Careers

Careers at RedSecLabs

Senior-led, technically rigorous, real client work. We hire people who treat cybersecurity as a craft and want to spend their career deepening it.

Why work at RedSecLabs

Built for the people who actually want to do the work

We are a senior-led consulting practice. That means real client engagements, real technical depth, and no junior pass-through. If you want to spend more time doing the work and less time managing handovers, we are the kind of place worth a conversation.

01

Senior consultants only

Every engagement is led by a senior consultant. No bid-and-deliver mismatch, no junior team behind the scenes. You are doing the work that was sold.

02

Real technical work

Pentesting, code review, incident response, red team engagements. Not slide decks for slide decks’ sake. CREST-accredited methodology across the practice.

03

Regulated client base

Banks, fintech, healthcare, NHS, government, SaaS. Real exposure to PCI DSS, ISO 27001, SOC 2, GDPR, DORA, SWIFT CSP. Domain expertise compounds.

04

Time for research

Allocated time for original research, CVE work, conference talks, and publication. Our research feeds the consulting practice and is part of the firm’s positioning.

05

Modern delivery

Tooling that supports rather than gets in the way. Fixed-fee scoping that protects you from scope creep. Clear documentation standards.

06

Long-term tenure

We optimise for people who want to spend years deepening their craft, not 18 months to a CV bump. Tenure compounds. So does compensation.

Working at RedSecLabs

Benefits & the practical stuff

Competitive compensation, flexible working, and the support that makes a long career sustainable.

Flexible working
Hybrid by default. Office time when collaboration warrants it.
Certification budget
OSCP, OSCE, CREST CRT/CCT, CCSP, CISSP. We pay for the ones you want.
Conference attendance
Black Hat, DEF CON, BSides, sector-specific events. Speaking encouraged.
Research time
Allocated time for original research, CVE work, and publication.
Private healthcare
Comprehensive UK private medical cover for you and dependants.
Pension match
Competitive employer pension contribution, above statutory minimum.
Generous leave
25 days plus bank holidays. Additional days for tenure.
Mentorship
Pairing with senior consultants on real engagements from day one.
Current openings

Roles we’re hiring

We hire continuously across penetration testing, compliance consulting, and incident response. If you do not see your exact role listed but think you would be a fit, send us your CV and we will follow up.

Practice · Offensive Security
Senior Penetration Tester
London / Hybrid Full-time Senior

Lead penetration testing engagements across web, network, and cloud. CREST-aligned methodology. Senior consultants only, no junior pass-through team.

Practice · Compliance
QSA-Aligned PCI DSS Consultant
London / Hybrid Full-time Senior

Deliver PCI DSS QSA engagements across UK, US, and Middle East. Mix of full audits, gap assessments, and ASV scanning programmes.

Practice · Incident Response
Senior Incident Response Consultant
London / On-call Full-time Senior

Lead investigations across ransomware, BEC, data exfiltration, and post-breach forensics. Retainer client base plus emergency response.

Practice · Compliance
SOC 2 / ISO 27001 Consultant
London / Hybrid Full-time Mid , Senior

Lead SOC 2 and ISO 27001 programmes for SaaS, fintech, and regulated tech firms. Combined-framework delivery, evidence reuse across audits.

Do not see your role listed?

We hire continuously across the consulting practice. Send your CV and a short note on the kind of work you want to be doing, and we will follow up the same week.

Email [email protected]
📞 Call us Book a call