1 to 25 of 89 Offensive Security Jobs in the UK

Summary: CCL Solutions Group is seeking an exceptional Senior Penetration Tester with CHECK Team Leader Infrastructure (CTL-INF) qualifications to join our elite team of security professionals. Location: Home based Main Job Summary This is more than just a job, we're looking for individuals with a hacker's mindset, deep technical expertise, and a relentless drive to secure … the UK's most critical assets. You will be leading engagements across secure environments, delivering high-impact assessments, mentoring team members, and shaping the offensive security direction of the business. In return, we offer a highly supportive environment with structured mentoring, paid training days, and access to advanced tooling. Main Duties & Responsibilities (other duties may be assigned): CCL … risks, remediation strategies, and technical impact. Support red team simulations, infrastructure reviews, and adversary emulation where required. Contribute to internal R&D, tooling improvements, and the development of our offensive security services. Required Skill Set & Experience: This role requires a senior and mature person who can demonstrate leadership, honesty and integrity and who expects high standards. Please understand More ❯

months of hands-on penetration testing experience and a strong interest in developing advanced technical skills. This is a rare opportunity to join a highly skilled and diverse security team committed to continuous growth and excellence in the field of offensive security. Key Responsibilities: Conduct hands-on Web Application Penetration Testing Support and contribute to Infrastructure and Cloud … Security Assessments Be mentored and trained towards Adversarial Simulation , Red Team Operations , and other advanced offensive security techniques Write detailed, clear, and professional reports for technical and non-technical stakeholders Collaborate with a team of skilled professionals and contribute to knowledge sharing Requirements: Minimum 6 months of practical penetration testing experience (freelance, consultancy, or internal testing roles … considered) OSCP certification is essential (OSEP, OSCE3, or other advanced Offensive Security certifications also accepted) Demonstrable knowledge of Web Application security , including common vulnerabilities (e.g., OWASP Top 10) Strong desire to deepen technical capabilities across various domains, including infrastructure, cloud, and red teaming Excellent written and verbal communication skills Full right to work in the UK (UK More ❯

months of hands-on penetration testing experience and a strong interest in developing advanced technical skills. This is a rare opportunity to join a highly skilled and diverse security team committed to continuous growth and excellence in the field of offensive security. Key Responsibilities: Conduct hands-on Web Application Penetration Testing Support and contribute to Infrastructure and Cloud … Security Assessments Be mentored and trained towards Adversarial Simulation , Red Team Operations , and other advanced offensive security techniques Write detailed, clear, and professional reports for technical and non-technical stakeholders Collaborate with a team of skilled professionals and contribute to knowledge sharing Requirements: Minimum 6 months of practical penetration testing experience (freelance, consultancy, or internal testing roles … considered) OSCP certification is essential (OSEP, OSCE3, or other advanced Offensive Security certifications also accepted) Demonstrable knowledge of Web Application security , including common vulnerabilities (e.g., OWASP Top 10) Strong desire to deepen technical capabilities across various domains, including infrastructure, cloud, and red teaming Excellent written and verbal communication skills Full right to work in the UK (UK More ❯

their capabilities. Our Penetration Testers work with organisations of all sizes and types to detect and remediate vulnerabilities. They help identify areas lacking sufficient protection. The team tests the security of infrastructure and applications, conducts IT Health Checks, reviews IT configurations, identifies gaps that threat actors could exploit, and makes recommendations to safeguard assets. What you'll be doing … consultancy to internal and external stakeholders. Leading the delivery of PGI's infrastructure penetration testing. Collaborating on the design and delivery of new and existing service lines related to offensive security assessments. Supporting and often leading technical pre-sales, proposal writing, and client engagements. Coaching and supervising junior team members, including resource management, development planning, mentoring, and knowledge … transfer. Analyzing security data to identify patterns, threats, and vulnerabilities. Producing high-quality technical reports that explain vulnerabilities in non-technical language for stakeholders. Performing quality assurance and peer reviews of project reports. Collaborating with colleagues on internal or client projects. Contributing to technical training and development materials. Supporting technical delivery projects to ensure successful outcomes. Mentoring security More ❯

Role Summary: Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear communication, timely … delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering … writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments. Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding More ❯

support our clients in achieving their strategic goals and empower our people to make an impact and develop their own unique career path. We are seeking an enthusiastic Cyber Security Consultant to join our team. Working alongside our experienced team of specialists, you'll be delivering offensive security services including digital footprint reconnaissance, social engineering, penetration testing … and vulnerability assessments to high profile clients across all industries. The purpose of this role is to deliver our offensive security services including digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modelling, cyber-attack simulation exercises, and more to high profile clients across all industries. You'll benefit from ongoing coaching, career mentoring, and be supported … passionate about making improvements, this role is perfect for you! We value diverse experiences and perspectives. Here's what we're looking for in our ideal candidate: Experience in offensive security and penetration testing. Demonstrable experience in infrastructure and web application testing; experience in API testing is desirable. Demonstrable experience using common pentesting tools including Kali Linux, Burpsuite More ❯

