🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
NetSPI • United Kingdom
Role & seniority: Security Consultant II (Penetration Tester) focused on mobile applications
Stack/tools: Offensive security/pen-testing tools (Kali Linux, Burp Suite, Metasploit, Nessus, Frida, Drozer, Objection, Ghidra); mobile OS knowledge (Android, iOS); Windows/Linux/macOS internals
Conduct mobile app and underlying API penetration testing; identify insecure data storage, communications, or cryptography
Create, deliver, and collaborate on penetration testing reports; align with client processes and reporting standards
Research and develop new techniques/tools; contribute to NetSPI products and methodologies; perform related admin tasks
2–3+ years in application penetration testing; bachelor’s degree or equivalent
Proficiency with offensive tools and mobile application data security concepts
Knowledge of Android/iOS, OWASP Top 10, and IT security frameworks
Familiarity with Windows/Linux/macOS internals; strong written/verbal communication
Ability to work independently and in a team; willing to travel 5–10%; 8-hour workday with possible evenings/weekends for deadlines
Mentoring/coaching experience; external sharing (blogs, webinars, talks)
Programming/scripting (Ruby, Python, Perl, C/C++, Java, C#)
Offensive certifications (GXPN, GPEN, OSCP, CISSP, GWAPT); ARM reverse engineering; Frida tool development
Location & work type: Location unspecified; full-time role
NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world-class security professionals with AI and automation, NetSPI delivers clarity, speed, and scale across 50+ pentest types, attack surface management, and vulnerability prioritization. The NetSPI platform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide, NetSPI has been driving security innovation since 2001.
NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.
Join the mission as a Security Consultant II. We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting mobile applications, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.
Responsibilities
Conduct penetration testing engagements on mobile applications and underlying APIs Identify insecure data storage, communications, or cryptography in mobile applications Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.
Minimum Qualifications
Bachelor’s degree or higher required, with a concentration in Computer Science, Engineering, Math, or IT preferred, or equivalent experience Minimum of 2-3 years of work experience in application penetration testing Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus, Frida, Drozer, Objection, Ghidra) Understanding of mobile application data security, communications, and sandboxes Knowledge of Android and iOS operating systems Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10 and various security frameworks Working knowledge of Windows, Linux and MacOS operating systems internals Ability to work independently and as part of a team Proficient communication skills, both written and verbal Willingness to travel up to 5-10% This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs
Preferred Qualifications
Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#) Offensive cybersecurity certifications (e.g., GXPN, GPEN, OSCP, CISSP, GWAPT) Experience in ARM reverse engineering Experience developing Frida tools to bypass application protections or exploit vulnerabilities
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.