Penetration Tester

Penetration Tester

Position Description
CGI Cyber Security Team in the UK is one of the largest cyber consultancies in the country, with around 300 members. The UK Cyber team works across multiple domains including Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking, and Financial Services.

At CGI, you will have the opportunity to work across a wide range of sectors and cyber security disciplines, enabling you to grow and develop your career. We provide end-to-end security services, including risk assessments, vulnerability management, accreditations (ISO27001, GDPR), governance, risk and compliance (GRC), security architecture, incident response, protective monitoring, and penetration testing.

We support clients throughout their security journey, helping them improve their overall security posture, maturity, and resilience in line with their requirements.

Training and development are central to CGI’s approach. You will receive continuous learning opportunities aligned to both industry changes and your personal career goals, supporting your progression in any direction you choose.

Please note: these roles are only available to candidates who hold, or are eligible to obtain, UK Security Clearance.

Your future duties and responsibilities
You will join CGI’s Cyber Security business unit as part of an established penetration testing team. This opportunity has arisen due to continued growth, with CGI having delivered penetration testing services for over 30 years across both public and private sector clients.

You will be responsible for conducting security assessments across a range of technologies, including bespoke applications, cloud environments, and mobile platforms.

Key responsibilities:
• Conduct penetration testing across web, infrastructure, cloud, and mobile environments
• Assess and identify vulnerabilities in client systems and applications
• Produce clear and detailed technical and executive-level reports
• Work closely with clients to explain findings and remediation approaches
• Contribute to continuous improvement of testing methodologies
• Support delivery across multiple sectors and engagement types
• Collaborate with senior testers and security consultants

Required qualifications to be successful in this role
Relevant industry certifications are essential or highly desirable, including:

• CHECK Team Leader (CTL)
• CHECK Team Member (CTM)
• CREST Certified Tester (CCT) / CCT Infrastructure / CCT Application
• CREST Certified Simulated Attack Specialist (CCSAS)
• CREST Practitioner Security Analyst (CPSA)
• Cyber Scheme Team Member (CSTM) / Team Leader (CSTL)
• TigerScheme QSTM / QSTL
• CREST Registered Tester (CRT)
• Offensive Security Certified Professional (OSCP)