Penetration Testing Jobs in the East of England

1 to 25 of 56 Penetration Testing Jobs in the East of England

DevSecOps Engineer - ONSITE

Loughton, Essex, South East, United Kingdom
Hybrid / WFH Options
Profile 29
role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯
Employment Type: Permanent, Work From Home
Posted:

Sr. Information Security Analyst

Cambridge, England, United Kingdom
Draper Labs
complex malware and intrusion issues * Evaluate/Implement new cyber security tools as well as policies to enhance Draper's security posture * Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. * Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat More ❯
Posted:

DevSecOps Engineer - ONSITE

Loughton, Essex, England, United Kingdom
Hybrid / WFH Options
Profile 29
role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯
Employment Type: Full-Time
Salary: £80,000 - £100,000 per annum
Posted:

Senior Cyber Security Engineer

Welwyn Garden City, England, United Kingdom
Hybrid / WFH Options
PayPoint plc
You'll also work on automating routine tasks to speed up our response times. From start to finish, you’ll oversee cybersecurity incidents, document findings, and suggest improvements. Security Testing & Business Support: You’ll take part in cyber-attack simulations, penetration testing, and security drills to ensure our defenses are strong. You'll also help identify critical More ❯
Posted:

Cyber Security Lead

Cambridge, England, United Kingdom
Hybrid / WFH Options
Murnen Design
mitigation techniques. Experience with a wide range of security technologies and practices, including: Intrusion detection and prevention systems (IDPS) Security information and event management (SIEM) system Vulnerability scanning and penetration testing Cloud security Identity and access management (IAM) Data loss prevention (DLP) Endpoint protection Security operations and incident response Experience in developing and implementing security policies, procedures, and More ❯
Posted:

Technical Cyber Risk Assessment Manager

St. Albans, Hertfordshire, United Kingdom
Hybrid / WFH Options
Deloitte LLP
and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

DevSecOps Engineer - ONSITE

Loughton, England, United Kingdom
Hybrid / WFH Options
Talkspirit
and responsible lending. Role Summary This is an initial 6-month contract for an experienced DevSecOps Engineer focused on securing Azure infrastructure, integrating security automation, PCI DSS compliance, vulnerability testing, and incident response. The role involves developing and maintaining secure Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform, mentoring an internal engineer, and managing Sentinel, Defender, and … Centre, Microsoft Defender, and Sentinel for security monitoring. Oversee SOAR solutions including SOC Prime. Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Conduct vulnerability assessments and penetration testing. Ensure PCI DSS compliance through audits and risk assessments. Implement DNS security solutions. Develop incident response processes with third-party support. Develop SIEM solutions, logging, and threat intelligence … engineers and coordinate with external security partners. Ensure comprehensive documentation for post-contract continuity. Minimum Requirements Strong expertise in Azure security, Microsoft Defender, and Sentinel. Experience with SOAR technologies, penetration testing, and vulnerability assessments. Proficiency with Terraform and IaC security automation. Knowledge of DevOps pipelines, PCI DSS, SIEM, and security frameworks. Scripting skills (Python, Bash, PowerShell). Excellent More ❯
Posted:

Lead Security Engineer

Luton, Bedfordshire, United Kingdom
Hybrid / WFH Options
Leonardo UK Ltd
Plan, lead the response to security incidents and breaches, providing expertise in root cause analysis, containment, and remediation. Vulnerability Management: Conduct regular security assessments, including vulnerability scanning and writing penetration testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide guidance on the selection, implementation, and optimization of security tools such as … IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation of the Engineering development lifecycles and how the Product Security specialism aligns Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as the legacy JSP 604 Assurance or the CAF GovAssure processes). More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Lead Product Security Engineer

Luton, Bedfordshire, United Kingdom
Hybrid / WFH Options
Matchtech
for product teams. Support system accreditation, liaising with security accreditors and assurance teams. Prepare security documentation including Protection Profiles, Security Targets, and TEMPEST Control Plans. Assist with platform lockdown, penetration testing, and vulnerability management. Lead incident response efforts and support product security training. Skills & Experience: Background in securing defence or commercial systems. Degree in engineering, computer science, or More ❯
Employment Type: Contract
Rate: GBP 91 Hourly
Posted:

Senior DevSecOps Engineer (Relocation to San Sebastian) (Remote)

