Penetration Tester - 6 months - Hybrid (Reading) - Inside IR35

Penetration Tester - 6 months - Hybrid (Reading) - Inside IR35

Rate: £400 per day (Inside IR35)
Duration: 6 months
Working Model: Hybrid - 3 days per week onsite in Reading
Role Type: Contract

Role Overview

We are seeking an experienced Penetration Tester to join a delivery-focused security testing function supporting multiple technology initiatives within a complex enterprise environment. This is a hands-on role requiring strong technical expertise across offensive security, red teaming, and vulnerability assessment.

You will lead and execute penetration testing engagements end-to-end, working closely with clients, developers, and security stakeholders to identify, exploit, and clearly communicate security risks while supporting improved organisational security posture.

Key Responsibilities

• Lead penetration testing engagements from client kickoff through scoping, execution, and final reporting, ensuring adherence to agreed scope and deadlines.
• Perform penetration testing across network, web applications, APIs, cloud environments, thick client applications, wireless, social engineering, and physical security.
• Execute penetration testing projects using established methodologies, tools, and rules of engagement.
• Conduct red team assessments to identify gaps and weaknesses impacting organisational security posture.
• Identify, validate, and exploit security vulnerabilities across a wide range of systems and environments.
• Perform in-depth analysis of findings and produce high-quality reports detailing exploitation paths, business risk, and remediation recommendations.
• Apply strong knowledge of OWASP Top 10 and SANS Top 25, effectively aligning findings to industry standards.

Essential Skills & Experience

• Strong hands-on experience delivering professional penetration testing engagements.
• Proficiency with penetration testing and red team tooling including Cobalt Strike, Caldera, Atomic Red Team, Pentera, Nessus, Burp Suite, Nmap, Kali Linux, and OSINT tools.
• Solid understanding of offensive security methodologies and attack frameworks.
• Experience with both manual and automated security testing techniques.
• Strong analytical, problem-solving, and vulnerability analysis skills.
• Ability to write clear, concise, and actionable penetration testing reports.
• Good understanding of the software development life cycle (SDLC) and secure development practices.