Security Testing Lead

Security Testing Practice Lead | £80-90k | London (Hybrid)

We’re working with a growing, private equity-backed cyber security consultancy looking to hire a Security Testing Practice Lead to take ownership of their security testing function.

This is a hands-on leadership role, combining technical delivery with practice growth, team development, and client engagement - ideal for someone operating at (or ready to step into) a leadership role while still staying close to the tech.

Salary: £80-90k DOE

Location: London (3 days onsite)

Package: Competitive

The Role:

You’ll be responsible for leading and scaling the security testing practice, ensuring high-quality delivery across engagements while shaping the future direction of the service offering.

This includes owning delivery standards, supporting commercial activity, and mentoring a team of testers - all while remaining hands-on where needed.

You’ll also play a key role in evolving the practice into new areas such as AI / LLM security testing, helping define new services in line with market demand.

Key Responsibilities:

  • Lead and develop the security testing practice (services, tooling, methodologies)
  • Oversee delivery across testing engagements (web, API, infra, cloud, mobile)
  • Ensure quality, consistency, and technical excellence across all outputs
  • Support pre-sales, scoping, and client engagement activities
  • Manage team utilisation, capacity, and performance
  • Mentor and develop testers, driving a strong technical culture
  • Own reporting standards and delivery methodology (OWASP, PTES, OSSTMM)
  • Contribute to practice growth and new service development (incl. AI security)

Key Skills & Experience:

  • Strong hands-on background in penetration testing / security testing (CHECK / CREST or equivalent)
  • Experience across web apps, APIs, infrastructure, and cloud (AWS/Azure/GCP)
  • Solid understanding of modern attacker techniques and threat-led testing approaches
  • Experience with tools such as Burp Suite, Nmap, Nessus, Qualys, Metasploit, Kali
  • Experience leading or mentoring teams (or ready to step up)
  • Ability to engage with clients and support commercial discussions
  • Strong reporting and stakeholder communication skills (technical → non-technical)
  • Understanding of delivery processes, QA, and scaling services

Nice to Have:

  • Red team / social engineering experience
  • Exposure to AI / LLM security testing
  • Certifications such as CREST, OSCP, OSWE, CISSP or CHECK
  • Experience in consultancy environments

This is a great opportunity to step into a role where you can shape and own a security testing function, not just deliver within one.

If this sounds like something you’d be interested in, apply now!

Apply Now
Apply Now

Job Details

Company
Oscar
Location
City of London, London, United Kingdom
Posted