Senior Security Consultant

Job description

About Claranet
Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business.

Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.
At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges.

We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.
We are agile, focused and experienced in business modernisation.

Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business.

We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.
In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.
Working For Claranet
Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it).

We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.
But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart.

We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.
Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce.

We are also very proud members of Tech Talent Charter, a government supported, industry-led membership group created to address the UK’s tech talent shortage and diversity gap through collective action.
Our Vision
Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.
Position Summary
The Sr. Security Consultant has responsibility for everything from client projects to development work and training, dealing with large corporate penetration testing.

With a focus on large-scale corporate penetration testing, this role demands both technical excellence and strong client engagement skills.

The consultant is passionate about uncovering vulnerabilities and translating findings into actionable improvements, while building strong relationships through clear communication and exceptional customer service.
Our team is growing, and we need inspiring people to join us and help us to continue to build a world leading cyber security operation whilst benefiting from the opportunity to fulfil their potential.
Based in India, this work will lead on penetration testing and have the opportunity to work on projects with worldwide clients, and will form part of our global team of penetration testers who share research, tooling, experience and collaborate freely on projects.
As a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training, to both private customers, at our own events, and at leading international conferences.
Objectives and Key Results
The Sr. Security Consultant is part of the Consultancy Team and represents a trusted advisor and subject matter expert in cybersecurity.
The key objectives will be to:
Deliver high-quality penetration testing and security assessments across web, mobile, network, and emerging technologies such as AI/LLM.
Provide expert guidance and recommendations to clients for improving their security posture.
Mentor and support junior consultants, helping to grow the team’s overall capabilities.
Essential Duties and Responsibilities
Work individually or as a part of team delivering security assessments to NotSoSecure clients both remotely and onsite
Conduct AI/LLM-specific security assessments, including:
Prompt injection testing and jailbreaks.
Data poisoning and model inversion attacks.
Misuse testing for LLM-integrated applications (e.g., chatbots, copilots, RAG pipelines)
Perform web application penetration testing, infrastructure penetration testing, code reviews and/or mobile application penetration testing
Exploit vulnerabilities identified in client systems
Create assessment reports explaining technical and business risk of the vulnerabilities discovered including remediation recommendations for the clients
Communicate vulnerabilities to clients
Manage project related tasks as per communicated deadlines
Keep abreast with latest technology risks and utilise them in projects
Participate in project conference calls and lead the technical content on those calls
Key Skills and Requirements
4+ years of experience in Information Security focussing on penetration testing
2+ years of client facing consulting work experience performing penetration testing
2+ years of work experience performing the AI/LLM penetration testing
Strong technical skills in the areas of web application and web services penetration testing, infrastructure penetration testing and mobile apps penetration testing
Hands-on knowledge of AI/ML fundamentals, including:
NLP, transformers, and LLM architecture.
Prompt engineering techniques (and bypasses).
Common AI/ML attacks and defenses.
Experience testing RAG (Retrieval Augmented Generation) and vector databases.
Familiarity with frameworks like LangChain, LlamaIndex, Hugging Face.
Experience with AI model hosting platforms (OpenAI, Anthropic, Azure OpenAI, local LLMs).
Experience with penetration testing tools and tool suites such as Burp Suite Pro, NetSparker, Kali Linux, SQLMap, Nessus, etc
Programming language skills such as Python, Java, .NET, C or C++ - (nice to have)
Experience working with at least one scripting languages such as Python, Ruby, Bash, Javascript, etc.
Operating systems skills such as Windows, Linux etc
Excellent english language skills and ability communicate complex vulnerabilities to clients
Spending time practicing skills on platforms such Hack The Box, Pentester Lab, Vulnhub, etc.

and participating in CTF competitions
Demonstrate high ethical standards
Ability and Desire to travel upto 25% of the time (both nationally and globally)

Required Skill Profession

Computer Occupations