Penetration Tester

Posted 12 June 2025
Salary £60000 - £120000 per annum
LocationLondon
Job type Permanent
Discipline Cyber & Information Security
ReferenceBBBH217953_1749742782

Job description

Penetration Tester - Infrastructure / OT

(Consultancy | Mostly Remote | Not for Beginners)

Right. Let's skip the fluff.

One of our consultancy clients needs an experienced Infrastructure Pen Tester. Not someone who wants to be a Pen Tester. Not someone halfway through their OSCP. Someone who actually knows what they're doing.

They work with clients in Operational Technology (OT) - that's industrial control systems, manufacturing kit, and the sort of environments where "turning it off and on again" could cost millions. So yeah, it's not your average test.

The Job (in plain English):

You'll be testing infrastructure - manually. No Web App fluff, no clicking "scan" in a tool and writing up the results. You'll be dealing with proper kit and real-world impact. A lot of autonomy, and the expectation that you can figure things out without someone holding your hand.

What You Actually Need:

  • Hands-on experience with infrastructure pen testing - and we mean proper hands-on.
  • Experience in OT environments - You've been there, done that, ideally not blown anything up.
  • Brains - Able to look at a scope, figure it out, and adapt when things inevitably go sideways.
  • Coding skills - Not essential, but if you can sling some Python around, it'll help.
  • Certs - OSCE, OSCE, CTL, CTM would be nice. But if you don't have it and you know your stuff, that's fine too.
  • Consultancy experience - Again, preferred. If you've worked client-side before, you'll get the vibe.

Location:

The team's largely remote as it stands. Occasionally, you'll need to rock up to a client site - so don't apply if you plan on never leaving the house.

Level:

They're open to solid testers up to Principal level. But don't expect a slow ramp-up - they need someone who can get stuck in from Day One.

Pay:

It's not listed because they're willing to flex for the right person. If you're good, you'll get paid accordingly. Just get in touch and we'll have the grown-up conversation.

If this sounds like your sort of thing - or you're tired of being micromanaged, underpaid, or stuck testing login pages - drop me a line.

No nonsense. No fluff. Just a good gig for the right tester.