1 to 25 of 153 Offensive Security Jobs in the UK

Summary: CCL Solutions Group is seeking an exceptional Senior Penetration Tester with CHECK Team Leader Infrastructure (CTL-INF) qualifications to join our elite team of security professionals. Location: Home based Main Job Summary This is more than just a job, we're looking for individuals with a hacker's mindset, deep technical expertise, and a relentless drive to secure … the UK's most critical assets. You will be leading engagements across secure environments, delivering high-impact assessments, mentoring team members, and shaping the offensive security direction of the business. In return, we offer a highly supportive environment with structured mentoring, paid training days, and access to advanced tooling. Main Duties & Responsibilities (other duties may be assigned): CCL … risks, remediation strategies, and technical impact. Support red team simulations, infrastructure reviews, and adversary emulation where required. Contribute to internal R&D, tooling improvements, and the development of our offensive security services. Required Skill Set & Experience: This role requires a senior and mature person who can demonstrate leadership, honesty and integrity and who expects high standards. Please understand More ❯

GoDefend is a growing UK-based cyber security company based in Newcastle upon Tyne, offering a wide-spectrum of cyber solutions whilst specialising in continuous vulnerability scanning and penetration testing. We are seeking a Penetration Tester with over three years of hands-on experience in offensive security. Youll join a growing, fast-paced cyber security team where … your technical expertise and strong client-facing skills will directly contribute to our customers security posture. This hybrid role (would also consider remote working), is ideal for a technically skilled professional who is also confident communicating with clients and translating complex risks into clear business language. What Youll Be Doing: Conduct penetration testing across web applications, mobile apps, cloud … trusted advisor, clearly communicating findings, risk implications, and recommendations to stakeholders. Mentor junior testers and contribute to internal training and documentation. Investigate post-incident root causes and propose preventative security controls. Keep abreast of emerging threats, vulnerabilities, and tools to enhance internal testing capabilities. What Were Looking For: Technical Skills: Minimum 3 years of hands-on penetration testing experience. More ❯

help people live longer, happier, healthier lives, and to make a better world. As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination of vulnerability management and offensive security servicesacross all technology in Bupa. How you’ll help us make health happen Lead a team of technical security experts to drive a continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats. End to end management and delivery of security services including penetration … emerging cybersecurity industry thought leadership, external industry colleagues, threats, vulnerabilities, and attack techniques. What you’ll bring Solid experience in cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/ More ❯

Description We are looking for a Lead Cyber Security Engineer - Threat Simulation to be an integral part of our Offensive Security organization and contribute towards improving CME Group's security posture. This role will be responsible for participating in the execution of Red Team cyber exercises of internal and internet facing information systems and infrastructure to … identify misconfigurations and cyber security vulnerabilities that could be exploited by a threat actor to gain unauthorized access to computer systems and data. In addition, the role will require participation in Purple Team exercises to help the Blue Team improve their detection capabilities. This is a perfect opportunity for the right person to become a key part of a … Framework. Participate in purple team exercises that are intelligence driven to test cyber detections Build and maintain Red and Purple team infrastructure, automating functions where possible. Continually research new offensive security tactics, techniques, and procedures and communicate knowledge of the same to other team members . Conduct ad-hoc offensive security testing using industry standard tools More ❯

To: Head of Cyber Services Salary: £55,000 - £60,000 Travel: Occasional client site visits About Us We're a rapidly growing cybersecurity reseller and MSP delivering cutting-edge security solutions across network, endpoint, cloud, and offensive security testing. Our mission: empower clients to expose and eliminate critical vulnerabilities before attackers do. We're expanding our offensive security team and need an experienced Penetration Tester to deliver high-impact, real-world security assessments that drive tangible improvements. The Role - What You'll Own You will simulate sophisticated cyberattacks across client environments - from networks and web apps to cloud and endpoints - exposing weaknesses before adversaries can exploit them. Your findings will guide clients to stronger … more resilient security postures. Lead internal and external penetration tests , including infrastructure, web, wireless, cloud, and social engineering. Execute red team, purple team, and breach simulation exercises tailored to client maturity and objectives. Identify and safely exploit vulnerabilities to demonstrate real business impact . Deliver clear, actionable reports tailored to both technical teams and executives. Drive client engagement through More ❯

