Penetration Tester Manager / Client Lead - Predominantly a remote role with a small requirement to be on the client site in Farnborough 2 days every fortnight, likely no more than 4 days on-site a month with travel expenses covered)
We are seeking an experienced Penetration Tester Manager / Client Lead who has gravitas, technical capability but also excellent communication skills to join our client - a leading consulting firm specialising in complex cloud, digital and data solutions for leading UK public and private sector organisations.
This is a fantastic opportunity to build out a penetration testing service capability for a leading technology services company whilst being the main client contact for a prestigious, high-profile client (no doubt you will know the brand) with responsibilities in managing the onsite team, leading technical capabilities and strategy.
We are looking for an experienced Senior Web Application Penetration Tester who has experience working as a principal Client Lead / Manager. The ideal candidate will follow OWASP principles, showcasing expertise in penetration testing with a primary focus on web applications. Additionally, a strong understanding of the NIST framework is essential to ensure alignment with industry standards and best practices.
This role is to work with the specific client on a secondment basis dedicated to the one client so no other consulting or travelling being away from home for long periods.
As the Penetration Tester Client Manager you will take the lead in advanced penetration tests and vulnerability assessments across a diverse range of cutting-edge applications. You will take a hands-on approach to evaluating the security of applications, networks, and systems and you will play a critical role in integrating robust security standards into the development process, ensuring that vulnerabilities are identified and mitigated at every stage.
This highly technical and hands-on position places you at the heart of cyber defence, actively identifying, exploiting, and mitigating security vulnerabilities in web, mobile, and cloud-based platforms for a large global client.
You’ll leverage tools and methodologies to stay ahead of evolving threats, collaborating with development teams to embed robust security practices directly into the SDLC. Your expertise will be instrumental in fortifying the organisation’s digital assets and ensuring resilience against cyber adversaries.
This is a unique role that offers client work without the unknown of a typical consulting lifecycle, not to mention an excellent opportunity to develop into a director-level role.
Responsibilities of Penetration Tester Client Manager:
Penetration Testing & Vulnerability Assessment
* Lead penetration tests and vulnerability assessments on applications, networks, and systems, exposing and documenting critical risks with actionable remediation strategies.
* Stay ahead of emerging threats, ensuring cutting-edge testing methodologies and solutions are applied effectively.
Leadership & Collaboration
* Mentor and guide a dedicated security team while working cross-functionally to embed best practices across operations and development lifecycles.
Security Risk Management
* Drive the vulnerability management program, performing risk assessments and enhancing security posture through strategic mitigation plans.
Incident Response
* Investigate and mitigate real-time threats, minimizing business impact, and delivering post-incident root cause analysis with tailored action plans.
Strategic Security Improvement
* Innovate and refine security policies, adopting advanced tools and techniques to bolster defences and stay aligned with industry standards.
Experience required as the Penetration Tester Client Manager:
* Must have excellent communication and stakeholder management skills – we are looking for confidence and gravitas!
* Technical Mastery: Expertise in penetration testing tools like Burp Suite, Metasploit, and OWASP, alongside manual testing techniques.
* Deep Security Knowledge: Strong understanding of application vulnerabilities (SQL injection, XSS, etc.), cloud security, and DevSecOps integration.
* Proven Experience: minimum 5-7+ years in information security with a track record of delivering impactful penetration testing and vulnerability assessments.
* Certifications That Set You Apart: CEH, OSCP, CISSP, or similar qualifications preferred but not mandatory
If you’re a passionate security professional eager to lead, innovate, and make a difference, apply today and be part of a team that’s redefining the future of information security!