+44 (0) 1242 652100

Careers

Why Prism Infosec?

At Prism Infosec, our people-centric culture—built on core values of equality, diversity, and inclusion is paramount.

We offer a supportive environment where employees are genuinely empowered: your voice is heard, and your ideas can become key development projects, directly driving our growth.

This mutual investment fuels a vibrant, collaborative atmosphere and our shared mission across our Cheltenham, Liverpool, and Brussels offices. We’re on an exciting journey of development and teamwork, offering ongoing training, mentorship, and a ‘no blame’ culture focused on continuous improvement.

If working alongside a dedicated, passionate, and highly skilled team in such an environment appeals to you, take a look at our roles below, email contact@prisminfosec.com with your CV and covering letter or complete the form.

Browse our roles

Send us your details

"*" indicates required fields

"We know that our incredible team drives every success. They are the cornerstone of our innovation and our trusted reputation. That's why we're passionately dedicated to fostering their talent through outstanding benefits, continuous opportunities for personal and professional growth, and a genuinely supportive and inclusive culture where every individual can truly flourish. When our people thrive, we all succeed together."

Phil Robinson - Prism Infosec

Our current vacancies

Project Co-ordinator - Permanent Full Time

LOCATION

Cheltenham Office Based

DIRECT SUPERVISOR

PMO Team Lead

REPORTEES

Project Co-Ordinator

HOURS OF WORK

9.00 to 17.30 – Monday to Friday

TERM OF EMPLOYMENT

Permanent Full Time

ROLE SUMMARY

For this role we are looking for someone that can demonstrate their enthusiasm and drive for the skilled coordination of multiple phased projects.  We are looking for a willingness to learn and to better their own ability.

KEY AREAS OF RESPONSIBILITY / OBJECTIVES

  • Manage and maintain an efficient schedule that supports company KPI’s.
  • Acting as a point of contact for technical team and account managers.
  • Manage resource allocation to projects, including the management and allocation of arms reach associates that are used for sub-contracting in peak times or where specific skill sets are a pre-requisite requirement. Ensure resource availability and allocation.
  • Match technical skillset, security clearance level and availability of consultants/contractors to appropriate projects.
  • Manage and maintain consultant’s skills matrix, ensuring they are up to date and relevant for in-house consultants.
  • Oversee the development and management of a detailed project schedule and work plan via the Project Management Tool of choice, currently JIRA.
  • Manage changes to the project scope, project schedule
  • Coordinate schedules, activities, and video conference logistics.
  • Monitor the confirmation and cancellation of technical projects and inform relevant individuals.
  • Record keeping of any changes or updates to project.
  • Other administrative duties on request.

 

Other responsibilities included but not limited to:

  • Perform other related duties as assigned including entry into and maintenance of the Cyber Essentials IASME portal and reporting tool.
  • Ensure internal resources are scheduled onto training/workshops within the JIRA Scheduling function
  • Observe a high standard of adherence to all company policies (e.g. clear/clean desk, locked screen, physical security etc).
  • Other administrative duties as and when required.

KEY SKILLS

  • Competent in working with IT equipment and various software packages such as Project Management systems and CRM systems;
  • Good Level MS Office Skills;
  • Solid organisational skills including attention to detail and multitasking skills;
  • Project Management Professional (PMP) / PRINCE II certification would be advantageous, or an aspirational requirement;
  • Coaching and mentoring skills an advantage.

KEY ATTRIBUTES

  • Attention to detail
  • Ensure all work is carried out to a high standard & documents are completed accurately.
  • Excellent Communication Skills
  • Excellent verbal, written & presentation skills, and strong ability to communicate requirements/tasks.
  • Tidiness and Organisation
  • High Standards of self-management, tidiness, organisation, and structure;
  • Be detail oriented.
  • Teamwork
  • Work confidently within a group or independently as part of a larger team.
  • Exhibit leadership characteristics including strong communication skills, full understanding of internal policies, time management and client focus.
  • Initiative & Self-Motivation
  • To act on initiative, identify opportunities & proactive in putting forward ideas and solutions; Determination to get things done, and to make things happen and constantly looking to improve existing processes. To work independently and prioritise own workload.
  • Flexibility – Demonstrate the ability to adapt to changing situations and environments and to pick up tasks in a professional and courteous manner when required.
  • Time Management
  • Manage time effectively, prioritising tasks and demonstrate the ability to work to deadlines.

