For the best user experience please upgrade your browser

Careers at Pen Test Partners

We’re only as good as the people in our team, so we’re always looking for great people. Maybe that’s you?

We at PTP are acutely aware of the lack of diversity in our industry, and are keen to address that.

We are an equal opportunities employer, welcoming applications from people from all walks of life.

It’s very simple, if you have the skills and experience we’d love to talk with you.

What you can expect from us

  • Competitive salary based on experience
  • 25 days holiday + 8 bank holidays
  • Private Medical Insurance and Healthcare Benefit on completion of probation
  • Group personal pension
  • Time and resource for research / pet projects / blogging
  • Financing available for training and conference attendance
  • EV lease salary sacrifice scheme on completion of probation
  • An environment where you can flourish, learn, and grow, as a person not just as an employee

Roles:

All roles are UK based.

How to apply

Send your CV with a covering email to:

By submitting your CV you are confirming you have read and understood our privacy policy and authorise us to keep your CV on file for 6 months in case future job opportunities arise.

Back To Roles▲

Mid Level Pen Testing Consultant

  • A minimum of 2 years of delivering high quality pen testing services
  • Infrastructure, web application as a minimum
  • Manage and deliver complex engagements
  • CTM equivalent qualification (CRT/CSTM etc) as a minimum

Key Responsibilities:

  • Performing a wide range of penetration testing, of different service types on a variety of common and bespoke platforms
  • Help mould and evolve current test service offerings
  • Knowledge sharing within the technical team
  • Using your experience to train current and future junior members
  • Gain further accreditations or stay up to date with current ones depending on the business needs

Desirable:

  • Speciality testing in areas such as mobile testing / Kubernetes / code review
  • Proficient in at least one cloud platform (AWS / Azure / GCP)
  • Interest to perform research in the cyber security field

We may ask you to attempt some CTF style exercises as part of the application process.

Back To Roles▲

Senior Level Pen Testing Consultant

  • A minimum of 5 years of delivering high quality pen testing services
  • Infrastructure, web application and API testing as a minimum
  • Proficient in at least one cloud platform (AWS / Azure / GCP)
  • Manage and deliver complex engagements
  • CTL equivalent qualification (or close to being exam ready)
  • Experience helping with QA and scoping process.

Key Responsibilities:

  • Performing a wide range of penetration testing, of different service types on a variety of common and bespoke platforms
  • Help mould and evolve current test service offerings
  • Knowledge sharing within the technical team
  • Using your experience to train current and future junior members
  • Gain further accreditations or stay up to date with current ones depending on the business needs

Desirable:

  • Speciality testing in areas such as mobile testing / Kubernetes / code review
  • Proficient in at least one cloud platform (AWS / Azure / GCInterest to perform research in the cyber security field

We may ask you to attempt some CTF style exercises as part of the application process.

Back To Roles▲

GRC Cyber Security Consultant (Trainee)

Due to our success, we are expanding our Governance, Risk and Compliance Consulting team so are looking for a self-motivated, ambitious trainee Junior Governance, Risk and Compliance Consultant to join the team.  This is a permanent position , offering advancement dependent on progress and performance.

This is an exciting opportunity where you will have the opportunity to gain valuable experience in a leading cyber security company.  Whilst this will be a challenging position you will be working in a learning environment with the support and experience of skilled professionals and the autonomy to manage your own projects.

The successful candidate will be home based with the requirement of some office and client site visits dependant on client / job requirement.

About You

You will need:

  • a Cyber Security Degree or similar qualification (however might accept a good level of prior knowledge)
  • experience with research and analytical skills
  • basic knowledge of GRC concepts and Cyber security, some experience would be an advantage
  • excellent communication and analytical skills
  • a proven ability to work with people of all levels both technical and non-technical
  • attention to detail with the confidence to seek knowledge and ask questions
  • enthusiasm and willingness to learn and develop skills to a higher level

Main Responsibilities

The role carries a variety of responsibilities that include, but are not limited to:

  • Project support across a diverse client base
  • Auditing and regulatory support (e.g. ISO 27001, PCI DSS, CE+ GDPR)
  • Support regarding industry frameworks (e.g. NIST, CAA)
  • Assisting in the development of documentation and review of internal processes
  • Supporting with due diligence
  • Client Liaison and relationship building
  • Relationship / stakeholder management
  • Collating, analysing, and producing reports

Back To Roles▲

Junior Digital Forensics & Incident Response Consultant

PTP is a respected provider of cyber security consultancy and testing. We have a reputation for delivering work in some of the most cutting-edge industries, including Critical National Infrastructure, Automotive, Aeronautic, and Maritime, along with a range of global brands.

We are seeking a DFIR Consultant to join our team.  Working alongside some of the best hacking minds in the country you’ll be delivering Blue Team services to counterbalance the existing Red Team’s work.

PTP is a people focused organisation where knowledge development is part of our culture. We take pride in providing the highest quality work to our clients.  We believe in a strong company brand and strive to promote the individual reputations of our staff in the cyber security community.

Location:

This is a remote working role, however some travel to company offices and client sites (including international travel) may be required.