Cambridge, England, United Kingdom
Hybrid / WFH Options
RemoteStar
significant work experience emphasizing cybersecurity. 5+ years as a DevSecOps Engineer. Strong knowledge of Network Architecture in AWS and/or Azure. Cybersecurity expertise in SAST, DAST, SIEM, SSO, penetration testing, and cybersecurity controls. Experience with Cybersecurity Incident Response protocols. Cryptographic controls experience, including SSH key handling, logging, and auditing. Competence with Key Management Service, key rotation, and More ❯
Posted:

Cyber Security Consultant

Basildon, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
several of the skills and technologies below: Microsoft Sentinel Tenable Vulnerability Management (Or similar technology) Azure update Manager/Other Patching technologies Qualifications: Microsoft Security Certifications (eg SC200) Pen Testing/Related Certifications DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability to demonstrate knowledge in some of the below would add significant value to your application. Training and development in these More ❯
Posted:

Cyber Security Consultant

Bedford, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
several of the skills and technologies below: Microsoft Sentinel Tenable Vulnerability Management (Or similar technology) Azure update Manager/Other Patching technologies Qualifications: Microsoft Security Certifications (eg SC200) Pen Testing/Related Certifications DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability to demonstrate knowledge in some of the below would add significant value to your application. Training and development in these More ❯
Posted:

Cyber Security Consultant

Norwich, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
several of the skills and technologies below: Microsoft Sentinel Tenable Vulnerability Management (Or similar technology) Azure update Manager/Other Patching technologies Qualifications: Microsoft Security Certifications (eg SC200) Pen Testing/Related Certifications DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability to demonstrate knowledge in some of the below would add significant value to your application. Training and development in these More ❯
Posted:

Cyber Security Consultant

Watford, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
several of the skills and technologies below: Microsoft Sentinel Tenable Vulnerability Management (Or similar technology) Azure update Manager/Other Patching technologies Qualifications: Microsoft Security Certifications (eg SC200) Pen Testing/Related Certifications DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability to demonstrate knowledge in some of the below would add significant value to your application. Training and development in these More ❯
Posted:

Head of Product Cyber Security SME

Hemel Hempstead, England, United Kingdom
Smiths Detection
cyber security roadmap, lead teams, and manage stakeholders, including third-party providers, to ensure the security of our software products and hardware integrations. Key responsibilities include: Leading security assessments, penetration testing, and vulnerability management. Driving secure coding practices and guidelines. Providing strategic and technical leadership to cyber security initiatives. Managing a diverse, cross-cultural team. Developing and maintaining More ❯
Posted:

Assistant Director of Cyber Security

Chelmsford, Essex, South East, United Kingdom
Hybrid / WFH Options
Keystream Group Limited
users - working collaboratively across internal teams and over 100 partners and suppliers. Oversee governance, risk, compliance, and security operations including incident response, threat intelligence, vulnerability management, and penetration testing. Direct the selection, deployment, and maintenance of appropriate security technologies and processes to protect ECCs data and assets. You will be responsible for designing and implementing the evolution of security More ❯
Employment Type: Permanent, Work From Home
Posted:

Assistant Director of Cyber Security

Chelmsford, England, United Kingdom
Hybrid / WFH Options
Daxis Web BV
users - working collaboratively across internal teams and over 100 partners and suppliers. Oversee governance, risk, compliance, and security operations including incident response, threat intelligence, vulnerability management, and penetration testing. Direct the selection, deployment, and maintenance of appropriate security technologies and processes to protect ECCs data and assets. You will be responsible for designing and implementing the evolution of security More ❯
Posted:

SOC Analyst Tier 1

Hemel Hempstead, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
and behavioral malware analysis methods and tools (e.g., sandbox environments) Background and experience in at least two of the following is an advantage: Endpoint security, malware analysis, threat hunting, penetration testing, incident response, reverse engineering, or digital forensics Familiarity with common operating system concepts (e.g., processes, threads, DLLs, parent-child process relationships, scheduled tasks) Solid foundation in networking More ❯
Posted:

Penetration Tester

Hemel Hempstead, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
in the cybersecurity and risk consulting space. Working with a wide range of organizations — from FTSE 100 companies to critical infrastructure and government entities — they provide high-quality security testing and advisory services across various industries. This is an excellent opportunity to join a team that values your expertise, supports your growth, and offers the flexibility of remote working … with the stimulation of varied engagements. Key Responsibilities: Conduct thorough penetration tests on infrastructure, networks, cloud environments, and web applications. Deliver high-quality, client-ready reports detailing findings, impact, and practical remediation advice. Collaborate directly with client stakeholders during scoping, testing, and results presentations. Keep current with emerging threats, vulnerabilities, and tools in the offensive security landscape. Contribute … to internal development of testing methodologies, tooling, and knowledge sharing. Experience with red teaming, threat simulation, or assumed breach testing. Scripting/automation with Python, Bash, or PowerShell. Previous consultancy or client-facing experience. Eligibility for or possession of UK Security Clearance (preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top More ❯
Posted:

Lead Application Security Engineer

Watford, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
You’re walking into a mature environment : The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility : Reporting to the CIO , with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯
Posted:

Lead Application Security Engineer

Hemel Hempstead, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
You’re walking into a mature environment : The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility : Reporting to the CIO , with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯
Posted:

Head of Technology Operations

Wavendon, Bedfordshire, United Kingdom
Hybrid / WFH Options
Big Red Recruitment Midlands Limited
data and broadcast services to global customers. In this role, you will: Own cloud operations across Azure and drive platform performance and cost optimisation Oversee security engineering, audits, pen testing, and compliance Lead change and incident management and support services (24/7) Manage end-user tech, corporate apps (e.g. ServiceNow, Salesforce), and software licensing Collaborate with exec leadership More ❯
Employment Type: Permanent
Salary: GBP 120,000 - 140,000 Annual
Posted:

Penetration Tester (OSCP or similar certified)

Watford, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
Social network you want to login/join with: Penetration Tester (OSCP or similar certified), Watford, Hertfordshire Client: Harrington Starr Location: Watford, Hertfordshire, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 4 Posted: 26.06.2025 Expiry Date: 10.08.2025 Job Description: Harrington Starr has partnered with a global multi-billion-pound business in Belfast to find a … Vulnerability and Penetration Testing Engineer to join their Belfast Centre team, providing security architecture, vulnerability, and risk assessment. We are open to speaking with suitable candidates who may be interested in a remote contract with occasional trips to the Belfast Head Office. Responsibilities: Evaluate proposed and current solutions to ensure compliance with security standards, including ISMS Policy, client … to protect the company's assets. Continuously evaluate products, tools, scripts, and techniques to enhance assessment capabilities. 3+ years in a pen test role. Excellent knowledge of Vulnerability and Penetration Testing concepts and best practices, including WhiteHat/Ethical Hacking requirements. Experience with automated tools such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave. Understanding of the difference More ❯
Posted:

Penetration Tester (OSCP or similar certified)

Hemel Hempstead, England, United Kingdom
Hybrid / WFH Options
JR United Kingdom
Social network you want to login/join with: Penetration Tester (OSCP or similar certified), Hemel Hempstead Client: Harrington Starr Location: Hemel Hempstead, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 4 Posted: 26.06.2025 Expiry Date: 10.08.2025 Job Description: Harrington Starr has partnered with a global multi-billion-pound business in Belfast, seeking a Vulnerability … and Penetration Testing Engineer to join their Belfast Centre team. The role involves providing security architecture, vulnerability, and risk assessment services. We are open to speaking with suitable candidates who may be interested in working on a remote contract with occasional trips to the Belfast Head Office. Responsibilities: Thoroughly evaluate proposed and current solutions to ensure compliance with … firm's assets. Continuously evaluate relevant products, tools, scripts, and techniques to enhance assessment capabilities. Minimum of 2+ years in a pen test role. Excellent knowledge of Vulnerability and Penetration Testing concepts and best practices, including WhiteHat/Ethical Hacking requirements. Experience with automated tools such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave. Deep understanding of the More ❯
Posted:

Offensive Security Specialist

Watford, England, United Kingdom
JR United Kingdom
Posted: 26.06.2025 Expiry Date: 10.08.2025 col-wide Job Description: Role: Offensive Security Specialist Type: Permanent Clearance: Eligible for SC Interested in getting away from the grind of endless similar penetration tests? Keen to stretch yourself into a more managerial role over time, building up a capability around you? We are working with a leading security services provider who are … in the process of standing up their Offensive Security capability. The work will be focused on providing services such as Web App testing, Infrastructure testing and Code Review services to clients whilst also looking at how to develop that side of the company further. This role has a unique blend of hands on, technical work that would suit … into a market leading function •Customer engagement, through the scoping process, tool selection and overall delivery •Run and take ownership of services such as Vulnerability Assessments, Code Review and Penetration Testing •Potential to work overseas to provide training services or working with clients to develop their own security posture •Engage in a cross departmental way in order to More ❯
Posted: