CHECK or CREST Penetration Tester

Role: Penetration Tester
Location: Leeds (Hybrid + Site Visits)
Salary: £40,000 - £45,000 DOE
Type: Permanent, Full-Time

Summary:

We are looking for a skilled and motivated Penetration Tester to join a growing security team in Leeds. The main purpose of this role is to deliver high-quality offensive security assessments across web applications, APIs, and infrastructure, helping clients understand and remediate vulnerabilities across their environments.

This is a great opportunity for a CHECK Team Member (CTM) or a tester actively progressing along the CREST pathway (CRT) to take ownership of engagements end-to-end, work alongside experienced consultants, and continue developing technically across a varied client base. This role operates on a hybrid basis in Leeds, with occasional site visits required.

Key Responsibilities:

• Carry out web application, API, and infrastructure penetration tests, taking ownership of engagements from scoping through to final report delivery.
• Support purple team activities including phishing simulations and malicious insider style assessments.
• Produce clear, professional reports for clients, tailoring findings to client-specific context and business risk.
• Communicate high-risk vulnerabilities to clients as they are identified, supporting swift remediation.
• Support junior team members and assist with quality assurance on reports where required.
• Assist with the maintenance of internal penetration testing infrastructure, including device setup and tooling updates.
• Stay up to date with the evolving threat landscape, contributing to internal knowledge sharing and continued team development.

Requirements:

• CHECK Team Member (CTM) status, or actively working towards CREST Registered Tester (CRT) on the CREST pathway.
• Hands-on experience delivering web application, API, and/or infrastructure penetration tests in a professional setting.
• Strong understanding of common vulnerability classes (e.g. OWASP Top 10), exploitation techniques, and remediation guidance.
• Confident client-facing communication skills, with the ability to explain technical findings to both technical and non-technical audiences.
• Strong written reporting skills, with the ability to produce clear, well-structured deliverables.
• A genuine passion for offensive security, demonstrated through CTFs, labs (e.g. Hack The Box, TryHackMe), research, or community involvement.

Benefits:

• Salary: £40,000 - £45,000 DOE
• Hybrid Working
• Company Pension Scheme
  
  

Role: Penetration Tester
Location: Leeds (Hybrid + Site Visits)
Salary: £40,000 - £45,000 DOE
Type: Permanent, Full-Time

Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.