experience in penetration testing, vulnerability assessment, and security auditing.
- Strong understanding of attack vectors, exploitation techniques, and social engineering.
- Hands-on experience with tools such as Burp Suite, Nessus, Metasploit, Nmap, and Wireshark.
- Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, OWASP).
- Experience securing infrastructure, applications, cloud environments, and endpoints.
- Knowledge of IAM, endpoint protection, cloud security, and DLP technologies.
- Strong analytical and communication skills, with the ability to tailor messaging for different audiences.
- Experience producing audit documentation and risk assessments for senior stakeholders.
- Relevant certifications such as OSCP, OSCE, CREST, CISSP, CISM, CEH, or equivalent.
- Excellent interpersonal skills and a collaborative approach to working across teams.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isnโt a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.ย
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.ย
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.