21 of 21 Offensive Security Jobs in London

intelligence, and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. Our offensive security engineers emulate these real-world threats and provide critical signal on attack vectors to help improve our security posture. This role … will be hands-on and requires a deep understanding of micro-service architecture, multi-tenancy vulnerabilities, cloud security, and web application security. In this role you'll dive deep into the security of our products and more: Conduct security assessments. You'll learn how our products work … then try to break them. This includes everything in our current and future product and service portfolio from Apollo to Foundry. You'll document security findings and work with AppSec and product engineers to develop mitigations. Build offensive testing tooling and automation. Scale offensive security testing More ❯

another. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel. Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work … to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to … grow our team of penetration testers in the UK. We test web and mobile applications, computer networks, cloud infrastructure, hardware devices, security awareness through social engineering, organizations through red and purple team exercises, and more. At Kroll, your work will help deliver clarity to our clients' most complex governance More ❯

Principal Security Engineer, AWS Security Job ID: Amazon Web Services Australia Pty Ltd This position can also be based in Sydney, Australia. We are looking for an experienced Principal Security Engineer to join the Security team in Australia. You will be on a team responsible for … conducting both pre and post launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. This team partners with the larger Security organization and Service … teams to continuously validate security throughout the service/system lifecycle. You will be an expert across multiple domains such as cyber security; threat, vulnerability and risk assessments (TVRA), security tools (e.g. Splunk, Crowstrike, etc.), application of security frameworks (e.g. ISM, NIST, etc.) and/or More ❯

Sr. Security Engineer, Application Security In Amazon Stores, we ship some of the widest arrays of technology found at any company. From to world-class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the … ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service … software developers. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with one or more areas of deep expertise. In their communication, they will clearly articulate risks to technical and non-technical audiences alike. More ❯

Principal Security Engineer, AWS Security Job ID: Amazon Web Services Australia Pty Ltd This position can also be based in Sydney, Australia. We are looking for an experienced Principal Security Engineer to join the Security team in Australia. You will be on a team responsible for … conducting both pre and post launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. This team partners with the larger Security organization and Service … teams to continuously validate security throughout the service/system lifecycle. You will be an expert across multiple domains such as cyber security; threat, vulnerability and risk assessments (TVRA), security tools (e.g. Splunk, Crowstrike, etc.), application of security frameworks (e.g. ISM, NIST, etc.) and/or More ❯

Sr. Security Engineer, AppSec - Amazon Stores Security Job ID: Amazon Development Centre (London) Limited At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's … products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. In Amazon Stores, we ship some of the widest arrays of technology found at … healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe's largest AWS deployment. As a Senior Security Engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day More ❯

Control Risks is seeking an experienced, technical cyber security Consultant to join its rapidly growing Digital Risks team. This is a unique opportunity that requires a motivated and diligent client-facing individual to join a highly successful team. The successful candidate will help deliver Control Risks' cyber security risk assessment engagements primarily across the EMEA region and act as a subject matter expert on cyber security technical solution development. The candidate will also need to demonstrate experience and expertise in designing cyber security architecture and implementation of technical security controls. The candidate will also … need to be a team-player who is passionate about delivering high quality cyber security advice to some of the world's largest organisations. Located in London, the successful candidate will be able to travel up to 20% of working time. Travel will primarily be in Europe but may More ❯

Security Consultant What we're offering (we know, everyone jumps to this section first!) Salary of £40,000 - £50,000 Share options so you benefit from our success 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want. Once you reach 3 years of … service, you get an extra day of paid holiday every year until 7 years at Intruder Flexible working - most of the Security team works from home, but we have the option of an office in Shoreditch if you ever feel like some human connection! A yearly off-site for … years promise more of the same, with plenty of growth opportunities for us and our teams! About this position: We are looking for a Security Consultant to facilitate the day-to-day running of the Intruder platform, and deliver Premium consultancy services including pentesting. This role is varied and More ❯

