Lead Security Consultant

• CREST standards

• OWASP Testing Guide

• Review and validate findings to ensure technical accuracy and consistency.

• Perform peer reviews and quality assurance of technical reports.

• Lead technical investigations and exploitation activities where advanced expertise is required.

• Assist in developing new service offerings and offensive security capabilities.

Team Management

• Manage and develop a team of penetration testers and security consultants.

• Conduct regular one-to-one meetings and performance reviews.

• Support recruitment activities, including:

• CV reviews

• Technical interviews

• Assessment exercises

• Create and manage personal development plans for team members.

• Identify training requirements and support professional certification pathways.

• Mentor junior and mid-level consultants.

• Foster a collaborative and high-performance team culture.

• Support succession planning and capability development within the team.

Client Engagement

• Act as a trusted technical advisor to clients.

• Participate in client scoping discussions and pre-sales engagements.

• Support sales teams with:

• Technical proposals

• Statements of Work

• Effort estimations

• Solution design

• Present findings to both technical and non-technical stakeholders.

• Deliver remediation workshops and technical debrief sessions.

• Build long-term client relationships through exceptional service delivery.

Governance & Compliance

• Ensure adherence to:

• NCSC CHECK standards

• CREST Codes of Conduct

• Company policies and procedures

• Information security requirements

• GDPR and data protection regulations

• Support audit and accreditation activities.

• Maintain accurate project documentation and testing records.

• Ensure testing activities are conducted safely, ethically, and within agreed scopes.

Essential Skills & Experience

Technical Experience

• Minimum 5+ years of penetration testing experience.

• Demonstrable experience leading complex penetration testing engagements.

• Strong expertise in:

• Web application security

• Network penetration testing

• Active Directory security assessments

• Cloud security testing (Azure and/or AWS)

• Vulnerability research and exploitation

• Strong understanding of IT environments including Cloud:

• Experience using industry-standard tools.

Leadership Experience

• Previous line management experience.

• Experience leading and mentoring technical teams.

• Demonstrated ability to manage multiple concurrent projects.

• Experience in performance management and staff development.

• Strong stakeholder management skills.

Essential Qualifications & Certifications

Candidates must hold one or more of the following:

Mandatory

• NCSC CHECK Team Leader (CTL) status or demonstrable eligibility to obtain CTL.

• Current UK Security Clearance (SC) or ability to obtain and maintain clearance.

Personal Attributes

• Strong leadership and mentoring capabilities.

• Excellent written and verbal communication skills.

• Ability to explain technical concepts to non-technical audiences.

• Commercial awareness and client-focused mindset.

• High attention to detail.

• Strong analytical and problem-solving abilities.

• Ability to work independently and make informed decisions.

• Professional, ethical, and trustworthy.

• Passionate about developing others and advancing offensive security capabilities.