KEY RESULTS & OBJECTIVES

  • Quality project co-ordination delivered in line with the company methodologies and policies.
  • Comprehensive start to finish project journey.
  • Client satisfaction associated with the Company’s organisation of all projects delivered.

QUALIFICATIONS & EXPERIENCE

Essential

  • 5 GCSE (or equivalent) A*-C including Maths & English.

Desirable

  • 2 A Levels A* to D (or equivalent).

Experience

  • 1-2 year’s relevant work experience within the field of information security or show previous and relevant project co-ordination and project management skills through existing work experience.
  • Show proficiency in relevant project management tools.
  • Interview and background checking process, including BS:7858 security vetting (which includes basic DBS disclosure checks).  Be able to undergo SC Level Government Clearance

RESPONSIBLE FOR / EQUIPMENT

  • Any assets provided by the company eg. Laptop, hard drives etc.
  • Office Key pass

CONSULTS WITH

PMO Team Lead, Head of Finance & Support Services, Finance Team, Internal and External Consultants

Senior Security Consultant - Permanent Full Time

DIRECT SUPERVISOR AND OVERALL RESPONSIBILITY

 Head of Red Team

TYPE OF INDIVIDUAL WE ARE LOOKING FOR:

We are seeking an experienced Senior Security Consultant to join our Red Team and help clients understand their true security posture beyond traditional penetration testing. This is not an entry level position.

You will lead and deliver sophisticated Red Team engagements, support blended offensive operations with our Penetration Testing team, and contribute directly to the continual evolution of Prism Infosec’s offensive security methodologies, tooling, and tradecraft. This position is ideally suited to someone who thrives on adversarial thinking, technical depth, autonomy, and creativity.

KEY AREAS OF RESPONSIBILITY

 

 

  • Red Team Engagement Delivery:
    End‑to‑end ownership of covert and overt offensive security operations, ensuring engagements meet defined objectives and maintain operational security.
  • Infrastructure & Tooling Management:
    Deployment, maintenance, and secure operation of Red Team infrastructure, C2 systems, custom tooling, and automation capabilities.
  • Technical Execution Across Attack Lifecycles:
    Reconnaissance, initial access, exploitation, privilege escalation, credential harvesting, lateral movement, cloud persistence, and data access.
  • Reporting & Communication:
    Production of high‑quality technical and executive-level reports, and delivery of clear verbal debriefs to varied audiences.
  • Collaboration & Knowledge Sharing:
    Working with internal security teams—Penetration Testing, OT, and IR—to support joint assessments, share offensive insights, and improve overall defensive posture.
  • Research & Development:
    Continuous investigation of new techniques, vulnerabilities, adversary tradecraft, cloud attack paths, and contributions to internal Red Team methodology and tooling.
  • Team Development & Mentorship:
    Supporting growth of colleagues through technical guidance, knowledge sharing, review, and encouragement of offensive security skill development.

KEY TASKS

 

 

 

  • Work with the red team manager to plan, design, and deliver full‑scope Red Team engagements, from reconnaissance through to achieving agreed objectives.
  • Build, configure, and operate Red Team infrastructure, including command‑and‑control frameworks such as Mythic, Cobalt Strike, or Havoc.
  • Conduct exploitation, post‑exploitation, lateral movement, and persistence activities across on‑premises, hybrid, and cloud estates.
  • Identify weaknesses across infrastructure, Active Directory, cloud platforms (Azure/AWS/GCP), and application layers.
  • Develop or modify offensive tooling, scripts, payloads, and automation to support engagements.
  • Produce clear, detailed, and technically accurate Red Team reports, including findings, impact assessments, and remediation advice.
  • Support client briefings and debriefings, explaining attack paths and defensive recommendations to both technical and non‑technical stakeholders.
  • Collaborate with penetration testers during blended or purple team operations.
  • Stay current with emerging attacker TTPs, threat intelligence, cloud exploitation techniques, and novel abuse paths.
  • Mentor junior consultants and support capability development across the offensive security team.

