Rodeo
ResourcesPartnersSign in

Oscar

Penetration Tester

London
£55k – £60k/yr
Posted about 19 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Penetration Tester (CREST, OSCP) | Hybrid, London | £55-60k

We are working with a well-established cyber security and AI consultancy that is looking for a mid-level Security Testing Consultant to join their growing testing practice in London. This is a great opportunity to work within an accredited testing team, delivering hands-on technical engagements for a varied client base.

The consultancy has a clear, structured route into specialist service lines including AI security, assumed breach exercises and red teaming over the next 2 years - making this a strong move for someone who wants more than a standard testing role.

Location: London (3 days onsite)
Salary: £55,000-60,000 + competitive package

What You'll be Doing:

  • Owning the full delivery of penetration testing engagements, from scoping through to testing, reporting and client debriefs
  • Testing across web applications, infrastructure, cloud platforms and APIs, with mobile and wireless work as project mix demands
  • Producing clear, well-written reports and presenting findings confidently to both technical and executive audiences
  • Providing remediation guidance and follow-up support once engagements are complete
  • Contributing to the ongoing development of the team's testing methodology and tooling
  • Supporting and mentoring junior members of the testing team
  • Staying current with offensive security research, techniques and emerging threats

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Key Skills and Experience Needed:

  • Around 2-5 years' hands-on penetration testing experience
  • Strong web application testing skills aligned to OWASP WSTG, with solid Burp Suite experience
  • Confident infrastructure and network testing background, including Active Directory
  • Cloud security testing experience in at least one of AWS, Azure or GCP
  • API testing experience - REST essential, GraphQL desirable
  • Confident use of core offensive tooling: Kali, Burp Suite, Nmap, a vulnerability scanner (Nessus, Qualys or similar), and Metasploit
  • Good understanding of common application, network and cloud security controls, and how they can fail
  • At least one current accreditation such as CREST CPSA/CRT, OSCP or OSWE (or equivalent)
  • Strong written English and the ability to produce clear, structured reports

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Desirable Skills:

  • Familiarity with mobile testing concepts (OWASP MASTG) and/or wireless testing
  • Containerisation (Docker/Kubernetes) or CI/CD security knowledge
  • Red team or social engineering exposure
  • Any hands-on AI/LLM security testing experience

Why This Role?

This isn't a "testing treadmill" position. There's a clearly mapped progression path that moves successful consultants from core testing work into higher-value, more specialist services - including AI security assessments, assumed breach exercises and red team operations.

Study time and funded certifications (potentially including OSCP, OSWE, OSEP, CRTO, CCT and emerging AI security accreditations) are built into the personal development plan, alongside conference attendance.

If this sounds right for you, apply now for immediate consideration!

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Penetration Testing
Web Application Testing
Infrastructure Testing
Cloud Security Testing
API Testing
Burp Suite
Active Directory
Kali
Nmap
Vulnerability Scanning
Metasploit
OWASP WSTG
Remediation Guidance
Security Controls
Mobile Testing
Containerization

Location

London, England, United Kingdom

Sign up to applySee more jobs like this