17 of 17 Penetration Testing Jobs in Scotland

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity/Role Summary: Conduct application security reviews and perform penetration testing, ensuring alignment with compliance standards. Engage in projects, research, and security tool development to enhance security measures and meet compliance requirements. Scale security processes using automation. Provide … techniques, and methodologies to naturally build secure products. What you'll Need to Succeed/Role Requirements: Strong foundations in secure design reviews, threat modeling experience, code reviews, pen-testing Minimum of 3 years of technical experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network More ❯

clearly to both technical and non-technical audiences and hold strong team ethos that encourages diversity. IT WOULD BE GREAT IF YOU ALSO HAD ANY Experience of conducting control testing, technical reviews or audits to understand cyber compliance needs aligned to technical and regulatory standards. Experience of cyber risk management, security frameworks (NIST, ISO27001) cyber compliance, assurance, and attestation … work. Exposure to facilitating penetration testing, security risk assessments, driving the remediation of cyber vulnerabilities and remediating or mitigating cyber risks. Experience of security testing services e.g., penetration testing, ZAP testing, Burp Suite, Attack & Breach simulation, or similar. Knowledge of emerging threats e.g. Quantum, AI and Digital Ledger Financial Services Regulation and Payments Scheme More ❯

security measures to protect our organisation's assets from cyber threats and ensuring compliance with industry standards. Key Responsibilities Assist in the planning and implementation of security controls and testing to ISO27001 standards, including developing and enforcing security policies and best practices to ensure compliance. Perform business impact analyses (BIA) across key technology processes, systems and facilities and identify … identified are tracked to a satisfactory conclusion. Document and report enterprise risk and compliance issues according to required timelines. Assist with the management, planning & preparation of third-party external penetration testing. Assist in preparation and review of corrective action plans associated with penetration test/vulnerability management findings. Perform internal penetration testing to assess the security … and experience Qualifications such as CompTIA Security+, CEH or ISO27001 Lead Implementer. Experience of senior management engagement and relationship management. Experience in dealing with Information Security incidents. Experience conducting penetration tests and working with vulnerability management tools. Benefits This role offers a fantastic package. The salary on offer will be competitive, commensurate with your skills and experience. On top More ❯

work Manage vendor performance and escalations Security & Compliance: Act as primary point of contact for parent company security audits Develop and maintain security compliance documentation Coordinate and respond to penetration testing activities Implement security recommendations and remediation plans Ensure infrastructure meets corporate security standards Participate in security incident response planning Business Continuity: Lead disaster recovery planning for scientific … computing infrastructure Coordinate and execute DR testing Maintain DR documentation and procedures Develop and maintain business continuity plans Ensure RPO/RTO objectives are met Financial Planning & Technical Debt: Develop long-term capital planning for infrastructure Manage infrastructure budget and forecasting for AskBio European locations Identify and track technical debt Create remediation plans for technical debt Provide cost-benefit … optimization tools Demonstrated ability to work with scientific computing workflows Experience managing vendor relationships and contracts Knowledge of IT security and compliance requirements Experience with disaster recovery planning and testing Understanding of IT financial planning and budgeting Experience with audit responses and compliance documentation Strong experience with Linux administration and engineering Extensive knowledge of virtualization technologies, particularly VSphere Preferred More ❯

Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive … enterprise security systems. Delivering presentations to technical and non-technical stakeholders. Main role will be as a Junior Cyber Security Consultant, with options in the future to move into penetration testing andto work in other areas of information security consultancy. Focus on your development by attaining industry recognised certifications. Be available for occasional on-call duties and on … site client engagements, as needed. What We're Looking For Qualifications : Relevant degree or one full year's minimum experience in penetration testing or cyber security assurance. Experience : Some experience of cyber security assessment, vulnerability assessments, or penetration testing. Certifications : such as CPSA or CEH would be advantageous. Tools: Experience of penetration testing tools, Linux More ❯

execution of the global vulnerability management processes and controls. This includes: Inventorying of logical components and dependencies of business solutions Proactively discovering vulnerabilities Coordinating the execution of scanning, pen testing, or in general the activities and services of vulnerability identification Vulnerability assessment Remediation and mitigation of vulnerabilities Solution verification Reporting Contributing to the evolution of the process for vulnerability More ❯

Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive … environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do • Conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. • Issue detailed reports outlining findings, risks, and recommendations for remediation. • Translate complex technical findings into actionable insights … engagements, as needed. What We're Looking For • Certifications: Relevant certifications such as CREST CRT, CREST CCT, OSCP, OSWE, OSCE, or equivalent level. • Experience: At least two years in penetration testing, covering network, web, and internal tests and customer engagements. • Tools: Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. • Communication: Strong verbal and written skills More ❯

Doing: As a Security Consultant, you'll be at the forefront of our efforts to identify and remediate vulnerabilities across diverse environments. Your core responsibilities will include: Conducting advanced penetration testing and red teaming exercises across on-premises infrastructures, cloud platforms (AWS, Azure, GCP), and intricate hybrid environments. You'll simulate real-world attacks to uncover critical weaknesses. … teams to provide expert guidance and support in fixing identified security flaws, ensuring practical and effective solutions are implemented. Contributing to the continuous improvement of our security tools and testing methodologies . You'll help shape the future of our offensive security capabilities. Fostering a culture of collaboration and knowledge sharing within a supportive team environment, where continuous learning … who possess a strong foundation in offensive security and a proactive mindset. Ideal candidates will demonstrate: Proven hands-on experience in offensive security , including a track record of successful penetration tests and red team engagements. In-depth knowledge of Active Directory and major cloud platforms (AWS, Azure, GCP), encompassing their security configurations, common vulnerabilities, and exploitation techniques. A strong More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

and external partners to ensure data integrity and alignment What We’re Looking For: Deep understanding of cybersecurity operations, particularly in CIM and TVM (incident detection, response, patching, and penetration testing) Strong analytical and data visualization skills Ability to drive cross-functional collaboration in a geographically distributed environment Proven organizational skills and ability to manage competing priorities Qualifications More ❯

and external partners to ensure data integrity and alignment What We're Looking For: Deep understanding of cybersecurity operations, particularly in CIM and TVM (incident detection, response, patching, and penetration testing) Strong analytical and data visualization skills Ability to drive cross-functional collaboration in a geographically distributed environment Proven organizational skills and ability to manage competing priorities Qualifications More ❯

and external partners to ensure data integrity and alignment What We're Looking For: Deep understanding of cybersecurity operations, particularly in CIM and TVM (incident detection, response, patching, and penetration testing) Strong analytical and data visualization skills Ability to drive cross-functional collaboration in a geographically distributed environment Proven organizational skills and ability to manage competing priorities Qualifications More ❯

Best Company To Work For in the UK, Tech and the South East in 2023. We are ISO27001 and ISO9001 Certified by UKAS. We are also a CREST approved penetration testing and SOC company, IASME Cyber Essentials Certification body and Cyber Essentials Plus certified. Find out more about our awards here: Why work for FSP? At FSP, we More ❯

break things (ethically) and make the digital world safer? We're on the hunt for a Security Consultant to join our top-tier cyber team! 💻💥 What you'll do: 🔍 Penetration testing & red teaming across on-prem, cloud & hybrid ☁️ Hack into AD, Entra ID (Azure AD), AWS, GCP, and more 🛠️ Work with remediation teams to fix real-world issues … Help shape our tools & testing methods 🤝 Collaborate, share, and grow with a supportive team What we're looking for: 🎯 Proven offensive security skills 🌐 Strong knowledge of AD & cloud platforms 🧠 Curiosity and willingness to learn beyond your comfort zone 🎓 Ideally working towards, or already hold CSTM or CRT Why Sapphire? ✅ Cutting-edge projects ✅ Inclusive culture 🌈 ✅ Real impact on client security More ❯