Junior Penetration jobs

About Us

Punk Security is a fast-growing, CREST-accredited cyber security consultancy with a proud passion for delivering honest, high-quality security solutions. We specialise in DevSecOps and hands-on penetration testing, helping organisations build secure systems from the ground up. Our team is driven by curiosity, collaboration, and a commitment to doing great work that has a real impact.

If you're passionate about security and want to work in a supportive, expert-led environment where your voice matters, Punk Security could be the place for you.

About the role

We are currently hiring for both junior and mid-level penetration testers to join us in our infrastructure team. We're looking for talented individuals who have a solid foundation of IT and a genuine, demonstrable passion for cyber security. This is a chance to join a growing team of skilled consultants, working on a broad range of interesting technologies and challenges.

Day-to-Day Responsibilities

• Support the team on infrastructure penetration tests, including broader vulnerability assessments and security audits as needed.
• Contribute to the production of clear, professional reports tailored to both technical and non-technical audiences.
• Contribute to testing debriefs to clients following engagements, providing clear explanations to both technical and non-technical audiences.
• Stay current with emerging security threats, tools, and industry trends.
• There is potential for travel to client sites (UK) when necessary, though this is extremely rare.
• Contribute to improving team methodologies, documentation, tools, and processes.
• Work collaboratively with both the infrastructure and web application teams.
• Manage multiple client engagements effectively.
• Build strong, trusted relationships with clients as a reliable security partner.

Key Skills We're Looking For
Essential

• A minimum of 2 years of hands-on industry experience in a penetration testing role.
• Strong technical understanding of network and cloud infrastructure.
• Knowledge of common vulnerabilities and risk mitigation strategies.
• A genuine passion for security.
• The ability to manage own workflow and timings in a fast-paced environment.
• A drive to develop and progress within the team and the company.
• Meticulous attention to detail and commitment to quality.
• Must have lived in the UK for at least the past 5 years and be willing to undergo security vetting (non-negotiable)

Desirable

• Industry certifications (e.g OSCP, CRT, CSTM etc.)
• Experience with scripting languages such as Python, Bash, or PowerShell
• Security Clearance (BPSS, SC, DV)

Benefits of working with us

• Work with a passionate, supportive, and security-driven team
• Opportunities for travel (examples of previous events include GISEC Dubai, conferences across the UK, BlackHat USA)
• Opportunity to grow your role in line with the team's expansion
• Industry certifications and training
• Potential for performance bonuses
• Private health cover (including dependents up to age 18)
• Office located in the market town of Northallerton - excellent transport links, free onsite parking and close to a number of gyms and restaurants

Punk Security is an equal opportunities employer

At Punk Security, we are committed to creating an inclusive, diverse, and respectful workplace where everyone has the opportunity to thrive. We welcome applications from people of all backgrounds and believe diverse perspectives help us deliver better outcomes for our clients, our team, and our industry. If you’re passionate about cyber security, believe you meet the needs of the role and want to be part of a supportive, forward-thinking team, we encourage you to apply.

Punk Security is also a proud Silver Award holder of the Armed Forces Covenant. We recognise the valuable skills and qualities ex-forces personnel bring to cyber security and actively encourage applications from veterans, reservists, and service leavers.

Job Types: Full-time, Permanent

Pay: £40,000.00-£50,000.00 per year

Benefits:

• Casual dress
• Company events
• Employee mentoring programme
• Free parking
• On-site parking
• Paid volunteer time
• Private medical insurance
• Transport links
• Work from home

Application question(s):

• Due to the nature of our projects, we require all applicants to have resided in the UK for at least 5 years and be eligible and willing to apply for security clearance.

Unfortunately, we cannot accept applications from candidates residing outside of the UK, or who do not meet this criterion.
Please confirm you have lived in the UK for the last 5 years and would be willing to undergo security clearance.

Experience:

• IT industry: 2 years (required)
• in-industry Penetration testing: 1 year (preferred)

Licence/Certification:

• CREST or Cyber Scheme Team Leader qualification (preferred)

Work authorisation:

• United Kingdom (required)

Work Location: Remote