3 of 3 Contract Offensive Security Jobs

Location : London (Hybrid, 23 days in office) | Rate : Market About the Role Our client, a leading global organization, is looking for a skilled Internal Pentester to join a leading security team in London. This contract role is perfect for someone experienced in penetration testing across networks, systems, web applications, APIs, and cloud environments, who can identify vulnerabilities, simulate attacks … and deliver actionable remediation advice. Youll work in a compliance-driven, high-security environment, collaborating with cross-functional teams to strengthen the organizations security posture. What Youll Do Conduct full-scope penetration tests on applications, APIs, internal infrastructure, networks, and cloud environments (AWS, Azure, GCP). Identify and exploit security flaws: insecure authentication, authorization bypass, input validation … issues, cloud misconfigurations, AD misuse, etc. Perform internal/external network testing, AD enumeration, privilege escalation. Automate security testing where possible, integrating IaC and ServiceNow workflows. Simulate real-world attacks using the same techniques and tools as malicious actors. Produce detailed, actionable reports with executive summaries and technical findings. Collaborate with development, cloud, and infrastructure teams on remediation. Keep More ❯

ob Title: Cyber Security Analyst - DV Location: Fully remote Contract Duration : Until Feb 2026 (ad-hoc days as and when needed. Around 10 days/month) Daily Rate: £730.40/day (Umbrella - Maximum) IR35 Status : Inside IR35 Security Clearance: DV Minimum Requirement: Have experience with dealing with real world threats in the serious and organised crime or cyber … Cybersecurity Analyst (CySA+) or a similar certification GIAC Cyber Threat Intelligence (GCTI) or a similar certification GIAC Reverse Engineering Malware (GREM) or a similar certification Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) or a similar certification Any mix of 2 of the above qualifications* The Role: The purpose of this project is to understand how 'real More ❯

advanced penetration testing across applications, APIs, internal infrastructure, networks, and cloud environments. The role involves simulating real-world attacks, identifying vulnerabilities, and providing clear remediation guidance to improve overall security posture. Key Responsibilities * Conduct full-scope penetration tests of applications, APIs, networks, cloud, and internal infrastructure. * Perform network testing, Active Directory enumeration/abuse, and privilege escalation. * Identify weaknesses … audiences, including remediation advice. * Collaborate with development, cloud, and infrastructure teams to close vulnerabilities. Candidate Profile Essential Skills & Experience * 3-7+ years in penetration testing, red teaming, or offensive security. * Strong application security knowledge (OWASP Top 10, API security). * Hands-on experience in end-to-end pentests (internal, external, cloud, AD, web app, API). …/Entra ID. * Cloud platforms: AWS, Azure, GCP. * Practical knowledge of tools such as Nmap, Nessus, Metasploit, Burp Suite, SQLmap, ScoutSuite, Pacu. Desirable * Excellent client communication and reporting skills. * Security certifications (e.g. OSCP, OSEP, GPEN, eCPPT, AWS/Azure Security). * Strong analytical and problem-solving skills. More ❯