CTL Level Penetration Tester/ Security Consultant

Position Title: Penetration Tester/ Security Consultant (CTL) 

Location: IRM office in Cheltenham, home and client sites.

Department: Technical

Reports to: Managing Consultant

The Company

Information Risk Management Ltd (IRM), founded in 1998, is an international award winning information security consultancy and software house and is transitioning from purist consultancy into an overall solutions company.  We have 18+ years of top flight consultancy at the highest accredited level attainable which has given IRM Ltd the credence and credibility to develop our Cyber Security Management Platform – Synergi.  This means that IRM is considered to be within the top 5 consultancies with a very capable reporting and analysis platform.  We can also be viewed as a pure software house which has over the past 18 years defined the shape and focus of the Cyber Security industry.  Details of our Synergi software can be viewed at www.irmsecurity.com.

We are accredited via the intelligence services (CESG) and with an impressive portfolio of high profile clients within Central Government, MOD, FTSE 250, the commercial sector and overseas engagements.

Working with large enterprises, we help our clients identify and mitigate the risks inherent in today’s increasingly interconnected business environments.  Today, our portfolio includes a wide range of technical assurance services, complemented by a wealth of security management and risk assessment options, covering the full spectrum of our clients’ information security requirements.

Role Summary:

  • Work as a professional, deliverable Penetration Tester / CTM, offering IRM’s clients a totally professional customer service experience, whilst adhering to IRM’s core values and company policies and procedures.
  • Conduct the full range of effective and comprehensive technical assessments and consultancy services to the highest standards, including IRM core technical services.
  • Maintain an accurate and up to date knowledge of information security issues, keeping abreast of new technologies, methodologies, techniques, vulnerabilities and market trends and communicate this throughout the team.
  • Produce concise and accurate technical reports and executive summaries, in line with client and company expectations in accordance with the QA manual and within defined deadlines.
  • Participate in more specialist areas of technical assessments and consultancy services where required.
  • Participate in delivery of security management consultancy including health checks, risk assessments and compliance and standards based audits, where required.
  • Engage with and fully participate in research & service development projects.
  • Ensure professional, coherent and relevant communication within IRM and our clients at an appropriate level, using relevant language and at all times, behave in a manner that reflects the values of IRM. Maintain confidentiality at all times.
  • Ensure that work is carried out in accordance with defined IRM policies and procedures.
  • Complete all tasks in a manner that displays a commercial awareness; i.e. managing client expectations and ensuring that project tasks are completed on time and on budget.
  • Where necessary assist the commercial team in the preparation of test scopes and proposals.
  • Complete administrative duties, which include weekly timesheet and expense submissions, as director by your line manager, Finance and HR.
  • Through the course of your duties, identify opportunities for further business development and growth and ensure that this is communicated to your line manager, the PMO and Sales department.
  • Carry out any other additional, reasonable and alternative tasks that may be required from time to time.

Key Skills

Knowledge, Skills & Experience Required:

  • Must have experience in an IT security role to CTM level and have, or be able to attain SC clearance.
  • Demonstrates an excellent knowledge of penetration testing skills at infrastructure and application layers and keeps knowledge up to date.
  • Knowledge of system configuration auditing including Windows & *NIX operating systems, network devices, firewalls, IDS/IPS devices, wireless technologies etc.
  • Good understanding of common security standards and regulatory compliance.
  • Excellent written and verbal communication skills.
  • An Ability to work effectively and positively within a team and willing to collaborate and readily share knowledge and skills.
  • Great organisation skills and ability to work in a pressurised environment whilst working towards and achieving deadlines.


Cyber Security related qualifications CTM / CTL

SC Clearance (or ability to attain this immediately)


To apply for this role please send your covering letter and cv to claire.uprichard@irmsecurity.com