To: Head of Cyber Services Salary: £55,000 - £60,000 Travel: Occasional client site visits About Us We're a rapidly growing cybersecurity reseller and MSP delivering cutting-edge security solutions across network, endpoint, cloud, and offensive security testing. Our mission: empower clients to expose and eliminate critical vulnerabilities before attackers do. We're expanding our offensive security team and need an experienced Penetration Tester to deliver high-impact, real-world security assessments that drive tangible improvements. The Role - What You'll Own You will simulate sophisticated cyberattacks across client environments - from networks and web apps to cloud and endpoints - exposing weaknesses before adversaries can exploit them. Your findings will guide clients to stronger … more resilient security postures. Lead internal and external penetration tests , including infrastructure, web, wireless, cloud, and social engineering. Execute red team, purple team, and breach simulation exercises tailored to client maturity and objectives. Identify and safely exploit vulnerabilities to demonstrate real business impact . Deliver clear, actionable reports tailored to both technical teams and executives. Drive client engagement through More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments … applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial tactics, excellent communication skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across … and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. Communicate complex security concepts and threat insights effectively to technical and non-technical stakeholders. Collaborate with client IT and cybersecurity teams to improve security protocols and address vulnerabilities. Monitor remediation efforts More ❯

skilled and results-oriented Penetration Tester with at least 5 years of hands-on penetration testing experience. This is a rare opportunity to join a highly skilled and diverse security team committed to continuous growth and excellence in the field of offensive security. This role is office-based with occasional travel to client site. Key Responsibilities Lead internal … Execute red team, purple team, and breach simulation exercises tailored to client maturity and objectives. Deliver detailed and actionable penetration testing reports Collaborate with clients to understand their specific security needs and present findings in a clear manner. Develop and maintain security testing methodologies and procedures in alignment with industry best practices. Reviewed penetration test reports to ensure … they are up to standard and meet test objectives. Mentor junior penetration testers. Assist in incident response activities, including investigation, containment, and remediation of security incidents. Conduct cloud security assessments. Essential Requirements Must be currently residing in mainland UK . Minimum 5 years of practical penetration testing experience (web, infrastructure, external/internal). Experience in scoping penetration More ❯

respecting, including, and valuing one another. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel. Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover … and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of penetration testers in the UK. We test web and mobile applications … computer networks, cloud infrastructure, hardware devices, security awareness through social engineering, organizations through red and purple team exercises, and more. At Kroll, your work will help deliver clarity to our clients' most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll. What you'll do As an Offensive Security Consultant, you'll More ❯

THE ROLE NextEnergy Group develops, builds, and operates large-scale solar Photovoltaic (PV) assets and battery storage projects across Europe. As our Security & Information Security Architect, you will set the security vision and implement secure-by-design principles for every layer of the organization — from field-level Operational Technology networks and real-time trading engines right through … to corporate business systems. A critical dimension of the role will be tight collaboration with: Data Protection Officer (DPO): embedding privacy-by-design, supporting DPIAs and audits Network & Security Engineering team: turning architecture patterns into robust, monitored, and recoverable configurations in production External security advisors & key technology suppliers to align architectural controls with best practice guidance, managed service … This is a strategic yet hands-on role that balances secure-by-design principles with practical delivery across cloud, on-prem, and SaaS estates. KEY RESPONSIBILITIES Set & evolve enterprise security architecture (reference models, standards, patterns) covering IT, OT and hybrid-cloud environments that collect, process and trade renewable-generation data Embed security & privacy requirements into solution designs, CI More ❯

THE ROLE NextEnergy Group develops, builds, and operates large-scale solar Photovoltaic (PV) assets and battery storage projects across Europe. As our Security & Information Security Architect, you will set the security vision and implement secure-by-design principles for every layer of the organization — from field-level Operational Technology networks and real-time trading engines right through … to corporate business systems. A critical dimension of the role will be tight collaboration with: Data Protection Officer (DPO): embedding privacy-by-design, supporting DPIAs and audits Network & Security Engineering team: turning architecture patterns into robust, monitored, and recoverable configurations in production External security advisors & key technology suppliers to align architectural controls with best practice guidance, managed service … This is a strategic yet hands-on role that balances secure-by-design principles with practical delivery across cloud, on-prem, and SaaS estates. KEY RESPONSIBILITIES Set & evolve enterprise security architecture (reference models, standards, patterns) covering IT, OT and hybrid-cloud environments that collect, process and trade renewable-generation data Embed security & privacy requirements into solution designs, CI More ❯