KEY RESULTS/OBJECTIVES

  • Successfully deliver full‑scope Red Team engagements that meet defined objectives, maintain operational security, and provide meaningful, actionable outcomes for clients.
  • Consistently produce high‑quality technical and executive reporting that clearly communicates attack paths, business impact, and remediation priorities.
  • Demonstrate measurable improvements in client detection, response, and resilience through collaborative purple team activities and post‑engagement reviews.
  • Enhance Prism Infosec’s offensive capability by contributing to methodology development, tooling improvements, research, and internal knowledge sharing.
  • Maintain a strong understanding of emerging attacker techniques, cloud exploitation paths, and relevant threat intelligence, applying this knowledge to ongoing operations.
  • Support the delivery of penetration testing engagements when required, ensuring the same high standard of technical execution and reporting.
  • Promote a culture of continuous learning by mentoring junior consultants, participating in internal training sessions, and contributing to team development.
  • Strengthen client relationships through professionalism, technical credibility, and consistent delivery excellence.
  • Achieve or maintain CCRTS/CCRTM qualifications to support regulated testing in the UK.

RESPONSIBLE FOR STAFF/EQUIPMENT

  • Any assets provided by the company e.g. Laptop, hard drives etc.
  • Testing and lab systems,
  • Office keys and entry fob

CONSULTS WITH

Head of Red Team, members of the test team.

TERM OF EMPLOYMENT

Permanent Full Time

QUALIFICATION

Essential:

  • 2+ years of hands‑on experience delivering Red Team operations, advanced penetration testing, or adversary simulation engagements.
  • Strong proficiency with at least one major C2 framework (e.g., Mythic, Cobalt Strike, Havoc) and a solid understanding of operational security and detection evasion.
  • Demonstrable ability to conduct end‑to‑end offensive operations: reconnaissance, exploitation, post‑exploitation, privilege escalation, lateral movement, and persistence.
  • Practical experience targeting cloud environments including Azure, AWS, and/or GCP, with understanding of hybrid identity and cloud-native attack paths.
  • Strong technical knowledge of Active Directory, identity abuse, Kerberos‑based attacks, and common enterprise exploitation routes.
  • Experience writing or modifying offensive tools, scripts, payloads, automation, or implants in languages such as Python, PowerShell, or C#.
  • Excellent written and verbal communication skills, capable of producing high‑quality reports and presenting findings to technical and non‑technical stakeholders.
  • Ability to work within a team environment, collaborate effectively with penetration testers, and support blended offensive engagements.
  • Willingness and capability to conduct traditional penetration testing engagements when required.
  • Strong analytical thinking, creativity, and a proven ability to approach problems from an adversary’s perspective.

Desirable:

  • Industry recognised certifications such as CCT‑APP, CCT‑INF, CCRTS, OSCP, OSEP, OSCE, RTO / RTO‑II, CREST-equivalent quals, or similar high‑rigour offensive credentials.
  • Experience delivering or supporting intelligence‑led or regulatory-driven assessments such as CBEST, STAR‑FS, TIBER‑EU, or iCAST.
  • Experience developing custom Red Team infrastructure, automation frameworks, or internal tooling pipelines.
  • Knowledge of containerisation and orchestration technologies (e.g., Docker, Kubernetes) from both an attacker and defender perspective.
  • Experience contributing to open‑source offensive tooling, blog posts, conference talks, or broader community engagement.
  • Understanding of defensive operations, detection engineering, logging pipelines, and SOC methodologies, particularly in purple team scenarios.
  • Experience operating within consultancy environments where autonomy, breadth of skill, and adaptability are highly valued.

Ready to join the team?

Please send us your CV and a covering letter (in PDF format).

Send your details
the-cyber-scheme
pci
Crest
cbest
CHECK Penetration Testing (Dark Logo)
Cyber Incident Exercising
Cyber Incident Response Standard Level logo

Experiencing a security breach?
Contact the cyber security experts now

Prepare

Respond

Manage

About us
LuxisAI
Case studies
Sectors
Insights
Careers
Get in touch