Role Summary: Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear communication, timely … delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non–technical stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering … writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments. Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding More ❯

Join to apply for the Cyber Security Engineer role at Circle Group 1 week ago Be among the first 25 applicants Join to apply for the Cyber Security Engineer role at Circle Group Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid London Contract Duration: until October 2025 We are currently … looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of the week working remotely. Role: Cyber Security Engineer Salary/Rate: up to £700 per day (inside IR35) Location: Hybrid London Contract Duration: until … October 2025 We are currently looking for a Cyber Security Engineer for our government client. This Cyber Security Engineer role is hybrid, based between 2-3 days per week on site in central London and the remainder of the week working remotely. The contract for the Cyber Security Engineer position is until October 2025 with potential to More ❯

Penetration Tester – UK Remote – £45,000–£60,000 We're working with a leading Cyber Security consultancy seeking a technically strong and experienced Penetration Tester to join their established offensive security team. This is a fantastic opportunity for someone with a solid foundation in Computer Science and proven hands-on experience in ethical hacking to step into … a role where you'll lead projects, mentor juniors, and have a tangible impact across real-world attack simulations, red teaming, and security testing. You’ll be working alongside other highly skilled red teamers, delivering client-facing engagements across web applications, cloud platforms, infrastructure, and bespoke systems —while also contributing to research, tooling, and internal capability development. Responsibilities Lead … professional background in Computer Science or a related technical discipline Hands-on penetration testing experience —ideally 2+ years in client-facing consultancy or in-house red teaming Proficiency with offensive tools and frameworks: Burp Suite, Nmap, Metasploit, BloodHound, Sliver , etc. Strong understanding of vulnerability classes , exploit development, and the OWASP Top 10 Comfortable scripting in Python, Bash, or PowerShell More ❯

Senior Penetration Tester – UK Remote – £65,000–£85,000 We’re partnered with a high-performing Cyber Security consultancy that’s seeking an accomplished and technically sharp Senior Penetration Tester to lead complex testing engagements across cloud, infrastructure, web, and bespoke systems. This is a fantastic opportunity for a seasoned professional ready to take ownership of full-scope assessments … shape methodologies, mentor junior staff, and contribute directly to strategic offensive security initiatives. You'll have the autonomy to deliver cutting-edge engagements while remaining hands-on with tooling, research, and client interaction. Responsibilities Lead and deliver end-to-end penetration testing engagements , including scoping, execution, and client delivery Uncover and exploit high-impact vulnerabilities across cloud environments … web apps , APIs , and internal networks Guide and review the work of mid-level and junior testers, ensuring testing quality and knowledge transfer Develop or enhance automation tooling and offensive techniques for internal team use Contribute to internal research and methodology improvements; maintain awareness of threat actor behaviours Engage with clients at both technical and stakeholder levels, translating findings More ❯

their capabilities. Our Penetration Testers work with organisations of all sizes and types to detect and remediate vulnerabilities. They help identify areas lacking sufficient protection. The team tests the security of infrastructure and applications, conducts IT Health Checks, reviews IT configurations, identifies gaps that threat actors could exploit, and makes recommendations to safeguard assets. What you'll be doing … consultancy to internal and external stakeholders. Leading the delivery of PGI's infrastructure penetration testing. Collaborating on the design and delivery of new and existing service lines related to offensive security assessments. Supporting and often leading technical pre-sales, proposal writing, and client engagements. Coaching and supervising junior team members, including resource management, development planning, mentoring, and knowledge … transfer. Analyzing security data to identify patterns, threats, and vulnerabilities. Producing high-quality technical reports that explain vulnerabilities in non-technical language for stakeholders. Performing quality assurance and peer reviews of project reports. Collaborating with colleagues on internal or client projects. Contributing to technical training and development materials. Supporting technical delivery projects to ensure successful outcomes. Mentoring security More ❯

