Oscar Associates Ltd
Security Testing Analyst | London (Hybrid) | £30-35k We are working with a well-established cyber security consultancy that is looking for a Security Testing Analyst to join their growing security testing team. This is a hands-on role with a clear development path - ideal for someone with around one to two years of experience in vulnerability assessment or junior penetration testing who wants structured progression toward deeper VAPT capability in a real client environment. The consultancy works with clients across regulated industries and PE-backed businesses, delivering penetration testing, VAPT, GRC advisory, and AI security services. You'll be joining a team that invests in its people: mentoring, funded certifications, and a performance-based progression model, not a time-served one. About the Role: The primary focus of the role is vulnerability assessment, external attack surface management, scan management, finding validation, and remediation follow-up. Alongside that, you'll be carrying out practical penetration testing activity - particularly across external infrastructure and Internet-facing services - with direct mentoring from senior testers as you build out your capability. This isn't a role where you run a scan, export the report, and move on. You'll be expected to investigate findings properly, understand exploitability, reduce false positives, and produce technical summaries that hold up to scrutiny. The testing team operates to Crest methodology throughout. Early on the role will be office weighted so you can get comfortable with the team. Hybrid working will then be available once you are settled in. What You'll be Doing: Deliver VAPT, vulnerability assessment, and attack surface management services across a range of clients Conduct security testing of external infrastructure and Internet-facing services, including reconnaissance, enumeration, and vulnerability validation Configure, schedule, and monitor vulnerability scans, maintaining accurate asset inventories and scope records Triage and prioritise vulnerability findings, focusing on critical and high-severity issues Validate findings using approved methods, assessing exploitability and business impact Perform basic penetration testing activities under guidance, including reconnaissance and controlled validation Support external attack surface reviews, identifying exposed assets and prioritising remediation Produce clear summaries and documentation for internal teams, clients, and formal reports Assist senior penetration testers with research, evidence collection, and report writing Adhere to internal methodologies and industry frameworks, including NIST, OWASP, and Crest best practices What They're Looking For: 1-2 years' experience in vulnerability assessment, security testing, or junior penetration testing Good understanding of networking, operating systems, and web technologies (TCP/IP, DNS, HTTP/S, Linux, Windows) Hands-on experience with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, or Qualys Familiarity with penetration testing tools including Kali Linux, Nmap, Burp Suite, Metasploit, Nikto, and Gobuster Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and the OWASP Top 10 Ability to perform reconnaissance, enumeration, service analysis, and controlled validation of findings Strong written communication skills with the ability to produce clear technical reports Able to work methodically within defined scope and rules of engagement Certs like CPSA, PenTest+, eJPT or PNPT are a nice bonus, as is lab time on HTB or TryHackMe. Why This Role? Funded certs, direct mentoring from experienced testers, real client exposure from day one, and progression that's based on what you deliver - not how long you've been there. Apply now for immediate consideration! Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Security Testing Analyst | London (Hybrid) | £30-35k We are working with a well-established cyber security consultancy that is looking for a Security Testing Analyst to join their growing security testing team. This is a hands-on role with a clear development path - ideal for someone with around one to two years of experience in vulnerability assessment or junior penetration testing who wants structured progression toward deeper VAPT capability in a real client environment. The consultancy works with clients across regulated industries and PE-backed businesses, delivering penetration testing, VAPT, GRC advisory, and AI security services. You'll be joining a team that invests in its people: mentoring, funded certifications, and a performance-based progression model, not a time-served one. About the Role: The primary focus of the role is vulnerability assessment, external attack surface management, scan management, finding validation, and remediation follow-up. Alongside that, you'll be carrying out practical penetration testing activity - particularly across external infrastructure and Internet-facing services - with direct mentoring from senior testers as you build out your capability. This isn't a role where you run a scan, export the report, and move on. You'll be expected to investigate findings properly, understand exploitability, reduce false positives, and produce technical summaries that hold up to scrutiny. The testing team operates to Crest methodology throughout. Early on the role will be office weighted so you can get comfortable with the team. Hybrid working will then be available once you are settled in. What You'll be Doing: Deliver VAPT, vulnerability assessment, and attack surface management services across a range of clients Conduct security testing of external infrastructure and Internet-facing services, including reconnaissance, enumeration, and vulnerability validation Configure, schedule, and monitor vulnerability scans, maintaining accurate asset inventories and scope records Triage and prioritise vulnerability findings, focusing on critical and high-severity issues Validate findings using approved methods, assessing exploitability and business impact Perform basic penetration testing activities under guidance, including reconnaissance and controlled validation Support external attack surface reviews, identifying exposed assets and prioritising remediation Produce clear summaries and documentation for internal teams, clients, and formal reports Assist senior penetration testers with research, evidence collection, and report writing Adhere to internal methodologies and industry frameworks, including NIST, OWASP, and Crest best practices What They're Looking For: 1-2 years' experience in vulnerability assessment, security testing, or junior penetration testing Good understanding of networking, operating systems, and web technologies (TCP/IP, DNS, HTTP/S, Linux, Windows) Hands-on experience with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, or Qualys Familiarity with penetration testing tools including Kali Linux, Nmap, Burp Suite, Metasploit, Nikto, and Gobuster Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and the OWASP Top 10 Ability to perform reconnaissance, enumeration, service analysis, and controlled validation of findings Strong written communication skills with the ability to produce clear technical reports Able to work methodically within defined scope and rules of engagement Certs like CPSA, PenTest+, eJPT or PNPT are a nice bonus, as is lab time on HTB or TryHackMe. Why This Role? Funded certs, direct mentoring from experienced testers, real client exposure from day one, and progression that's based on what you deliver - not how long you've been there. Apply now for immediate consideration! Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Netcom Training
City, Sheffield
About the opportunity Complete the free training, gain a qualification and career guidance - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Complete the with, helping you start your career protecting businesses, data and digital systems. Course Details Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 9:45AM - 2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles: Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £24,570 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills.
About the opportunity Complete the free training, gain a qualification and career guidance - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Complete the with, helping you start your career protecting businesses, data and digital systems. Course Details Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 9:45AM - 2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles: Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £24,570 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills.
Netcom Training
City, Sheffield
About the opportunity Complete the free training, gain a qualification and career guidance - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Complete the with, helping you start your career protecting businesses, data and digital systems. Course Details Start Date: 01.06 Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 09:45AM-2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles: Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £24,570 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills.
About the opportunity Complete the free training, gain a qualification and career guidance - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Complete the with, helping you start your career protecting businesses, data and digital systems. Course Details Start Date: 01.06 Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 09:45AM-2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles: Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £24,570 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills.
