Associate Consultant, Offensive Security

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software.

We're looking to grow our team of penetration testers in the UK. We test web and mobile applications, computer networks, cloud infrastructure, hardware devices, security awareness through social engineering, organizations through red and purple team exercises, and more.

At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges.

Apply now to join One team, One Kroll.

What you’ll do

As an Offensive Security Consultant, you’ll be reporting to a Vice President in our Offensive Security team and deliver projects for our clients, large and small, across Europe and North America. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement.

In summary, you will:

• Execute offensive security and consultative engagements for our clients by testing their applications, cloud assets, and infrastructure
• Author deliverables, such as technical and executive reports
• Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations
• Update your skills and knowledge with the latest trends in cybersecurity and emerging technology

What you’ll need to succeed

• Bachelor’s degree or college diploma in cybersecurity, computer science or engineering, software engineering, or IT/System/Network administration

• 2+ years in cybersecurity, with at least 1 year in penetration testing, cloud security, or red teaming

• A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Testing Guide, TIBER EU, MITRE ATT&CK, PTES, or others
• An ability to analyze root causes and deliver technological recommendations to our clients
• Excellent oral and written communication skills
• Experience working both as part of a global team and independently
• CREST CPSA, CREST CRT, OSCP, or OSWE certifications are an asset

In order to be considered for a position, you must formally apply via careers.kroll.com .

Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

#LI-TM1

#LI-Remote