days ago Be among the first 25 applicants RDQ326R18 The Red Team is committed to proactively identifying and mitigating security threats across our infrastructure, applications, and cloud environments. Through rigorous offensive security assessments, adversarial testing, and vulnerability research, we aim to uncover and address weaknesses before they can be exploited by real-world attackers. By simulating real … world attack scenarios, we help enhance our security posture, ensuring resilience against emerging threats and fostering a culture of security awareness throughout the organization. The Impact You Will Have You will be a key member of the Red Team at Databricks, conducting security assessments, developing novel attack techniques, and working across teams to improve our defensive capabilities. … Your work will involve: Conducting Red Team operations on cloud environments, infrastructure, and applications to identify and exploit security weaknesses in both development and production environments. Developing and refining tools, exploits, and automation to simulate real-world adversarial techniques against enterprise security controls. Performing vulnerability research and exploit development, including discovering zero-days, bypassing security controls, and More ❯

ESO's teams are growing, and our software is in demand globally by firefighters, paramedics, hospitals and governments. To meet this demand, we are building an industry-leading cyber security team in Belfast to protect our customers and data from a variety of fast moving and constantly evolving threats. We are looking for an Application Security Engineer to … These applications are used to help our customers go about their daily job of protecting their communities and saving lives. You will refine our application design and protection using offensive security techniques like design assessment, research, threat intelligence, threat modelling, and controls optimization. You will conduct security assessments of our applications, identify issues, and help address them … early in the development cycle. You'll also support developers in improving coding practices to enhance security and assist with remediating findings from security assessments. Our Security Engineering team operates autonomously within a motivated and forward-thinking Security team. Join our diverse, growing team, working on mission-critical products with training and mentoring support. Joining our More ❯

This Security Testing Operations (STO) Senior Associate role is a crucial role for the offensive testing programme across the group, which protects the business from our most sophisticated cyber threats! The role holder will plan and complete offensive security simulations targeting assets across the enterprise as well as provide technical support for our bug bounty and … for incident response and product development on their successes, failures and potential areas of improvement Study and replicate tactics, techniques and procedures used by modern attackers to improve the security of our products and corporate environment Efficiently report analysis and findings in the most accessible way (written reports, Jira, tickets, presentations etc) Develop, modify and extend tools/exploits … that assist with execution of security assessments, including custom tools and automation. Experience Technology related Bachelor's Degree or equivalent experience and certifications in cyber security One or more of the following security certifications OSCP, OSCE, OSEE, OSWE, CREST, GXPEN preferred Demonstrable experience in Red Teaming and Penetration Testing Minimum 3 years of deep, hands-on, technical More ❯

leader in the cybersecurity and risk consulting space. Working with a wide range of organizations — from FTSE 100 companies to critical infrastructure and government entities — they provide high-quality security testing and advisory services across various industries. This is an excellent opportunity to join a team that values your expertise, supports your growth, and offers the flexibility of remote … reports detailing findings, impact, and practical remediation advice. Collaborate directly with client stakeholders during scoping, testing, and results presentations. Keep current with emerging threats, vulnerabilities, and tools in the offensive security landscape. Contribute to internal development of testing methodologies, tooling, and knowledge sharing. Experience with red teaming, threat simulation, or assumed breach testing. Scripting/automation with Python … Bash, or PowerShell. Previous consultancy or client-facing experience. Eligibility for or possession of UK Security Clearance (preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK). Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc. Excellent communication and reporting skills. Required Qualifications: Demonstrable experience More ❯

