Penetration Tester

Penetration Tester

We are looking to recruit the services of an experienced Penetration Tester to join our client’s Information Security team on a contract basis (initially 6 months, inside IR35). The role is based in Ipswich, so candidates MUST live a commutable distance and be willing to work on-site 3 days per week.

In this role, you will focus on identifying vulnerabilities across a wide range of applications and systems, delivering clear and actionable findings to senior security leadership.

This is a hands-on technical role with a strong emphasis on application-level penetration testing, vulnerability assessment, and clear risk communication. While you’ll work closely with security and technology teams, your primary objective is to uncover weaknesses.

Responsibilities will include:

  • Perform penetration testing across enterprise applications and systems.
  • Conduct detailed vulnerability assessments, identifying weaknesses, misconfigurations, and security gaps.
  • Produce high-quality security assessment reports outlining findings, exploitability, and potential business impact.
  • Present findings to senior stakeholders, including the CISO.
  • Collaborate with internal teams to gather contextual information needed for assessments.
  • Support broader Governance, Risk & Compliance (GRC) objectives where required.
  • Contribute expertise relating to threat modelling, exploitation techniques, and security best practices.
  • Apply industry-recognised standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) where relevant.

Required Skills & Experience

  • Proven experience performing penetration testing in professional environments.
  • Strong technical understanding of application security, exploit techniques, and common vulnerability classes.
  • Hands-on experience with common tooling (e.g., Burp Suite, Qualys, Tenable, Nexpose).
  • Ability to clearly communicate technical issues to non-technical audiences.
  • Excellent analytical and documentation skills.

Preferred (Not Essential)

  • Exposure to risk reporting, vulnerability management, or security assessments.
  • Security certifications such as OSCP, CEH, CISSP, CISM, CRISC or equivalent.
  • Experience working in regulated sectors (finance, healthcare, government).
  • Familiarity with frameworks such as NIST, ISO 27001, CIS Controls, or methodologies such as CVSS/FAIR.

Ipswich - commutable distance - 3 days on site

Apply Now
Apply Now

Job Details

Company
Marshall Wolfe
Location
Ipswich, Suffolk, England, United Kingdom
Employment Type
Contractor
Salary
Competitive salary
Posted