Penetration Tester - Team Lead

Job Description: Security Testing Practice Lead

Location: London/Hybrid

Reports to: Managing Director

Role Overview

The Security Testing Practice Lead is responsible for the performance, growth, and operational effectiveness of the firm’s security testing practice. This is a hybrid role combining hands-on technical delivery with practice management, commercial support, and strategic development.

Key Areas of Responsibility

• Practice Leadership & Strategic Development
• Service Portfolio Ownership: Maintain existing services, identify market gaps, and introduce new offerings aligned with business objectives.
• Knowledge Base & Tooling: Establish and develop a centralized knowledge base covering tools, methodologies, and reporting templates. Preference will be given to candidates with software development or coding skills (e.g., Python, Golang, Bash) to drive the automation of testing workflows and internal tool development.
• Quality Assurance: Define and enforce rigorous quality standards across all testing engagements.
• Strategic Growth: Contribute to the business plan by identifying operational improvements across people, processes, and technology.

Technical Delivery

• Full-Stack Security Testing: Perform and oversee advanced testing across diverse environments including Web Applications (OWASP Top 10), Internal/External Infrastructure, and Cloud Service Providers (AWS, Azure, GCP).
• Emerging Tech & AI: Lead the development of testing methodologies for AI/LLM implementations, focusing on prompt injection, data leakage, and model security, as well as traditional Software Security Testing (SAST/DAST).
• Lead Consultant: Perform security testing services directly when required by project demand or specific client needs.
• High-Impact Reporting: Produce clear, accurate, and high-quality technical reports and executive presentations of findings and recommendations.

Delivery Management & Operational Efficiency

• Operational Oversight: Manage day-to-day delivery of all projects, ensuring they are completed on time, within budget, and to the highest quality.
• Resource Allocation: Assign projects based on consultant skill sets, availability, and client requirements.
• Pre-Sales Governance: Sign off on all Scopes of Work (SoW) prior to commercial commitment and perform QA on proposals.

Commercial & Client Engagement

• Sales Support: Assist the Commercial Team with scoping calls, project planning, and proposal development.
• Key Account Management: Lead delivery on larger or more complex engagements and maintain operational relationships with key clients.

People Management & Development

• Mentorship: Manage and mentor the testing team, fostering a culture of technical excellence and continuous improvement.
• Performance Management: Conduct appraisals and oversee individual training and certification plans (e.g., OSCP, CREST, AWS Security).