The Red Team is committed to proactively identifying and mitigating security threats across our infrastructure, applications, and cloud environments. Through rigorous offensive security assessments, adversarial testing, and vulnerability research, we aim to uncover and address weaknesses before they can be exploited by real-world attackers. By simulating real-world attack scenarios, we help enhance our security posture, ensuring resilience against emerging threats and fostering a culture of security awareness throughout the organization. The Impact You Will Have: You will be a key member of the Red Team at Databricks, conducting security assessments, developing novel attack techniques, and working across teams to improve our defensive capabilities. Your work will involve: Conducting Red Team operations … on cloud environments, infrastructure, and applications to identify and exploit security weaknesses in both development and production environments. Developing and refining tools, exploits, and automation to simulate real-world adversarial techniques against enterprise security controls. Performing vulnerability research and exploit development, including discovering zero-days, bypassing security controls, and creating proof-of-concept exploits. Assessing cloud security More ❯

Consultant – Cyber Security (Penetration Tester) RSM UK Greater London, England, United Kingdom Join or sign in to find your next job Join to apply for the Consultant – Cyber Security (Penetration Tester) role at RSM UK Consultant – Cyber Security (Penetration Tester) RSM UK Greater London, England, United Kingdom 2 weeks ago Be among the first 25 applicants Join … to apply for the Consultant – Cyber Security (Penetration Tester) role at RSM UK Get AI-powered advice on this job and more exclusive features. Direct message the job poster from RSM UK Talent Acquisition Senior Specialist - Consulting As one of the world's largest networks of audit, tax and consulting firms, RSM delivers big ideas and premium service to … support our clients in achieving their strategic goals and empower our people to make an impact and develop their own unique career path. We are seeking an enthusiastic Cyber Security Consultant to join our team. Working alongside our experienced team of specialists, you’ll be delivering offensive security services including digital footprint reconnaissance, social engineering, penetration testing More ❯

At Vertical Structure (an Instil Company), we specialise in providing human-focused security and penetration testing services for web applications, cloud infrastructure and mobile applications. The Role We are looking for a CTL (Infrastructure) to join our dynamic team based in Belfast. As a Pen Tester, you will be part of the delivery team, conducting penetration tests and vulnerability … assessments across a range of technologies and a wide range of customers including software, fintech, manufacturing, engineering, legal, and public sector. Your insights will be crucial in identifying security weaknesses and helping clients fortify their systems. We offer varied, challenging work in a supportive environment where you will find yourself constantly evolving and learning, whilst studying towards further specialised … providing tailored actionable recommendations. Manage end-to-end testing, collaborating with clients during kick-off and discovery sessions, providing expert advice and follow up. Stay current with the latest security threats, vulnerabilities, and trends. Research offensive security techniques to assess and validate infrastructure and technologies, including cloud-based systems continuously incorporating new techniques into the team's More ❯

Tester (Principal Consultant) to join our team during this exciting period of innovation and expansion. Cognisys is a leading cybersecurity company specialising in Penetration Testing, GRC Consulting, and Managed Security services. We pride ourselves on our customer service, forward-thinking approach, and commitment to excellence. Our small but mighty team works with some of the best-known companies in … over 30 countries worldwide! About The Role As a Penetration Tester (Principal Consultant), you will be key in driving commercial success, managing high-performing teams, and delivering cutting-edge offensive security projects. This role is ideal for a technical leader with deep expertise in red teaming and cloud security, coupled with a passion for business growth and … client engagement. If you are a seasoned cybersecurity professional with a passion for offensive security, team leadership, and business growth, we want to hear from you! Key Responsibilities Commercial & Client Engagement: Act as a primary technical contact for key accounts, ensuring strong client relationships and project success. Lead pre-sales engagements, scope projects, and develop Statements of Work More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments … applications, cloud infrastructure, and APIs. This role requires a deep understanding of adversarial tactics, excellent communication skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across … and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. Communicate complex security concepts and threat insights effectively to technical and non-technical stakeholders. Collaborate with client IT and cybersecurity teams to improve security protocols and address vulnerabilities. Monitor remediation efforts More ❯

