BDO Digital Offensive Security Analyst - BDO UK LLP : Job Details

Ideas | People | Trust

We’re BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today’s changing world.

We work with the companies that are Britain’s economic engine – ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them.

We’ll broaden your horizons

At our core, we believe that growth comes from exposure to diverse challenges. In this role, you'll have the opportunity to work across a wide range of engagements, thanks to the trust and scale of our clients.

You will get hands-on experience with web application and API testing, Wireless assessments, Internal infrastructure tests, Mobile App security, Red and Purple team operations, Physical intrusion testing, hardware analysis, and more. No two projects are quite the same, and that’s exactly how we like it. This variety allows our team to explore different domains, deepen existing strengths, and discover new areas of interest, all while solving real-world problems in live environments. Whether you're still shaping your focus or refining an existing specialty, you'll have space here to grow meaningfully.

Manage risk for our clients to make them stronger for the future.

Our Digital Services are designed to enable organisations to leverage our innovative methodologies, technology, and highly experienced professionals to manage their business risks most effectively. Working at BDO offers curious-minded people excellent exposure to all aspects of business strategy, operations and more.

We’re a dynamic team of internal auditors, accountants, technology, and business transformation experts with disciplines in finance, risk, projects and change, cyber and digital, amongst others.

Our extensive network and depth of experience mean we work in a highly client-centric way, focused on providing a collaborative, tailor-made advisory service. Our team helps clients manage their business-critical threats, such as cyber events, and build resilient businesses capable of responding to internal and external events which may interrupt their operations. Being known for exceptional client service in our chosen markets, we put innovation and agility at the heart of everything we do.

This is your chance to join a fast-paced, growing team and help shape the future of Digital at BDO.

We’ll help you succeed

Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships.

You’ll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO’s partners to help businesses effectively. You’ll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with.

We are seeking a highly skilled and experienced offensive security penetration tester to join our dynamic team. This role involves conducting sophisticated penetration testing and red team engagements across various client systems and applications. The successful candidate will be instrumental in identifying vulnerabilities, enhancing client security postures, and leading initiatives to develop cutting-edge penetration testing methodologies and tools. Clients across industries and geographies, staying at the forefront of knowledge of the threat landscape, cyber defence best practices and regulatory expectations. 

Requirements:

•             Strict Requirement: Strong certification in penetration testing such as OSCP (Offensive Security Certified Professional), CTM (Check Team Member), CRT (CREST Registered Tester) and OSWA (Offensive Security Web Attacks) or even better if you have Advanced certifications such as OSEP(OffSec Experience Penetration Tester), CCSAM (CREST Certified Simulated Attack Manager) and CTL (Check Team Leader).

•             Solid experience in offensive security—whether through professional penetration testing, red teaming, bug bounty work, capture-the-flag competitions, or personal research projects.

•             Proven ability to deliver impactful client engagements, demonstrating both technical depth and a practical understanding of risk.

•             Deep knowledge of network protocols, different services, operating systems, different applications and how to break them.

•             Proficiency in tools such as Metasploit, Burp Suite or other proxies such as Caido or Zap, Nessus, CobaltStrike or other C2 frameworks, etc. Bonus points for building your own tools, contributing to community projects, or chaining techniques creatively.

•             Excellent problem-solving skills and a passion for ethical hacking that is persistent, curious, and know how to pivot when things do not go as planned.

•             Experience coding and scripting custom tools in Python, Bash, PowerShell, or anything else that gets the job done.

•             Ability to communicate technical findings clearly to both technical and non-technical stakeholders.

Be yourself

It's at the core of the company's and team's vision. You’ll be able to truly be yourself; we’ll recognise and value you for who you are and celebrate and reward your contributions to the business. We’re committe