Penetration Tester

A rapidly growing leader in proactive cybersecurity services is expanding its consulting team and seeking a Security Consultant with a strong background in mobile application penetration testing. This role is ideal for a hands-on penetration tester who enjoys uncovering complex vulnerabilities and delivering meaningful security improvements for enterprise clients.

 

You will work alongside experienced security professionals, leveraging advanced tooling, automation, and research-driven methodologies to perform deep technical testing across mobile applications and APIs. The focus of this role is on producing high-quality, actionable findings that help organizations strengthen their security posture.

 

Key Responsibilities

  • Perform penetration testing engagements on mobile applications (iOS and Android) and associated APIs

  • Identify weaknesses related to data storage, network communications, authentication, and cryptography

  • Analyze mobile application behaviour, sandboxing, and OS-level security controls

  • Produce clear, well-structured penetration testing reports aligned with client-specific standards and workflows

  • Collaborate with internal teams and clients to explain findings and recommend remediation strategies

  • Research and develop new tools, techniques, and testing methodologies to improve assessment quality

  • Support consulting operations through documentation, reporting, and engagement-related administrative tasks

Required Qualifications

  • 2–3+ years of experience conducting application or mobile penetration testing

  • Hands-on experience with offensive security tools such as:

    • Kali Linux, Burp Suite, Metasploit, Nessus

    • Mobile-focused tools including Frida, Drozer, Objection, and Ghidra

  • Solid understanding of mobile data security, encryption, and secure communications

  • Strong working knowledge of Android and iOS operating systems

  • Familiarity with common offensive and defensive security concepts and network protocols

  • Deep understanding of the OWASP Top 10 and relevant security frameworks

  • Working knowledge of Windows, Linux, and macOS internals

  • Ability to work independently while collaborating effectively within a team

  • Strong written and verbal communication skills

  • Willingness to travel up to 5–10%

  • Ability to support an 8-hour workday, with occasional evenings or weekends as required by project timelines

Preferred Experience

  • Mentoring or coaching junior team members

  • Sharing security knowledge through blogs, webinars, or conference presentations

  • Experience with scripting or programming languages such as Python, Ruby, Perl, Java, C/C++, or C#

  • Industry-recognized offensive security certifications (e.g., OSCP, GPEN, GXPN, GWAPT, CISSP)

  • Experience with ARM reverse engineering

  • Development of Frida scripts or tools to bypass protections or exploit mobile application vulnerabilities

 

This is a fully remote positon within the UK

 

If interested please do apply! 

Apply Now
Apply Now

Job Details

Company
Lawrence Harvey
Location
Nationwide, United Kingdom
Hybrid / Remote Options
Employment Type
Permanent
Salary
£80000 - £100000/annum
Posted