external/internal). Experience in scoping penetration testing assessments. Strong knowledge of security testing methodologies and frameworks (eg, OWASP, NIST). Proficiency with industry-standard tools (eg, BurpSuite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. OSCP is essential. Experience with red teaming or threat simulation exercises. Experience conducting code reviews. More ❯
an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, BurpSuite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors More ❯
Reading, England, United Kingdom Hybrid / WFH Options
Oracle
following categories: Mobile Application Assessment (iOS/Android), Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2), Fuzzing (e.g. Jazzer/AFL/Peach), Web Application assessment (e.g. BurpSuite Proxy, ZAP, REST API testing) Proficiency in manual penetration testing in at least TWO or more of the following areas - Mobile, API, Infrastructure, OS, Web Application More ❯
Testing Focus on ensuring different modules/components interact correctly. Test APIs, databases, and service flows. Security Testing & Penetration Testing (Ethical Hacking) Simulate attacks to find vulnerabilities. Tools: BurpSuite, OWASP ZAP, Metasploit. CEH, OSCP, CISSP certifications an advantage Vulnerability Testing Scan systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/Secure More ❯
Testing Focus on ensuring different modules/components interact correctly. Test APIs, databases, and service flows. Security Testing & Penetration Testing (Ethical Hacking) Simulate attacks to find vulnerabilities. Tools: BurpSuite, OWASP ZAP, Metasploit. CEH, OSCP, CISSP certifications an advantage Vulnerability Testing Scan systems for known vulnerabilities. Collaborate with SecOps and DevSecOps teams. Security QA/Secure More ❯
Reading, England, United Kingdom Hybrid / WFH Options
Oracle
following categories: Mobile Application Assessment (iOS/Android) Reverse Engineering (e.g. IDA Pro/Ghidra/Frida) Fuzzing (e.g. Jazzer/AFL/Peach) Web Application assessment (e.g. BurpSuite Proxy, ZAP, REST API testing) Proven experience with security research including any published CVEs Experience developing proof of concept exploits bypassing modern exploit mitigations Active participant More ❯
or Secure Code Review roles. Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js). Familiarity with tools like Snyk, Checkmarx, Veracode, or BurpSuite (passive scanning). Knowledge of OWASP, CWE, and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or More ❯
or Secure Code Review roles. Deep understanding of secure coding practices in web frameworks (e.g., JavaScript, Python, PHP, Node.js). Familiarity with tools like Snyk, Checkmarx, Veracode, or BurpSuite (passive scanning). Knowledge of OWASP, CWE, and general secure software development principles. Strong technical writing and communication skills. Preferred certifications: OSCP, CSSLP, GWAPT, CEH, or More ❯