Security Consultant What we're offering: Salary of £40,000 - £50,000 Share options so you benefit from our success 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want. Once you reach 3 years of service, you get an extra day of paid … holiday every year until 7 years at Intruder. Flexible working - most of the Security team works from home, but we have the option of an office in Shoreditch if you ever feel like some human connection! A yearly off-site for the whole company. Last year we went to … years promise more of the same, with plenty of growth opportunities for us and our teams! About this position: We are looking for a Security Consultant to facilitate the day-to-day running of the Intruder platform and deliver Premium consultancy services including pentesting. This role is varied and More ❯

your role you will work within the team that investigates and analyses high priority cybersecurity incidents with precision. You will respond to and contain security threats effectively, following a robust Cyber Security Incident Response Plan (CIRP). Collaborating with both internal and external stakeholders, you will ensure seamless … communication and effective outcomes. You will document incident responses meticulously and create comprehensive reports. Additionally, you will be responsible for introducing and utilising security automation and scripting to enhance efficiency and security measures. Accountabilities: Monitor security alerts and logs to detect potential security incidents. Conduct initial … triage and assessment of incidents to determine severity and impact. Conduct in-depth analysis of security incidents to determine root cause, scope, and extent of compromise. Analyze malware samples, network traffic, and system logs to identify indicators of compromise (IOCs) and attack patterns. Lead and coordinate incident response efforts More ❯

Description The Offensive Security Manager is responsible for the provision of penetration & red team testing services to the business, including leading teams, creating processes, and management of technologies & 3rd parties that make up the service. The role reports to the Director of Offensive Security. The position does … as organizational, leadership, relationship and supplier management skills are the key focuses of the role but will need to have a good understanding of security vulnerabilities and testing methodology to be able to understand the subject matter of the service and manage quality. The role will work closely alongside … the rest of the Cyber Team (e.g. Vulnerability Management), the wider Information & Cyber Security function (e.g. Project Assurance) and leaders in operational IT teams to ensure accurate detection, and the prioritized, timely and appropriate resolution of security vulnerabilities. We are looking for a collaborative team player, with a More ❯

Security Engineer What we're offering (we know, everyone jumps to this section first!): Salary of £50-70k Share options so you benefit from our success 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want. Once you reach 3 years of service … you get an extra day of paid holiday every year until 7 years at Intruder. Flexible working - most of the Security team works from home, but we have the option of an office in Shoreditch if you ever feel like some human connection! A yearly off-site for the … years promise more of the same, with plenty of growth opportunities for us and our teams! About the Role: We are looking for a Security Engineer to write new vulnerability checks for the latest critical vulnerabilities, research breaking vulnerabilities, and discover new weaknesses in well-known products. This role More ❯

engineering teams on a day-to-day basis to ensure applications and products have been developed and deployed securely. You will continue to champion security best practices, working closely with engineering teams and managers to ensure we develop secure products. . Reporting to the Head of DevSecOps, you will … be directly influencing the security posture of the applications and products across the company to ensure that security plays a key part in the development and engineering life cycles. The Role You will manage and develop a team of DevSecOps engineers, guiding them through the delivery of your … strategy. You'll help develop and drive the DevSecOps strategy, continuing to integrate security into the whole lifecycle of development. Whether it's software or infrastructure you'll be the go to expert on point. You'll be responsible for the DevSecOps engagement plan, to educate engineers by scaling More ❯

requirements and KPI's for the products you own. What you'll do: Provide technical cyber leadership across all of BA's defensive cyber security products. This includes m365, CrowdStrike, Defender, Snyk,ForcePoint. Produce product visions, strategies and roadmaps aligned with ourGroup and in support of new and emerging … use cases from the BA business. Evaluating, implementing, and communicating new protective tools and features to improve our security posture whilst supporting, consulting, and measuring the performance of new and existing tools. Create and maintain reference architectures, patterns and guidance for BA's security products. Develop hardening standards … and configuration baselines for security tools. Lead cyber reviews to ensure that our security tools work together to provide integrated layers of defence and a consistent level of protection globally. Support the BA Cyber Delivery Assurance Lead's, acting as a subject matter expert on all things related More ❯

