assurance across the SDLC in line with MoJ and NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.). Secure Cloud Infrastructure, specifically AWS and Azure. Scripting and automation using Python and More ❯
conducting penetration tests (web, infrastructure, external/internal). Strong knowledge of security testing methodologies and frameworks (e.g., OWASP, NIST). Proficiency with industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. OSCP, OSWE, or other relevant certifications. Experience with red teaming or threat simulation exercises. Familiarity with secure coding practices and More ❯
Stratford-upon-avon, Warwickshire, United Kingdom Hybrid / WFH Options
Ccl Solutions Group
hands-on penetration testing experience in enterprise environments. Deep understanding of infrastructure testing, Active Directory security, and cloud technologies (AWS, Azure, Kubernetes). Strong familiarity with tools such as Nmap, Burp Suite, Metasploit, Impacket, and SMBClient. Able to articulate technical findings to both technical and non-technical audiences in written and verbal formats. How to be successful in this role More ❯
/internal). Experience in scoping penetration testing assessments. Strong knowledge of security testing methodologies and frameworks (eg, OWASP, NIST). Proficiency with industry-standard tools (eg, Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. OSCP is essential. Experience with red teaming or threat simulation exercises. Experience conducting code reviews. Scripting experience (eg, Python, Bash More ❯
Newcastle Upon Tyne, Tyne and Wear, North East, United Kingdom Hybrid / WFH Options
GoDefend Limited
Minimum 3 years of hands-on penetration testing experience. Skilled in testing: Web apps, Mobile apps, Cloud (AWS, Azure, GCP), and On-prem infrastructure. Familiar with Burp Suite, Metasploit, Nmap, Wireshark, and other industry tools. Scripting ability in Python, Bash or similar. Comfortable with Linux, networking principles, and cloud environments. Soft Skills & Consulting Ability: Excellent verbal and written communication skills. More ❯
Provide clear and actionable reports to both technical and non-technical audiences. Requirements Proven experience in penetration testing and ethical hacking. Proficiency in tools such as Burp Suite, Metasploit, Nmap, Wireshark, and Kali Linux. Strong knowledge of web application, network, and infrastructure security. Experience with scripting and automation using Python, Bash, or PowerShell. Certifications such as OSCP, OSCE, CEH, or More ❯
Manchester, North West, United Kingdom Hybrid / WFH Options
Circle Group
Desirable Skills: Exposure to internal network testing or Active Directory environments Experience with cloud platforms (e.g., AWS, Azure) from an offensive perspective Familiarity with tools such as Burp Suite, Nmap, Cobalt Strike, or custom scripts Understanding of MITRE ATT&CK framework or red team methodologies What You'll Gain: Intensive training across all areas of technical penetration testing Opportunity to More ❯
Milton Keynes, Buckinghamshire, South East, United Kingdom Hybrid / WFH Options
Circle Group
Desirable Skills: Exposure to internal network testing or Active Directory environments Experience with cloud platforms (e.g., AWS, Azure) from an offensive perspective Familiarity with tools such as Burp Suite, Nmap, Cobalt Strike, or custom scripts Understanding of MITRE ATT&CK framework or red team methodologies What You'll Gain: Intensive training across all areas of technical penetration testing Opportunity to More ❯
threat mitigation, and root cause analysis. Conduct internal security reviews, network scans, and targeted penetration tests of applications and infrastructure using common security tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. More ❯
Go and Node.js application security. Experience with TEE technologies or confidential computing. Knowledge of OWASP Top 10, CVEs, and secure coding practices. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, etc. Certifications such as OSCP, CEH, or GIAC are a plus. Nice to Have: Experience with Kubernetes and container security. Familiarity with CI/CD security integration. Familiarity with More ❯
City Of London, England, United Kingdom Hybrid / WFH Options
Hamilton Barnes 🌳
and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS, Azure, GCP). Understanding of mobile security (Android & iOS), networking protocols, and the OSI model. Excellent verbal and written communication More ❯
experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD More ❯
City of London, London, Grange, United Kingdom Hybrid / WFH Options
Applause IT Recruitment Ltd
experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD More ❯
security defences. Technologies and Soft Skills required: Advanced technical knowledge of penetration testing techniques, security assessments, and vulnerability exploitation. Expertise in security testing tools (such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.), as well as manual testing methods. Strong understanding of common application security vulnerabilities (such as SQL injection, XSS, CSRF, insecure deserialization, etc.) and OWASP Top 10. Proficiency More ❯
level certifications (e.g. CREST Certified Tester or Cyber Scheme Team Leader). Strong client-facing experience. Able to obtain UK security clearance. Skills & Knowledge: Skilled in tools like Nessus, Nmap, BurpSuite, Metasploit. Proficient in at least one scripting language (Bash, PowerShell, Python, etc.). Strong understanding of TCP/IP, OSI model, and network device reviews. Solid experience testing web More ❯
level certifications (e.g. CREST Certified Tester or Cyber Scheme Team Leader). Strong client-facing experience. Able to obtain UK security clearance. Skills & Knowledge: Skilled in tools like Nessus, Nmap, BurpSuite, Metasploit. Proficient in at least one scripting language (Bash, PowerShell, Python, etc.). Strong understanding of TCP/IP, OSI model, and network device reviews. Solid experience testing web More ❯
Knowledge of Scripting Languages e.g. Python, Shell Scripting etc. Strong expertise with web application and network pen testing methodologies. Proficiency in using penetration testing tools such as BurpSuite Pro, Nmap, Nessus, and Metasploit. Experienced in using Kali Linux and the associated penetration testing tool suite. Advanced completion of penetration testing simulations like Hack the Box or Capture the Flag or More ❯
Belfast, Northern Ireland, United Kingdom Hybrid / WFH Options
Ocho
ethical hacking & exploit techniques. Scripting & automation skills a plus. Ability to communicate findings to technical and non-technical teams. Proficiency in using penetration testing tools such as BurpSuite Pro, Nmap, Nessus, and Metaspolit. Experienced in using Kali Linux and the associated penetration testing tool suite Nice to Have: Relevant security certifications (e.g. OSCP, CREST, Cyber Scheme.) UK SC clearance Package More ❯
leading tool for web application security testing. This includes leveraging its various features for intercepting traffic, conducting automated scans, manipulating requests and responses, and identifying vulnerabilities in web applications. Nmap and Enumeration Tools: Skilled in using Nmap for network scanning and enumeration. This involves not just running scans but interpreting results to identify open ports, services, and potential vulnerabilities. Familiarity More ❯
a similar role within cybersecurity ️ Strong knowledge of common vulnerabilities (OWASP Top 10, CVEs) and attack techniques ️ Familiarity with penetration testing tools such as Burp Suite, Metasploit, Nessus, and Nmap ️ Certifications such as OSCP, CEH, or equivalent are highly desirable ️ Strong communication skills to present findings to both technical and non-technical stakeholders More ❯
