3 of 3 Penetration Testing Jobs in Gloucester

is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access Report on and assist with all security events and incidents. Oversee Security testing, including penetration testing and vulnerability scanning Ensure products compliance with security standards and regulations Ensure NAVBLUE Security strategy deployment within technical operations Ensure effective synchronization and alignment … Excellent management, analytical and problem-resolution skills Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

to: Rapidly summarise and assess new domains Provide domain knowledge for technical analysis, experimental development and subsequent engineering Researchers undertaking vulnerability & technical research are expected to: Know which pen-testing and reverse engineering tools and methodologies are appropriate to a given problem Have experience of advanced vulnerability assessment techniques such as fuzzing and code injection Researchers undertaking experimental development More ❯