Digital Threat Digest Insights Careers Let's talk

Penetration Tester



We're looking for a Penetration Tester to join our digital security team.

Our CREST-Certified Penetration Testers, work with organisations of all sizes and types to detect and remediate vulnerabilities before malicious actors can gain access and compromise or steal data. The team tests security of infrastructure and applications, conducts IT Health Checks, and reviews IT configurations to identify gaps threat actors could slip through and make recommendations to safeguard their assets.

What you’ll be doing
  • Providing professional cyber security consultancy to internal and external stakeholders.
  • Leading the delivery of PGI’s penetration testing and overseeing Cyber Essentials Plus engagements.
  • Collaborating on the design and delivery of new as well as existing service lines associated with cyber security assessments.
  • Supporting and often leading technical pre-sales, proposal writing and client engagements.
  • Coaching and supervising junior team members, including supporting their resourcing, development planning, mentoring and knowledge transfer.
  • Growing your people management skills from day one, as the team expands,
  • Developing operational management abilities such as determining optimal utilisation, governing gross profit margins, and forecasting revenue and resourcing needs.
  • Analysing security data, identify patterns and addressing threats and vulnerabilities.
  • Assisting clients with security related issues.
  • Producing high quality technical reports.
  • Performing quality assurance and technical peer reviewing of project reports.
  • Collaborating with colleagues on wider PGI internal or client projects.
  • Proofreading and/or contributing to technical training/development material.
  • Supporting technical delivery projects to achieve successful outcomes.
  • Mentoring security consultants or clients by sharing your own knowledge and experience and overseeing the development of their skills and competencies.
  • Participating in the development or delivery of exercises – such as CTF challenges.
  • Supervising cyber security exercises, trouble-shooting technical configuration, or guiding participants through scenarios
  • Providing accurate scoping of penetration testing opportunities to sales colleagues for new and existing clients.
  • Supporting sales colleagues with client pre-engagement activities including, proposals, presales activities such as client presentations.
  • Supporting marketing colleagues with subject matter expertise insight or development of security related content.
  • Developing and maintaining technical skills and required certifications, using training platforms such as Hack The Box.
  • Staying current with the latest cyber security trends, threats, and technologies.
  • Lead by example, demonstrating commitment, work ethic, and a positive attitude.
  • Oversee the day-to-day operations of your team, ensuring efficient workflow and project delivery, conduct regular team meetings to discuss progress, obstacles, and strategies.
On day one you will bring
  • Commercial experience in a penetration testing or security consulting role, a minimum of 3 years.
  • Experience in delivering penetration tests and vulnerability assessments for applications, network infrastructure and cloud services.
  • Relevant professional certification is highly desirable, such as OSCP or CREST CRT.
  • Experience with commercial security tools such as Nessus, Burp Suite and Metasploit.
  • Excellent verbal and written communication skills, with the ability to present to clients.
  • An initiative-taking approach who can manage time, schedules, and the ability to work to deadlines.
  • Excellent critical thinking skills with a willingness to overcome problems and think outside-the-box or innovate.
  • A good understanding of network security and core networking protocols (TCP/IP).
  • A university degree in Computer Science, Information Technology, or equivalent work experience in a suitably related field.
  • Strong knowledge in industry frameworks such as OWASP and OWASP Top 10.
  • Ability to work independently and as part of a team, with a strong appetite for knowledge sharing collaboration.
  • Knowledge and experience with scripting languages.
  • Eligibility for security clearance.
  • Knowledge of operating systems, networks, and cloud platforms.
  • A passion for security and networks.
  • Self-motivation with a commitment to continued development.
About PGI

We empower organisations and nations to counter digital threats. Our internationally acclaimed team of digital threat experts and thought leaders work at the cutting-edge of threat detection, continually scanning the horizon for next-generation risks. We use technology to support deep human insight, enabling us to build long-range resilience for clients.​​

We are trusted worldwide by governments, global NGOs and corporations.​

Diversity, Equity and Inclusion at PGI

As a British company which operates internationally, we draw strength from the diversity of our people. Without our diverse team, we couldn’t do the work we do. We are involved in projects across 80+ geographies, our people speak 25+ languages and come from a variety of backgrounds. By hiring and cultivating a diverse, equitable and inclusive workforce, we can uphold values that enable every member of the team to thrive, while delivering novel solutions to novel problems.

Accessibility at PGI

Every individual has different requirements, so we are committed to implementing reasonable adjustments to mitigate physical and non-physical barriers in the workplace.

We strive to make the recruitment process as accessible as possible, but if you have any questions or concerns, please get in touch.

To apply, please send your CV to

Please note: We are not accepting applications or speculative profiles from any recruitment agencies. If we require additional resource, we will reach out to you.