Job Description

Job Title: Check Team Lead

Reporting to: Technical Director

Location: Home Based | Travel to client's sites required (United Kingdom)

Department/Division: Cyber Solutions

The Opportunity CCL Solutions Group is seeking an exceptional Senior Penetration Tester with CHECK Team Leader Infrastructure (CTL-INF) qualifications to join our elite team of security professionals. This is more than just a job, we're looking for individuals with a hacker's mindset, deep technical expertise, and a relentless drive to secure the UK's most critical assets.

You will be leading engagements across secure environments, delivering high-impact assessments, mentoring team members, and shaping the offensive security direction of the business. In return, we offer a highly supportive environment with structured mentoring, paid training days, and access to advanced tooling.

What We Offer

Support for continuous professional development through certifications, workshops, and more, tailored to your individual career goals.

The Challenge Ahead

We're looking for professionals who are ready to contribute to our mission with their expertise, aligning with our values and professional standards. Holding or being eligible for SC / DV clearance as required by the NCSC scheme is essential for this role.

If you're ready to take on this challenge and contribute to safeguarding the UK's critical infrastructure, come show us what you can do, we'd love to hear from you.

Main Duties & Responsibilities:

Other duties may be assigned.

CCL Solutions Group are more than just a leading provider of cybersecurity services, we are a team committed to making a real difference in protecting communities, businesses, and the critical infrastructure of the UK.

As a Senior Penetration Tester within CCL Solutions Group, your key responsibilities will be :-

Lead and deliver end-to-end penetration testing engagements across infrastructure and cloud environments. Manage and mentor junior CHECK team members, supporting their development and quality of delivery. Produce comprehensive, high-quality reports that identify risks, remediation strategies, and technical impact. Support red team simulations, infrastructure reviews, and adversary emulation where required. Contribute to internal R&D, tooling improvements, and the development of our offensive security services. Scope penetration tests accurately, ensuring compliance with relevant legislation and standards. Work autonomously and under direction, delivering accurate technical results in accordance with the scope and test plan. Perform a broad range of complex penetration tests that demonstrate an analytical and systematic approach. Apply knowledge of configuration errors, vulnerabilities, and coding flaws to create and execute a series of tests to validate the security of a system or product. Communicate penetration test results to both technical and non-technical audiences, facilitating collaboration between stakeholders where necessary. Influence peers and customers by delivering presentations, papers, and reports. Have a good understanding of technology and actively maintain awareness of developments in the penetration testing and information security fields. Participate in technical and/or professional development activities beyond own team, sharing knowledge with colleagues to improve the security testing service. Work closely with the Technical Director of Cyber Security Testing and input into growing existing and developing new service lines.

Essential Skill Set & Experience:

To perform this role successfully, an individual must be able to perform each essential duty satisfactorily.

The requirements listed are representative of the knowledge, skill, and/or ability required.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

This role requires a senior and mature person who can demonstrate leadership, honesty and integrity and who expects high standards.
Please understand this is not an entry level role it is essential that you have: -

CHECK Team Leader certification (Cyber Scheme Team Leader - INF or CREST CCT-INF). Minimum of 2 years delivering CHECK engagements as a CTL. At least 3 years of hands-on penetration testing experience in enterprise environments. Deep understanding of infrastructure testing, Active Directory security, and cloud technologies (AWS, Azure, Kubernetes). Strong familiarity with tools such as Nmap, Burp Suite, Metasploit, Impacket, and SMBClient. Able to articulate technical findings to both technical and non-technical audiences in written and verbal formats. UK Government Clearance to SC level as a minimum. Experience of scoping projects and writing proposals. Experience of applying in-depth knowledge and experience in one or more specific areas and apply a broad understanding across a wide field in a variety of situations. Ability to manage larger projects and oversee them from a technical perspective. Flexibility and willingness to work additional hours / out of hours as may be required. Have strong inter-personal skills, especially in handling contacts of all types and at all levels. Maintain detailed knowledge of own area of expertise, including awareness of current developments. Develop awareness and, in some cases, detailed knowledge of areas outside own area of expertise as appropriate. Take innovative approaches to problem solving and devise creative solutions. Convey a level of confidence and professionalism, positively influencing and persuading others to take a course of specific action when there is no direct command. Provide mentoring and management of junior staff on projects, supporting staff development.