Senior Penetration Tester Position Description CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 300 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and Many more. At CGI you will get the opportunity to work … across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non … technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve their overall security posture and maturity to ensure they feel reassured in the Security control, measures and systems we have put in place in line with their requirements. At CGI training and development is very important not only do More ❯

Security Consultant: Ready to ethically dismantle digital defenses and fortify the cybersecurity landscape? We're seeking a skilled Security Consultant to join our clients cyber team. If you're passionate about offensive security and thrive on tackling complex challenges, we want to hear from you. What You'll Be Doing: As a Security Consultant, you … systems , including Active Directory and Entra ID (Azure AD), along with various cloud-native services. Collaborating closely with remediation teams to provide expert guidance and support in fixing identified security flaws, ensuring practical and effective solutions are implemented. Contributing to the continuous improvement of our security tools and testing methodologies . You'll help shape the future of … our offensive security capabilities. Fostering a culture of collaboration and knowledge sharing within a supportive team environment, where continuous learning and professional growth are highly encouraged. What We're Looking For: We're searching for individuals who possess a strong foundation in offensive security and a proactive mindset. Ideal candidates will demonstrate: Proven hands-on experience More ❯

ESO's teams are growing, and our software is in demand globally by firefighters, paramedics, hospitals and governments. To meet this demand, we are building an industry-leading cyber security team in Belfast to protect our customers and data from a variety of fast moving and constantly evolving threats. We are looking for an Application Security Engineer to … These applications are used to help our customers go about their daily job of protecting their communities and saving lives. You will refine our application design and protection using offensive security techniques like design assessment, research, threat intelligence, threat modelling, and controls optimization. You will conduct security assessments of our applications, identify issues, and help address them … early in the development cycle. You'll also support developers in improving coding practices to enhance security and assist with remediating findings from security assessments. Our Security Engineering team operates autonomously within a motivated and forward-thinking Security team. Join our diverse, growing team, working on mission-critical products with training and mentoring support. Joining our More ❯

of "Open financial services to everyone on the planet and share our Values of "Stay Curious," "Have Empathy," and "Be Accountable." Your Role: We are seeking an experienced Staff Security Engineer who can help expand our Security efforts and play a critical role in safeguarding Alpaca's systems, data, and client assets from evolving cyber threats to ensure … the security and integrity of our Firm. The role requires a deep understanding of Cybersecurity principles, incident response, cloud security, offensive security, and proactive threat detection with a proven track record of managing security risks and cross functional collaboration. The Security Team is 100% distributed and remote. This role will be reporting directly to … the CISO. Things You Get To Do: Lead and triage security events including potential security incidents, insider threats, malware infections, unauthorized access, fraud, and data exfiltration events Conduct thorough analyses of events, assess impact, and implement corrective actions by collaborating with cross-functional teams to prioritize and remediate issues as necessary Develop and maintain security incident response More ❯

20+ years! Culture at Intermedia is built on teamwork and transparency. We hold each other accountable and always have each other's back! About the role: Intermedia's Information Security team is seeking a Senior Security Engineer with a strong passion for threat detection, incident response, and security engineering. The ideal candidate thrives in digging through data … to find anomalies, identifying root causes, uncovering malicious activity, recommending corrective actions, and working cross-functionally to drive remediation and strategic improvements. Key Responsibilities Security Monitoring & Incident Response Monitor and triage security alerts from SIEM, EDR, and other tools; escalate and respond as needed. Investigate security incidents, determine root cause, document findings, and develop IOCs to prevent … recurrence. Support escalations from internal employees or customers with security-related concerns. Security Engineering & Tooling Assist with security reviews related to infrastructure and system changes. Build, enhance, and maintain internal security tooling and scripting repositories. Contribute to the development of detection content, alert tuning, and automation pipelines. Strategic & Team Contributions Drive annual security team goals More ❯

