1 to 25 of 54 Penetration Testing Jobs in the South East

and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery plans. More ❯

and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery plans. More ❯

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and … ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST … AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications such as CISSP, OSCP, GWAPT, CEH or CSSLP are a plus. Experience with Infrastructure More ❯

best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and … ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST … AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications such as CISSP, OSCP, GWAPT, CEH or CSSLP are a plus. Experience with Infrastructure More ❯

IT Security Manager – £67,000 + Benefits Looking for a technical, hands-on IT Security Manager to join a lean and growing security team. Requires a technical skillset, experienced with the microsoft Security stack as well as a diverse range More ❯

cyber domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT, Security+, CySA+, OSCP, AWS, GCP or Azure Security Certs, or similar Why More ❯

We are currently seeking a highly skilled and results-oriented Penetration Tester with at least 5 years of hands-on penetration testing experience. This is a rare opportunity to join a highly skilled and diverse security team committed to continuous growth and excellence in the field of offensive security. This role is office-based with occasional travel … to client site. Key Responsibilities Lead internal and external penetration tests, including web, mobile, infrastructure, wireless, cloud, and social engineering. Execute red team, purple team, and breach simulation exercises tailored to client maturity and objectives. Deliver detailed and actionable penetration testing reports Collaborate with clients to understand their specific security needs and present findings in a clear … manner. Develop and maintain security testing methodologies and procedures in alignment with industry best practices. Reviewed penetration test reports to ensure they are up to standard and meet test objectives. Mentor junior penetration testers. Assist in incident response activities, including investigation, containment, and remediation of security incidents. Conduct cloud security assessments. Essential Requirements Must be currently residing More ❯

Penetration Tester (OSCP Certified) - Up to £45,000 DOE Location: UK fully remote Salary: Up to £45,000 per annum, dependent on experience Employment Type: Full-Time, Permanent Eligibility: UK Residents only (UK Passport or Indefinite Leave to Remain required) - Unfortunately, PSW Visas cannot be considered. A very exciting growth role for the right person! I'm an experinced … cyber recruiter (of 20 yrs+) ready to talk to qualified individuals. We are currently seeking an enthusiastic and technically capable Penetration Tester with at least 6 months of hands-on penetration testing experience and a strong interest in developing advanced technical skills. This is a rare opportunity to join a highly skilled and diverse security team committed … to continuous growth and excellence in the field of offensive security. Key Responsibilities: Conduct hands-on Web Application Penetration Testing Support and contribute to Infrastructure and Cloud Security Assessments Be mentored and trained towards Adversarial Simulation , Red Team Operations , and other advanced offensive security techniques Write detailed, clear, and professional reports for technical and non-technical stakeholders Collaborate More ❯

Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive … enterprise security systems. Delivering presentations to technical and non-technical stakeholders. Main role will be as a Junior Cyber Security Consultant, with options in the future to move into penetration testing andto work in other areas of information security consultancy. Focus on your development by attaining industry recognised certifications. Be available for occasional on-call duties and on … site client engagements, as needed. What We're Looking For Qualifications : Relevant degree or one full year's minimum experience in penetration testing or cyber security assurance. Experience : Some experience of cyber security assessment, vulnerability assessments, or penetration testing. Certifications : such as CPSA or CEH would be advantageous. Tools: Experience of penetration testing tools, Linux More ❯

Conditional Access systems Maintain security certificates, encryption keys, and IDS/IPS systems Deliver cybersecurity awareness training and lead ad-hoc security projects Support and resolve issues identified during penetration testing Ideal Experience We’re looking for someone with strong hands-on experience in most of the following technologies: Essential: CrowdStrike EDR Mimecast Duo, Okta Rapid7 IVM, Tenable … patching Kali Linux, Metasploit, NMAP, BurpSuite Candidate Profile Professional certifications such as CISM, MS SC100/200/900, OSCP are advantageous Background in financial services, SOC environments, or penetration testing preferred Strong interpersonal and communication skills, with the ability to engage across teams and deliver training effectively Able to manage multiple priorities and collaborate cross-functionally What More ❯