Desirable Skills (Not Essential)

Certifications: OSCP, OSEP, CRTO, or other advanced offensive security qualifications. Programming/scripting in Python, Ruby, Go, C#, or Java. Experience in red teaming, threat emulation, or purple teaming. Agile experience and knowledge of the common production frameworks is highly desired.
o

How to excel in this role.

To excel in this role you will need a Strong understanding of the following technical competencies:

Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. Experience interpreting logs and event outputs from OS and security appliances.

Education:

Industry Certs

(Advantageous)

Expected Experience.

Degree level qualification (2:2 or above) BSc in an IT related field; Computer Science or Cyber Security related degrees are desirable. CISSP
CCSAS

CCT APP

CSTL APP

CSTL INF

OSCP

OSWE

OSCE

5 years in Cyber Security industry working as a Penetration Tester, delivering on infrastructure penetration testing projects. 3 years post experience delivering Check penetration testing to large environments, reporting to check standards. Cyber essentials penetration testing does not qualify for this requirement.

Core Role Competencies:

Working with Others

Builds effective working relationships with staff and Management team through clear communication and a collaborative approach. Maintains visibility by regularly interacting and talking with people. Consults widely and involves people in decision making speaking to people in a way they understand and can engage with. Treats people with respect and dignity regardless of their background or circumstances, promoting equality and the elimination of discrimination Treats people as individuals, showing tact empathy and compassion. Sells ideas convincingly, setting out the objectives of a particular approach and striving to reach mutually beneficial solutions. Expresses own views positively and constructively and fully commits to team decisions. Self-motivated with the ability to effectively manage your own time and responsibilities The ability to work under pressure The ability to describe technical solutions and scenarios to a non-technical audience Excellent verbal and written communication skills Sound understanding of Cyber Security concepts
Professionalism

Acts with integrity, in line with the values and ethical standards of CCL. Acts on own initiative to address issues, showing energy and determination to get things done. Takes ownership for resolving problems, demonstrating courage and resilience in dealing with difficult and challenging situations. Upholds professional standards, acting as a role model to others and challenging unprofessional conduct or discriminatory behaviour. Acts for and acts on feedback, learning from experience and continuing to develop own professional skills and knowledge. Remains calm and professional under pressure, defusing conflict and being prepared to make unpopular decisions or take control when required.
Leading Change

Positive about change, adapting rapidly for changing circumstances and encouraging flexibility in others. Identifies and implements improvements to service delivery, engaging people in the change process and encouraging them to contribute ideas. Find more cost-effective ways to do things, taking an innovative approach to solving problems and considers creative alternatives. Creates a feeling of energy, excitement, and personal investment.
Decision making

Gathers verifies and assesses all appropriate and available information to gain an accurate understanding of situations. Considers a range of possible options, evaluating evidence and seeing advice where appropriate. Makes clear, timely, justifiable decisions, reviewing these as necessary. Balances risks, costs and benefits, thinking about the wider impact of decisions. Exercises discretions and applies professional judgment, ensuring actions and decisions are proportionate and in CCL's best interest. Looks beyond symptoms to identify causes of problems and drives team to routinely perform.
Service Delivery

Develop knowledge of CCL staff to enhance delivery of CCL services and customer needs. Demonstrates a real belief in CCL Values, focusing on what matters most and best serves those values. Demonstrates a good understanding of CCL's Strategic objectives and work to promote their attainment. Ensures possesses understanding of the expectations, changing needs and concerns and strives to address them. Builds confidence by actively engaging with different customers, partners and stakeholders. Identifies the best way to deliver services. Understands customers' perspectives and priorities and works co-operatively with them to deliver the best possible overall service. Removes barriers to customer service. Seeks feedback from customers.

Other Role Requirements:

Must have been resident in the UK for a minimum of 5 years. Full UK driving licence. Ability to obtain (or currently hold) SC or DV clearance - this is non-negotiable and is set by the NSCS (National Cyber Security Centre - https://www.ncsc.gov.uk/) for all Check Members. Willingness to travel for client engagements or on-site support. Travel is within the United Kingdom.

General Statement:_ _CCL is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity.

Job Type: Full-time

Benefits:

Additional leave Casual dress Company events Cycle to work scheme Discounted or free food Health & wellbeing programme Life insurance Paid volunteer time Private medical insurance Referral programme Store discount Work from home
Schedule:

Flexitime Monday to Friday
Work Location: Hybrid remote in Stratford-upon-Avon CV37 9NW

Application deadline: 06/06/2025