Senior Penetration Tester £90,000-£95,000 Horsham (3 days a week onsite) VIQU are supporting a leading organisation in seeking an experienced Senior Penetration Tester to join its growing Cyber Security function. As a Senior Penetration Tester, you will lead and deliver complex security assessments across networks, applications, cloud environments, and emerging technologies. Key Responsibilities Lead the scoping, planning, and execution of advanced penetration tests across web, network, cloud, and enterprise systems Conduct offensive security assessments to identify, validate, and exploit vulnerabilities while providing actionable remediation guidance Design and support purple team exercises to enhance detection and response capabilities Simulate advanced attack scenarios using frameworks such as MITRE ATT&CK Produce high-quality technical reports for both technical and non-technical stakeholders Mentor junior team members and promote security testing best practices Requirements 5+ years of hands-on penetration testing experience across network, web, cloud, internal, red team, or purple team environments Excellent knowledge of: MITRE ATT&CK OWASP Threat modelling Attack surface analysis Experience with automated, dynamic, and static security testing tools Knowledge of regulatory frameworks including GDPR, PCI-DSS, and related compliance standards Apply now to speak with VIQU IT in confidence. Or reach out to Noah Yeoman via the VIQU Website Do you know someone great? We'll thank you with up to £1,000 if your referral is successful (terms apply).
May 13, 2026
Full time
Senior Penetration Tester £90,000-£95,000 Horsham (3 days a week onsite) VIQU are supporting a leading organisation in seeking an experienced Senior Penetration Tester to join its growing Cyber Security function. As a Senior Penetration Tester, you will lead and deliver complex security assessments across networks, applications, cloud environments, and emerging technologies. Key Responsibilities Lead the scoping, planning, and execution of advanced penetration tests across web, network, cloud, and enterprise systems Conduct offensive security assessments to identify, validate, and exploit vulnerabilities while providing actionable remediation guidance Design and support purple team exercises to enhance detection and response capabilities Simulate advanced attack scenarios using frameworks such as MITRE ATT&CK Produce high-quality technical reports for both technical and non-technical stakeholders Mentor junior team members and promote security testing best practices Requirements 5+ years of hands-on penetration testing experience across network, web, cloud, internal, red team, or purple team environments Excellent knowledge of: MITRE ATT&CK OWASP Threat modelling Attack surface analysis Experience with automated, dynamic, and static security testing tools Knowledge of regulatory frameworks including GDPR, PCI-DSS, and related compliance standards Apply now to speak with VIQU IT in confidence. Or reach out to Noah Yeoman via the VIQU Website Do you know someone great? We'll thank you with up to £1,000 if your referral is successful (terms apply).
A progressive financial institution in Greater London is looking for an experienced Penetration Tester to join their team. You will engage with multiple areas of the business, perform security tests, and guide remediation of findings. Ideal candidates have over 5 years of experience in penetration testing, a strong foundation in mobile and web security, and communication skills. The role includes benefits like 25 days holiday, volunteering time, and private medical insurance.
May 08, 2026
Full time
A progressive financial institution in Greater London is looking for an experienced Penetration Tester to join their team. You will engage with multiple areas of the business, perform security tests, and guide remediation of findings. Ideal candidates have over 5 years of experience in penetration testing, a strong foundation in mobile and web security, and communication skills. The role includes benefits like 25 days holiday, volunteering time, and private medical insurance.
About the Role As an experienced Penetration Tester at Starling, you'll be joining an established team, working with talented cyber security professionals to ensure our services are designed, developed and operated securely. This is a collaborative role - you'll directly interact with multiple areas of the business to understand requirements, conduct research, perform security testing, and report issues aligned to our risk framework. Being an internal tester, you'll gain a strong understanding of how technology works at Starling to enable in depth testing. You'll also support remediation processes, seeing your findings lead to tangible security improvements. We understand the importance of knowledge and expertise remaining current, so we'll actively support your advancement through research and training. In turn, you'll help us continuously improve our processes, methodologies and tools to maintain the highest standard of testing. We're open minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Responsibilities Scoping and performing mobile, web application, cloud and infrastructure penetration tests. Collaborating with engineering teams to facilitate secure development, including: Reviewing and analysing proposed technical solutions to identify appropriate security controls. Conducting code reviews of features and critical security components. Performing in depth practical security testing. Advising on the remediation of security issues and identifying solutions to address root causes. Automating security testing and developing internal tooling to achieve continuous assurance. Identifying and implementing improvements to the team's internal processes and procedures. Mentoring less experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling. Qualifications 5+ years technical information security experience. Experience in mobile, web application, cloud and infrastructure penetration testing. Technical knowledge - a good foundation in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes. A desire to learn, and the ability to apply technical security knowledge to new and unfamiliar areas. Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience. Experience performing code reviews or code assisted testing, particularly in Java and Go. Experience in automation of security testing (e.g. using Python or Go). Excellent verbal and written communication skills. Interview Process First stage with the Penetration Testing Team Lead. Second stage with additional members of the Penetration Testing team. Final stage with Infosec Director and CISO. Benefits 25 days holiday (plus public holiday allowance). Extra day's holiday for your birthday. Annual leave increased with length of service, and you can choose to buy or sell up to five extra days off. 16 hours paid volunteering time a year. Salary sacrifice, company enhanced pension scheme. Life insurance at 4 your salary & group income protection. Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr & Mrs Smith and Peloton. Generous family friendly policies. Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks. Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing. Equal Opportunities Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.