and V.P of Software Engineering and Advanced Analytics to determine technical requirements and will undergo a formal approval, review, and voting by representatives for security impact analysis (the Change Approval Board). WHAT ARE WE LOOKING FOR: A proven record of implementation of method transformers. The technical ability to … C++, and C#. 10+ years of experience as a Software Engineer. Extensive experience in AI-powered software development management and advanced analytics. Certified Information Security Manager (CISM) is essential. Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM) is essential. Certified Authorization Professional (CAP) Information … INTERVIEW PROCESS: STAGE 1: Cognitive Ability Test STAGE 2: Cognitive Assessment Screening with a 30+ years experienced psychologist STAGE 3: Pre-Screening (verification checks & security clearance) STAGE 4: Interview with the CEO, CTO & GC More ❯

software development. Strong programming skills. Great skills in data engineering and big data technologies. Highly skilled with object-orientation and software development best practices. Offensive Security Certified Professional (OSCP) . Certified Information Security Manager (CISM) . Information Systems Security Architecture Professional (ISSAP) is essential. Certified Authorization … PROCESS: STAGE 1: COGNITIVE ABILITY TEST STAGE 2: COGNITIVE ASSESSMENT SCREENING: WITH A 30+ YEARS EXPERIENCE PSYCHOLOGIST STAGE 3: PRE-SCREENING (verification checks & DV security clearance) STAGE 4: INTERVIEW WITH THE CEO, CTO & GC More ❯

transportation technology company, and they are looking for a Pen tester here in Toronto. If you'd like to grow your skill set in Offensive Security, this is the place. You'll be able to gain hands-on experience. Contract Duration: 6 Months (Possible Extension) What You Will … Automation 50% Manual Daily Responsibilities SQL Injection & Cross-site scripting Grey box penetration testing, and perform access control Identify and exploit vulnerabilities to assess security risks. Communicate with clients about security issues and provide tailored solutions. Collaborate with developers and security teams to remediate discovered vulnerabilities. Develop More ❯

IT and engineering teams on a day-to-day basis to ensure applications and products have been developed and deployed securely. You will champion security best practices, working closely with engineering teams and managers to ensure we develop secure products. Reporting to the Head of DevSecOps, you will directly … influence the security posture of the applications and products across the company to ensure that security plays a key part in the development and engineering life cycles. The Role You will manage and develop a team of DevSecOps engineers, guiding them through the delivery of your strategy. You … ll help develop and drive the DevSecOps strategy, continuing to integrate security into the whole lifecycle of development. Whether it's software or infrastructure, you'll be the go-to expert on point. You'll be responsible for the DevSecOps engagement plan, to educate engineers by scaling up security More ❯

of their remote SDR team. Focussed on Cybersecurity, our client specialises in Managed Detection and Response. They monitor networks for a broad range of security issues, tailoring their monitoring for the specific industry and requirements of each client. They have worked with nationally-recognised brands such as RAC, Inchcape … tips and tricks. Regular team meetings to share insight on successful sales points and strategies. Full training on their services from the Head of Offensive Security and Head of Defensive Security. Regular one-to-one check-in meetings to ask questions and reflect progress. Appropriate online training courses More ❯

operate, maintain, and support cloud infrastructure and data services. Automate and optimize data engineering pipelines. Utilize big data technologies (Databricks, Spark). Develop custom security applications, APIs, AI/ML models, and advanced analytic technologies. Experience with threat detection in Azure Sentinel, Databricks, MPP Databases (Snowflake), or Splunk. Expertise … in network, endpoint, and cloud security, cryptography, malware analysis, vulnerability assessment, anomaly/intrusion detection, incident response, and offensive security. Proficiency in AI/ML security and automation. Experience with data science and analytics in Databricks, Synapse Analytics, and large-scale data warehouses (Snowflake, Redshift, Presto). More ❯

operate, maintain, and support cloud infrastructure and data services. Automate and optimize data engineering pipelines. Utilize big data technologies (Databricks, Spark). Develop custom security applications, APIs, AI/ML models, and advanced analytic technologies. Experience with threat detection in Azure Sentinel, Databricks, MPP Databases (Snowflake), or Splunk. Expertise … in network, endpoint, and cloud security, cryptography, malware analysis, vulnerability assessment, anomaly/intrusion detection, incident response, and offensive security. Proficiency in AI/ML security and automation. Experience with data science and analytics in Databricks, Synapse Analytics, and large-scale data warehouses (Snowflake, Redshift, Presto). More ❯