Penetration Tester (Infrastructure)
Job Description
Penetration Tester – Infrastructure
Salary: £70,000–£100,000 (depending on experience)
Location: Hybrid – London (2 days per week on-site)
Note: To be eligible for this role, you must be eligible for UK Security Clearance (SC).
A high-performing digital security team is looking for an experienced Infrastructure Penetration Tester to join them in delivering critical assessments across complex and sensitive client environments.
This is a hands-on internal testing role, not web application focused, where you'll be expected to work independently and navigate challenging systems with confidence.
This role is suited to testers who thrive in technically demanding scenarios, want autonomy, and are motivated by work with real-world impact.
Key Responsibilities
- Conduct internal infrastructure and Active Directory penetration tests in live production environments
- Produce clear, concise reports tailored to both technical and non-technical audiences
- Build trusted relationships with clients in a consultancy-facing capacity
- Work within a small, high-trust team on sensitive engagements
- Contribute to the evolution of internal tooling and testing methodologies
- Operate effectively in environments with limited documentation or predefined processes
Essential Experience and Skills
- At least 4 years’ experience in infrastructure penetration testing
- Strong knowledge of Active Directory exploitation techniques (privilege escalation, lateral movement, etc.)
- Confident working in high-stakes, sensitive environments
- Strong command-line skills across Windows and Linux systems
- Ability to work through legacy systems, unpatched software, and environments with technical debt
Desirable Skills
- Python scripting or automation experience
- Understanding of Operational Technology (OT) networks
- Familiarity with internal infrastructure exploitation tools
Certifications ( but not essential):
- CREST CTM, CTL, CSTM or Cyber Scheme Practitioner
- OSCP (current or lapsed)
If you’re an experienced infrastructure penetration tester looking for meaningful work, we want to hear from you.