Associate Consultant, Security Testing and Red Teaming

Description

The Associate Consultant, Security Testing and Red Teaming is an early-career role for security professionals who are passionate about offensive security and penetration testing. This role is designed for individuals with strong fundamentals, hands-on technical capability, and the drive to develop into a well-rounded offensive security consultant.

You will primarily support and deliver penetration testing engagements across web applications, internal and external infrastructure, and cloud environments. Over time, you will be exposed to a broader range of offensive security activities, including adversary simulation, red teaming, tooling development, and security research.

This role provides structured mentorship, hands-on experience across real client environments, and a clear progression pathway toward senior penetration testing and red teaming roles.

Roles and Responsibilities

• Conduct penetration testing engagements under the guidance of senior consultants, including: Web application penetration testingNetwork and infrastructure penetration testing (internal and external)Cloud security testing (e.g. AWS, Azure, GCP)Mobile application penetration testingIOT penetration testingOT penetration testing
• Execute assigned testing activities responsibly and professionally, following defined scopes, rules of engagement, and methodologies.
• Identify, validate, and exploit security vulnerabilities using industry-standard tools and manual techniques.
• Document findings clearly and accurately, including technical details, evidence, and remediation recommendations.
• Assist in preparing high-quality technical reports and contribute to executive-level summaries.
• Participate in engagement activities such as kick-off calls, scoping discussions, and post-engagement briefings where appropriate.
• Collaborate with team members during testing, including peer reviews and technical walkthroughs.
• Maintain detailed testing notes, logs, and artifacts to support quality assurance and reporting.
• Continuously develop technical skills across penetration testing, exploitation techniques, and security fundamentals.
• Stay current with emerging vulnerabilities, attack techniques, and offensive security tooling.
• Over time, support or participate in broader offensive security activities, such as: Adversary simulation and red teaming exercisesAutomation or tooling developmentSecurity research and proof-of-concept development

Requirements

• Offensive Security Certified Professional (OSCP) certification is required.
• Strong understanding of penetration testing methodologies and ethical hacking principles.
• Solid foundations in: TCP/IP networkingOperating systems (Windows and Linux)Web application architecture and common vulnerabilities
• Exposure to scripting or programming (e.g. Python, Bash, PowerShell).
• Familiarity with common vulnerability classes (e.g. OWASP Top 10, misconfigurations, credential abuse).
• Basic understanding of Active Directory security concepts.
• Exposure to cloud platforms or containerised environments will be useful.
• Hands-on experience using common penetration testing tools (e.g. Burp Suite, Nmap, Metasploit, BloodHound).
• Ability to write clear, structured, and technically accurate documentation and reports.
• Strong desire to grow into advanced offensive security and red teaming roles.
• Strong analytical mindset and problem-solving skills.
• Professional conduct, integrity, and respect for confidentiality.