Head of Penetration Testing

Location: Leeds (Hybrid) / UK (Remote)

Salary: £100K - £120K (DOE)

Cognisys is entering its next phase of growth. As demand for our Penetration Testing services accelerates globally, we are seeking an exceptional Head of Penetration Testing to take ownership of our day-to-day practice operations, performance and client delivery expectations.

This is not a pure technical escalation role. It is a practice leadership role.

You will lead, shape and scale a high-performing team of Security Consultants and Managing Security Consultants across multiple regions. You will drive utilisation, quality, delivery standards, commercial performance and client satisfaction, ensuring our penetration testing function operates with clarity, consistency, client focus and momentum.

You will work in close partnership with our Technical Director. The Technical Director will focus on strategic tooling, R&D and emerging offensive capabilities. Your role will be to focus on operational excellence, team development and consistent delivery of those capabilities. Where methodologies evolve, or new tools are adopted, the Technical Director will lead the what and why, and you lead the 'how’ and implementation.

If you combine deep offensive security credibility with outstanding consultancy skills and a strong commercial instinct, this is the role for you.

About the Role

As Head of Penetration Testing, you will:

• Lead the operational performance of the Pen Testing practice across all regions

• Own utilisation, capacity planning and revenue delivery across the team

• Drive quality assurance and reporting standards

• Coach and develop consultants into trusted security advisors

• Partner with Sales and Client Success to scope complex engagements and support winning commercial bids

• Act as a senior escalation point for client engagements

• Embed a consultancy-led mindset across the function

• Contribute to the strategic growth of our offensive security capability

You will be responsible for ensuring that Cognisys delivers penetration testing services that are technically excellent, commercially disciplined and consistently exceptional in client experience.

Key Responsibilities

Practice Leadership & Operations

• Lead day-to-day operational management of the Pen Testing function

• Oversee workload planning, utilisation targets and delivery forecasting

• Ensure projects are delivered on time, on budget and to a high standard

• Develop practice KPIs and performance dashboards

• Drive continuous improvement in methodology and delivery frameworks

Commercial & Client Excellence

• Partner with Sales to support scoping, proposals and complex bids

• Ensure engagements are appropriately sized and commercially viable

• Maintain strong senior-level client relationships

• Lead post-engagement reviews and drive repeat business

• Identify opportunities for upsell and cross-sell into GRC and Managed Services

Consultancy & Quality

• Maintain high reporting standards with clear senior-level articulation of risk

• Embed a “trusted advisor” approach across the team

• Provide technical oversight on high-risk or high-profile engagements

• Ensure alignment with industry standards (CREST, CHECK, etc.)

People Leadership

• Lead and develop Managing Security Consultants

• Coach consultants in client communication and stakeholder management

• Support hiring, onboarding and capability mapping

• Contribute to career pathways and skills matrices

• Build a culture of Togetherness , Excellence , Accountability and Momentum to support the Cognisys values

Requirements

We are looking for someone who blends technical credibility with leadership and commercial maturity.

Technical

• Strong background in penetration testing across infrastructure, web, API and cloud

• Experience leading complex engagements and red-team style assessments

• Solid understanding of offensive tooling and methodology

• Certifications such as OSCP, CRT, CREST CCT, or equivalent are highly desirable

Leadership & Commercial

• Experience leading or managing a penetration testing team

• Strong understanding of utilisation models and revenue delivery

• Proven ability to scope and price consultancy engagements

• Comfortable engaging at CISO and Board level

• Exceptional written reporting and presentation skills

Personal Attributes

• Consultancy-first mindset

• Commercially astute

• Calm, credible and decisive

• Growth-oriented

• Collaborative and values-driven

What We Offer

• Annual Leave: 25 days per year, plus UK bank holidays.

• Additional Leave: 1 day of paid leave on your Birthday!

• Heath & Wellbeing: Access to Westfield Health Care Cash Plan and our Employee Mental Health and Wellbeing platform.

• Professional Development: £2,000 annual training budget to support your continued learning and career growth.

• Share Scheme: Eligibility to participate in our EMI share scheme after 18 months of continuous service (subject to company discretion).

• Leadership Influence: Genuine ability to shape and scale a growing practice

• A dynamic and supportive work environment where customer care and innovation drive everything we do.

• Refer a friend bonus scheme, up to £2,000!

Why Join Us?

At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact on our clients. We'd love to hear from you if you want to challenge, lead and innovate!

We're not just about the work; we're about the people. Join a team where innovation is celebrated and your contributions are valued. We foster a collaborative environment where fresh ideas thrive and professional growth is encouraged.

Applications

Please feel free to reach out to Dom, our Talent Acquisition Partner, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – [email protected]

Please note: We’re always happy to help with questions, but to keep our process fair for everyone, we’re unable to accept applications via email - please apply directly through the job advert page.

We welcome applications from candidates from diverse backgrounds and can make various reasonable adjustments to accommodate individual needs.

NO RECRUITMENT AGENCIES, PLEASE