to safeguard the organisations reputation and digital assets by ensuring robust, secure, and resilient platforms - even when managed by external partners. This individual will not only conduct independent PEN testing and identify security improvements but also act as the internal advocate for digital best practices, coordinating across multiple suppliers to drive continuous improvement in platform governance, availability, and risk … management. Key Responsibilities Conduct penetration testing (PEN testing) and security reviews across TrustMarks digital products and supplier-managed environments (AWS, APIs, websites, and data platforms). Identify vulnerabilities and provide clear, actionable recommendations for improvement to third-party suppliers. Act as the internal champion for digital security, operational resilience, and governance best practices. Collaborate with suppliers (TechInfluence … to be adopted across the supplier ecosystem. Provide assurance and reporting to TrustMark stakeholders on the health, risks, and maturity of the digital estate. Facilitate periodic reviews, audits, and testing exercises to evaluate infrastructure and application robustness. Stay abreast of emerging threats, vulnerabilities, and regulatory standards relevant to cloud-native and outsourced environments. Essential Skills and Experience Proven experience More ❯

analysis and mitigation strategies for vulnerabilities. Identifying security vulnerabilities and assessing their impact. Implementing control frameworks such as NIST 800-53, ISO 27001, FedRamp, and NIST CSF. Experience with penetration testing tools for web applications. Maintaining system/application records for reporting and alerts. Advising on IT security policies and procedures to reduce risks. Staying current with emerging More ❯

Best Companies as Best Company To Work For in the UK, Tech, and the South East in 2023. We are ISO27001 and ISO9001 certified by UKAS, a CREST approved penetration testing and SOC company, and hold IASME Cyber Essentials Certification and Cyber Essentials Plus certification. Learn more about our awards here . Why work for FSP? We offer More ❯

users - working collaboratively across internal teams and over 100 partners and suppliers. Oversee governance, risk, compliance, and security operations including incident response, threat intelligence, vulnerability management, and penetration testing. Direct the selection, deployment, and maintenance of appropriate security technologies and processes to protect ECCs data and assets. You will be responsible for designing and implementing the evolution of security More ❯

Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive … If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do Lead and mentor a team of Penetration testers, fostering a collaborative and high-performance work environment. Lead and oversee complex infrastructure penetration tests ensuring that they are conducted thoroughly and in accordance with project requirement. … scoping. You will have the opportunity to work on a wide range of services: web and mobile application tests, internal tests, infrastructure tests, but also, social engineering. Ensure all testing activities comply with CHECK standards. What We're Looking For Experience : Significant experience in penetration testing, including network, web application and internal penetration testing as More ❯

Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive … environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do • Conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. • Issue detailed reports outlining findings, risks, and recommendations for remediation. • Translate complex technical findings into actionable insights … engagements, as needed. What We're Looking For • Certifications: Relevant certifications such as CREST CRT, CREST CCT, OSCP, OSWE, OSCE, or equivalent level. • Experience: At least two years in penetration testing, covering network, web, and internal tests and customer engagements. • Tools: Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. • Communication: Strong verbal and written skills More ❯

assessments and vulnerability research across a broad range of on-premise software, cloud services and infrastructure Perform in-depth security assessments using results from static and dynamic analysis Create testing tools to help teams identify security-related weaknesses Collaborate with teams to help them triage and fix security issues What You’ll Bring Bachelor’s or Master’s degree … in Computer Science or related field (e.g. Electrical Engineering) 7+ years industry experience in one or more of the following areas: software/product security assessments, penetration testing, red teaming, web application assessments Aptitude for self-study, setting and achieving long term goals (for example, learning an unfamiliar programming language) Ability to effectively assess and communicate risks and … iOS/Android), Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2), Fuzzing (e.g. Jazzer/AFL/Peach), Web Application assessment (e.g. Burp Suite Proxy, ZAP, REST API testing) Proficiency in manual penetration testing in at least TWO or more of the following areas - Mobile, API, Infrastructure, OS, Web Application Knowledge of common vulnerabilities in different More ❯

cloud infrastructure using Infrastructure as Code principles Establish and maintain security controls and monitoring systems aligned with ISO27001 requirements Build and maintain CI/CD pipelines with integrated security testing and compliance checks Implement automated security scanning and vulnerability management processes Develop and maintain disaster recovery and backup solutions for critical systems Configure and manage secure cloud environments in … Deep understanding of cloud security best practices and implementing Zero Trust architecture Experience with healthcare compliance requirements (ISO27001, ISO13485, HIPAA) and security controls Proven track record implementing automated security testing and vulnerability management Strong knowledge of monitoring and observability tools (Azure Monitor, Application Insights) Experience implementing secure networking and identity management solutions in Azure Strong communication skills with ability … collaborate on security requirements across teams Track record of building secure and compliant DevOps practices Desired Skills Experience with quality management systems in medical device software development Experience of penetration testing Background in implementing Agile methodologies Experience of startup environments More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