THE ROLE NextEnergy Group develops, builds, and operates large-scale solar Photovoltaic (PV) assets and battery storage projects across Europe. As our Security & Information Security Architect, you will set the security vision and implement secure-by-design principles for every layer of the organization — from field-level Operational Technology networks and real-time trading engines right through … to corporate business systems. A critical dimension of the role will be tight collaboration with: Data Protection Officer (DPO): embedding privacy-by-design, supporting DPIAs and audits Network & Security Engineering team: turning architecture patterns into robust, monitored, and recoverable configurations in production External security advisors & key technology suppliers to align architectural controls with best practice guidance, managed service … This is a strategic yet hands-on role that balances secure-by-design principles with practical delivery across cloud, on-prem, and SaaS estates. KEY RESPONSIBILITIES Set & evolve enterprise security architecture (reference models, standards, patterns) covering IT, OT and hybrid-cloud environments that collect, process and trade renewable-generation data Embed security & privacy requirements into solution designs, CI More ❯

THE ROLE NextEnergy Group develops, builds, and operates large-scale solar Photovoltaic (PV) assets and battery storage projects across Europe. As our Security & Information Security Architect, you will set the security vision and implement secure-by-design principles for every layer of the organization — from field-level Operational Technology networks and real-time trading engines right through … to corporate business systems. A critical dimension of the role will be tight collaboration with: Data Protection Officer (DPO): embedding privacy-by-design, supporting DPIAs and audits Network & Security Engineering team: turning architecture patterns into robust, monitored, and recoverable configurations in production External security advisors & key technology suppliers to align architectural controls with best practice guidance, managed service … This is a strategic yet hands-on role that balances secure-by-design principles with practical delivery across cloud, on-prem, and SaaS estates. KEY RESPONSIBILITIES Set & evolve enterprise security architecture (reference models, standards, patterns) covering IT, OT and hybrid-cloud environments that collect, process and trade renewable-generation data Embed security & privacy requirements into solution designs, CI More ❯

Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: 45,000 - 60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across web … applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You … and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD security and container technologies like Docker. Knowledge of Red Team operations, CobaltStrike, bug bounty programs, or IoT/AI/LLM security. Hands-on coding or scripting knowledge and an More ❯

Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: £45,000 - £60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across web … applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You … and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD security and container technologies like Docker. Knowledge of Red Team operations, CobaltStrike, bug bounty programs, or IoT/AI/LLM security. Hands-on coding or scripting knowledge and an More ❯

Junior Penetration Tester - UK remote - £25,000 - £35,000 We’re working with our client, a leading Cyber Security consultancy, who're looking for a passionate and technically driven Junior Penetration Tester to join their growing offensive security team. This is an ideal opportunity for someone with a strong Computer Science background who is eager to break … into the world of ethical hacking and develop hands-on skills in real-world attack simulation and security research. You’ll work alongside experienced red teamers and security consultants, supporting engagements across web applications, infrastructure, and cloud environments. Expect to grow quickly—this role will give you the mentorship, tools, and exposure to become a highly capable offensive security professional. Responsibilities: Assist in delivering penetration tests on internal/external networks, web apps, APIs, and cloud systems Support vulnerability assessments , threat modelling, and reporting of findings to clients Help develop scripts and tooling for automation, reconnaissance, and exploit development Participate in red team simulations and security research Write clear, technically sound findings in both technical More ❯

Views: 6 Posted: 27.06.2025 Job Description: Graduate Penetration Tester (Red Team) Hybrid WFH to £50k Do you have an academic record of achievement combined with an interest in Cyber Security/Penetration Testing? You could be progressing your career as a Penetration Tester at a rapidly expanding scale-up software house that is developing a highly complex network cyber … security platform, working on Greenfield projects, collaborating with, and learning from a hugely talented team. Your role: As a Graduate Penetration Tester you will manage client engagements, perform security tests and report findings; you'll be using an industry standard tools combined with in-house developed tools as well as carrying out manual reviews to discover any issues … 2.1 or above from a Russel Group or top tier world university - Computer Science, Engineering, Physics or Mathematics; MSc or PhD advantageous You have a keen interest in Cyber Security and understanding of key concepts and protocols You have commercial experience with Penetration testing, Offensive Security or Red Team testing You can code with any OO programming More ❯