Core responsibilities:

Whilst the work will be varied the core responsibilities include:

  • Responding to cyber security incidents for both retained and new clients.
  • Managing and co-ordinating a cyber security response, liaising directly with clients to help them respond, identify, contain, and recover.
  • Conduct digital forensic analysis across corporate networks, varying operating systems, and Cloud environments.
  • Digital forensics and triage of relevant incident data, namely disk images, volatile data and memory dumps, network packets, and log data.
  • Manage and monitor clients receiving MDR or threat hunting services.
  • Review client IR capabilities, assisting them to improve through assessing IR maturity, delivering first responder training, and authoring IR plans and playbooks.
  • Deliver tabletop exercises.
  • Maintain a current view of the cyber threat and be able to advice clients on the threat landscape and the attack trends most relevant to them.
  • Liaise with clients on delivery, implementation, and sales issues.
  • Work to upsell other services and areas of the business.
  • Working to develop new tools and areas to improve the DFIR service lines, including working to develop IR capabilities in areas such as CNI, Automotive, Aeronautic, and Maritime.
  • Promote the service offerings of PTP with blog posts, and public engagements.
  • Provide 24/7 IR coverage through an on-call rota.

Key Competencies:

  • Minimum of 1 years work experience in cyber security and incident response
  • Excellent communication skills, both written and oral
  • Strong IT and Network knowledge, especially the OSI Model, TCP/IP, Common Ports, Networking protocols, Windows and Linux operating systems
  • Technical proficiency in a variety of digital forensics tools, particularly Volatility, KAPE, Velociraptor, CyberTriage, The Sleuth Kit, Autopsy, Wireshark and open-source tools
  • Strong knowledge in attack techniques and indicators of compromise

Desired Competencies:

  • Degree or MSc in cyber security, Digital Forensics, or another related field
  • Basic penetration testing and vulnerability scanning
  • Malware reverse engineering
  • Programming / Scripting, Python, Bash, PowerShell, Yara
  • General information security certifications, GCFA, CISM, CISA, CySA+
  • CREST Certifications, CRIA, CPIA
  • Knowledge of MITRE Att&ck Framework
  • Experience of ISO27001, PCI, CAF, NIST, CREST

Benefits:

  • Competitive salary based on experience
  • 25 days holiday + 8 bank holidays
  • Private Medical Insurance and Healthcare Benefit on completion of probation
  • Group personal pension
  • Time and resource for research / pet projects / blogging
  • Financing available for training and conference attendance
  • EV lease salary sacrifice scheme on completion of probation
  • An environment where you can flourish, learn, and grow, as a person not just as an employee

Back To Roles▲

Senior Digital Forensics & Incident Response Consultant

PTP is a respected provider of cyber security consultancy and testing. We have a reputation for delivering work in some of the most cutting-edge industries, including Critical National Infrastructure, Automotive, Aeronautic, and Maritime, along with a range of global brands.

We are seeking an experienced DFIR Consultant to join our team.  Working alongside some of the best hacking minds in the country you’ll be delivering Blue Team services to counterbalance the existing Red Team’s work.

PTP is a people focused organisation where knowledge development is part of our culture. We take pride in providing the highest quality work to our clients.  We believe in a strong company brand and strive to promote the individual reputations of our staff in the cyber security community.

Location:

This is a remote working role, however some travel to company offices and client sites (including international travel) may be required.

Core responsibilities:

Whilst the work will be varied the core responsibilities include:

  • Responding to cyber security incidents for both retained and new clients.
  • Managing and co-ordinating a cyber security response, liaising directly with clients to help them respond, identify, contain, and recover.
  • Conduct digital forensic analysis across corporate networks, varying operating systems, and Cloud environments.
  • Digital forensics and triage of relevant incident data, namely disk images, volatile data and memory dumps, network packets, and log data.
  • Manage and monitor clients receiving MDR or threat hunting services.
  • Review client IR capabilities, assisting them to improve through assessing IR maturity, delivering first responder training, and authoring IR plans and playbooks.
  • Deliver tabletop exercises.
  • Maintain a current view of the cyber threat and be able to advice clients on the threat landscape and the attack trends most relevant to them.
  • Act as a leader and support for junior staff during client engagements.
  • Assist with project management of engagements, including scoping, sales, billing, and delivery.
  • Liaise with clients on delivery, implementation, and sales issues.
  • Work to upsell other services and areas of the business.
  • Working to develop new tools and areas to improve the DFIR service lines, including working to develop IR capabilities in areas such as CNI, Automotive, Aeronautic, and Maritime.
  • Promote the service offerings of PTP with blog posts, and public engagements.
  • Provide 24/7 IR coverage through an on-call rota.

Key Competencies:

  • Minimum of 3 years work experience in cyber security and incident response
  • Excellent communication skills, both written and oral
  • Strong IT and Network knowledge, especially the OSI Model, TCP/IP, Common Ports, Networking protocols, Windows and Linux operating systems
  • Advanced proficiency in a variety of digital forensics tools, particularly Volatility, KAPE, Velociraptor, CyberTriage, The Sleuth Kit, Autopsy, Wireshark and open-source tools
  • Strong knowledge in attack techniques and indicators of compromise
  • Experience in delivering tabletop exercises and client facing presentations
  • Experience auditing incident response capabilities and information security controls

Desired Competencies:

  • Degree or MSc in cyber security, Digital Forensics, or another related field
  • Basic penetration testing and vulnerability scanning
  • Malware reverse engineering
  • Programming / Scripting, Python, Bash, PowerShell, Yara
  • Public speaking
  • Proficiency with Burp or ZAP
  • General information security certifications, GCFA, CISM, CISA, CISSP, CySA+
  • CREST Certifications, CRIA, CPIA, CCNIA, CCHIA, CCMRE, CCIM
  • Knowledge of MITRE Att&ck Framework
  • Experience of ISO27001, PCI, CAF, NIST, CREST
  • Previous experience providing DFIR in a consultancy environment

Back To Roles▲

Agencies, please read…

Any CVs received from agencies with whom we do not already have terms will be considered a gift.