Penetration Tester – UK remote - £60,000 - £80,000 + Benefits + Bonus Our client is looking for an experienced Penetration Tester to join their established Offensive Security function. This role involves conducting and delivering high-quality security assessments across web applications, infrastructure, mobile, cloud, and networks. Our client is looking for someone who has a wide understanding … of different types of security testing, and in-depth threat-intelligence knowledge. Main Responsibilities: Perform penetration tests on web applications, networks, APIs, cloud environments, and mobile platforms. Assist in red team exercises, social engineering assessments, and security awareness initiatives. Conduct vulnerability assessments, exploit security flaws, and document findings with actionable remediation steps. Simulate real-world attack scenarios … to evaluate security weaknesses. Utilize and develop custom scripts, tools, and exploits to test system defences. Work closely with security teams to remediate identified vulnerabilities. To be considered, you should have: 4+ years in a penetration testing position. Strong knowledge of OWASP Top 10, MITRE ATT&CK Framework, and common exploit techniques. Experience using tools such as Burp More ❯

Penetration Tester Position Description CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 300 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and Many more. At CGI you will get the opportunity to work across … a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical … Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve their overall security posture and maturity to ensure they feel reassured in the Security control, measures and systems we have put in place in line with their requirements. At CGI training and development is very important not only do we More ❯

Are you a passionate security researcher with experience assessing large, complex software products? We are looking for talented individuals who are excited about security research and developing creative solutions for some of Oracle’s most critical customers. Finding and combining bugs to create new attacks is essential in this role. Who We Are We are a world-class … team of application security researchers who love new challenges. We are an inclusive and diverse, with a full range of experience and a global reach. We have the resources of a large enterprise and the energy of a start-up, and we’re working on a critical software assurance initiative with our cloud and mobile engineering teams. Our mission … is to make application security and software assurance a reality, at scale. We’re a dedicated team that leverages each other’s strengths to produce cutting-edge solutions to difficult problems. Join us to grow your career and create the future of software assurance at scale. Work You’ll Do As a member of our team, you will be More ❯

A global quantitative trading firm specializing in algorithmic and high-frequency trading (HFT) is hiring a Cyber Security Engineer (2-4 years' experience) to operate in a broad, vendor-agnostic security environment. This fully onsite role (5 days per week) offers exposure to cutting-edge security challenges across multiple domains. This is an opportunity to deep-dive … into security engineering, incident response, and automation in a high-impact role. If you're a technically strong, hands-on engineer looking for broad exposure and real security challenges, we want to hear from you! Responsibilities Owning security projects end to end - from design to execution Engineering, automating, and securing infrastructure, networks, and cloud environments Hands-on … engagement in Incident Response, security assessments, and remediation Working across networking, firewalls, and security (Palo Alto, Fortinet, all major cloud providers) Building and automating with Terraform, Ansible, Golang, Python, HashiCorp Leveraging offensive security knowledge (OSCP, Hack The Box, pentesting, SQL injection, homelabbing) Collaborating with multiple teams and communicating effectively across the business Skills & Requirements Security More ❯

About Bridewell One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of the world's most trusted organisations. We are the trusted partner for operators of essential services and provide end-to-end cyber security capabilities that help our clients overcome their security challenges, allowing them to operate safely and securely. Bridewell holds the Gold level, Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly one team. Who are we looking for? We are looking for an experienced Project Manager who can lead and … projects at any one time, with proven experience engaging and managing relationships with various stakeholders, including clients, vendors, and internal teams. Ideally, you'll have worked with a Cyber Security services provider or within a Cyber Security function, with knowledge of Cyber Security principles, standards, and technologies desirably resulting in at least a foundation level qualification (e.g. More ❯

Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: 45,000 - 60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across web … applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You … and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD security and container technologies like Docker. Knowledge of Red Team operations, CobaltStrike, bug bounty programs, or IoT/AI/LLM security. Hands-on coding or scripting knowledge and an More ❯

Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: £45,000 - £60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across web … applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You … and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD security and container technologies like Docker. Knowledge of Red Team operations, CobaltStrike, bug bounty programs, or IoT/AI/LLM security. Hands-on coding or scripting knowledge and an More ❯

At Vertical Structure (an Instil Company), we specialise in providing human-focused security and penetration testing services for web applications, cloud infrastructure and mobile applications. The Role We are looking for a CTL (Infrastructure) to join our dynamic team based in Belfast. As a Pen Tester, you will be part of the delivery team, conducting penetration tests and vulnerability … assessments across a range of technologies and a wide range of customers including software, fintech, manufacturing, engineering, legal, and public sector. Your insights will be crucial in identifying security weaknesses and helping clients fortify their systems. We offer varied, challenging work in a supportive environment where you will find yourself constantly evolving and learning, whilst studying towards further specialised … providing tailored actionable recommendations. Manage end-to-end testing, collaborating with clients during kick-off and discovery sessions, providing expert advice and follow up. Stay current with the latest security threats, vulnerabilities, and trends. Research offensive security techniques to assess and validate infrastructure and technologies, including cloud-based systems continuously incorporating new techniques into the team's More ❯