May 08, 2026
Full time
About the Role As an experienced Penetration Tester at Starling, you'll be joining an established team, working with talented cyber security professionals to ensure our services are designed, developed and operated securely. This is a collaborative role - you'll directly interact with multiple areas of the business to understand requirements, conduct research, perform security testing, and report issues aligned to our risk framework. Being an internal tester, you'll gain a strong understanding of how technology works at Starling to enable in depth testing. You'll also support remediation processes, seeing your findings lead to tangible security improvements. We understand the importance of knowledge and expertise remaining current, so we'll actively support your advancement through research and training. In turn, you'll help us continuously improve our processes, methodologies and tools to maintain the highest standard of testing. We're open minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. Responsibilities Scoping and performing mobile, web application, cloud and infrastructure penetration tests. Collaborating with engineering teams to facilitate secure development, including: Reviewing and analysing proposed technical solutions to identify appropriate security controls. Conducting code reviews of features and critical security components. Performing in depth practical security testing. Advising on the remediation of security issues and identifying solutions to address root causes. Automating security testing and developing internal tooling to achieve continuous assurance. Identifying and implementing improvements to the team's internal processes and procedures. Mentoring less experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling. Qualifications 5+ years technical information security experience. Experience in mobile, web application, cloud and infrastructure penetration testing. Technical knowledge - a good foundation in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes. A desire to learn, and the ability to apply technical security knowledge to new and unfamiliar areas. Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience. Experience performing code reviews or code assisted testing, particularly in Java and Go. Experience in automation of security testing (e.g. using Python or Go). Excellent verbal and written communication skills. Interview Process First stage with the Penetration Testing Team Lead. Second stage with additional members of the Penetration Testing team. Final stage with Infosec Director and CISO. Benefits 25 days holiday (plus public holiday allowance). Extra day's holiday for your birthday. Annual leave increased with length of service, and you can choose to buy or sell up to five extra days off. 16 hours paid volunteering time a year. Salary sacrifice, company enhanced pension scheme. Life insurance at 4 your salary & group income protection. Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr & Mrs Smith and Peloton. Generous family friendly policies. Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks. Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing. Equal Opportunities Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.
Role: Penetration Tester (CHECK/Crest) Location: Fully Remote, UK (with client site visits as required) Salary: £55,000 - £90,000 DOE + expenses + overnight bonus for site work Type: Permanent, Full-Time Summary: We are looking for experienced Penetration Testers to join one of the UK's larger dedicated offensive security practices. With a team of around 70 testers split across CHECK and Crest work, this is a well-established consultancy delivering high-quality assessments across a broad client base, with genuine variety in engagement type, sector, and technical depth. The team is structured across two streams, more commercially-driven engagements through Crest, and deeper, security-led work through CHECK, so there's a clear path whichever direction you want to lean. Multiple roles are available across mid and senior levels, and the company is flexible on starting clearance level (more below). This role is fully remote with client site visits as required. No two weeks look the same. Key Responsibilities: Deliver web application, API, and infrastructure penetration tests, taking ownership of engagements end-to-end from scoping through to final report delivery. Lead client-facing engagements, communicating high-risk findings as they are identified to support swift remediation. Produce clear, professional reports tailored to client-specific context and business risk. Support broader offensive security activities including red and purple team engagements, phishing simulations, and assumed-breach style assessments where relevant. Contribute to internal QA, mentor more junior consultants, and support report quality across the team. Stay up to date with the evolving threat landscape and contribute to internal R&D, tooling, and knowledge sharing. Requirements: CHECK Team Member (CTM), CHECK Team Leader (CTL), Crest Registered Tester (CRT), or Crest Certified Tester (CCT) qualified, or actively progressing along either Pathway at a senior level. Hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional consultancy setting. Strong understanding of common vulnerability classes (eg OWASP Top 10), exploitation techniques, and remediation guidance. Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences. Strong written reporting skills, with the ability to produce clear, well-structured deliverables. A genuine passion for offensive security, demonstrated through CTFs, labs (eg Hack The Box, TryHackMe), research, certifications, or community involvement. Clearance: Clearance requirements vary by role, some do not require any clearance, others are looking for SC or DV. The company will put successful candidates through the relevant clearance process where required, so existing clearance is welcomed but not essential across the board. Benefits: Salary: £55,000 - £90,000, depending on experience, certifications and clearance level Fully remote working Overnight bonus for client site visits Travel and expenses covered for client work Clearance sponsorship (SC/DV) where required for the role Company pension scheme Role: Penetration Tester (CHECK/Crest) Location: Fully Remote, UK (with client site visits as required) Salary: £55,000 - £90,000 DOE Type: Permanent, Full-Time Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
May 07, 2026
Full time
