Senior Penetration Tester/Cybersecurity Red Team Lead (Certified: OSCP / OSCE / OSWE / CREST / CISSP) at NEUROTIC, Remote, £Competitive Day Rate

Location: Remote (EU / UK / US Time Zones)

Contract Type: Full-Time or Long-Term Contract

Compensation: Competitive day rate or salary commensurate with expertise

About the Role

We’re seeking an elite, hands-on penetration tester to lead complex red-team and vulnerability-assessment engagements across cloud, web, infrastructure, and operational technology (OT/ICS) environments.

You’ll work alongside battle-tested CTOs and cybersecurity engineers within Neurotic Ltd., a global technology house known for delivering high-impact results for energy, FMCG, and enterprise clients in the UK and US.

This isn’t a checkbox-based “run the scanner” role, we’re looking for someone who thinks like an adversary, writes like a strategist, and mentors like a leader.

Key Responsibilities

• Lead and execute full-scope offensive security engagements (external, internal, web, cloud, and wireless).

• Design and run red-team simulations, purple-team exercises, and social-engineering scenarios.

• Build and maintain custom exploits, scripts, and tooling (Python, Go, PowerShell, Bash).

• Perform in-depth threat modeling, risk assessments, and adversary emulations.

• Deliver executive and technical reports with remediation roadmaps aligned to NIST, ISO 27001, SOC 2, and MITRE ATT&CK frameworks.

• Coordinate with defensive teams to improve detection and response capabilities.

• Mentor junior analysts, shape internal testing methodologies, and uphold the highest ethical standards.

Required Certifications & Credentials

We’re looking for a top-1% operator, ideally holding several of the following (or equivalent real-world mastery):

• Offensive Security: OSCP, OSCE, OSEP, OSWE, OSEE

• CREST: CRT, CCT INF / CCT APP

• SANS / GIAC: GPEN, GXPN, GAWN, GWAPT, GREM

• Cloud Security: AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer

• General Security: CISSP, CISM, CEH (Practical), CompTIA Pentest+

• Bonus: Red Team Operator (CRTO I/II), eLearnSecurity eCPTX/eWPTX, or experience in bug bounty programs (HackerOne, Synack, Bugcrowd)

Required Experience

• 8–12+ years of hands-on experience in penetration testing, exploit development, or adversary emulation.

• Strong knowledge of network protocols, operating systems (Windows/Linux), and cloud infrastructures.

• Deep understanding of offensive TTPs (techniques, tactics, and procedures).

• Proven track record leading engagements with enterprise or regulated clients (finance, energy, healthcare).

• Demonstrated ability to write clear, client-ready reports with both technical detail and board-level summaries.

• Experience working within SOC 2 / ISO 27001 environments.

• Familiarity with threat-intel integration, MITRE ATT&CK mapping, and detection-engineering collaboration.

Soft Skills

• Obsessive attention to detail and operational discipline.

• Strong communicator, able to brief both engineers and executives.

• Proactive, low-ego, high-ownership mindset.

• Comfortable operating in high-trust, autonomous environments.

• Passion for continuous learning and open-source contribution.

Nice to Have

• Experience with OT/ICS pentesting (energy, LNG, manufacturing environments).

• Experience integrating with SIEMs, SOAR, and EDR tools during engagements.

• Prior work in defense, government, or regulated financial environments.

• Contributions to open-source security tools or research publications.

Why Join Neurotic Ltd.

• Work directly with CTOs and CISOs from enterprise and fast-growth companies.

• Access to cutting-edge projects, from LNG infrastructure to AI-powered data platforms.

• Global remote culture with vetted experts across the UK, EU and US

• No bureaucracy, just exceptional people solving complex problems.