Role: Penetration Tester (CHECK/Crest) Location: Fully Remote, UK (with client site visits as required) Salary: £55,000 - £90,000 DOE + expenses + overnight bonus for site work Type: Permanent, Full-Time Summary: We are looking for experienced Penetration Testers to join one of the UK's larger dedicated offensive security practices. With a team of around 70 testers split across CHECK and Crest work, this is a well-established consultancy delivering high-quality assessments across a broad client base, with genuine variety in engagement type, sector, and technical depth. The team is structured across two streams, more commercially-driven engagements through Crest, and deeper, security-led work through CHECK, so there's a clear path whichever direction you want to lean. Multiple roles are available across mid and senior levels, and the company is flexible on starting clearance level (more below). This role is fully remote with client site visits as required. No two weeks look the same. Key Responsibilities: Deliver web application, API, and infrastructure penetration tests, taking ownership of engagements end-to-end from scoping through to final report delivery. Lead client-facing engagements, communicating high-risk findings as they are identified to support swift remediation. Produce clear, professional reports tailored to client-specific context and business risk. Support broader offensive security activities including red and purple team engagements, phishing simulations, and assumed-breach style assessments where relevant. Contribute to internal QA, mentor more junior consultants, and support report quality across the team. Stay up to date with the evolving threat landscape and contribute to internal R&D, tooling, and knowledge sharing. Requirements: CHECK Team Member (CTM), CHECK Team Leader (CTL), Crest Registered Tester (CRT), or Crest Certified Tester (CCT) qualified, or actively progressing along either Pathway at a senior level. Hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional consultancy setting. Strong understanding of common vulnerability classes (eg OWASP Top 10), exploitation techniques, and remediation guidance. Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences. Strong written reporting skills, with the ability to produce clear, well-structured deliverables. A genuine passion for offensive security, demonstrated through CTFs, labs (eg Hack The Box, TryHackMe), research, certifications, or community involvement. Clearance: Clearance requirements vary by role, some do not require any clearance, others are looking for SC or DV. The company will put successful candidates through the relevant clearance process where required, so existing clearance is welcomed but not essential across the board. Benefits: Salary: £55,000 - £90,000, depending on experience, certifications and clearance level Fully remote working Overnight bonus for client site visits Travel and expenses covered for client work Clearance sponsorship (SC/DV) where required for the role Company pension scheme Role: Penetration Tester (CHECK/Crest) Location: Fully Remote, UK (with client site visits as required) Salary: £55,000 - £90,000 DOE Type: Permanent, Full-Time Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Crest Certified Penetration Tester (CRT) | £50-60k | Remote We're partnered with a well-established cyber security organisation that's continuing to invest heavily into its offensive security capability following sustained client growth across both commercial and regulated environments. As part of that growth, they're looking to hire a Crest-certified Penetration Tester to join a collaborative testing team delivering security assessments across a broad range of technologies and customer environments. This role would suit someone with around 2-3 years of hands-on penetration testing experience who is looking to continue developing within a highly technical and supportive environment. Salary: £50-60k DOE Working Structure: Remote with onsite client visits occasionally Security Clearance: Beneficial but not required (SC/DV) Certifications: Crest CRT, OSCP (Essential) The Role: You'll be involved in delivering: Web application penetration testing Infrastructure and internal network testing External vulnerability assessments Active Directory and privilege escalation testing Cloud security assessments across Azure/AWS Security reporting and remediation discussions with clients You'll work closely with senior testers and technical leads, gaining exposure to a wide variety of technologies, environments and engagement types. What They're Looking For: Crest Registered Tester (CRT) certification essential OSCP Certification Around 2-3 years of penetration testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud security certifications would be advantageous. If you're a CRT-certified Penetration Tester looking to continue developing your offensive security career within a strong technical environment, please apply or reach out for a confidential conversation. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
May 07, 2026
Full time
Crest Certified Penetration Tester (CRT) | £50-60k | Remote We're partnered with a well-established cyber security organisation that's continuing to invest heavily into its offensive security capability following sustained client growth across both commercial and regulated environments. As part of that growth, they're looking to hire a Crest-certified Penetration Tester to join a collaborative testing team delivering security assessments across a broad range of technologies and customer environments. This role would suit someone with around 2-3 years of hands-on penetration testing experience who is looking to continue developing within a highly technical and supportive environment. Salary: £50-60k DOE Working Structure: Remote with onsite client visits occasionally Security Clearance: Beneficial but not required (SC/DV) Certifications: Crest CRT, OSCP (Essential) The Role: You'll be involved in delivering: Web application penetration testing Infrastructure and internal network testing External vulnerability assessments Active Directory and privilege escalation testing Cloud security assessments across Azure/AWS Security reporting and remediation discussions with clients You'll work closely with senior testers and technical leads, gaining exposure to a wide variety of technologies, environments and engagement types. What They're Looking For: Crest Registered Tester (CRT) certification essential OSCP Certification Around 2-3 years of penetration testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud security certifications would be advantageous. If you're a CRT-certified Penetration Tester looking to continue developing your offensive security career within a strong technical environment, please apply or reach out for a confidential conversation. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
