1 to 25 of 38 Penetration Testing Jobs in the UK excluding London

Head of Penetration Testing A high-growth technology consultancy is scaling its global penetration testing capability and needs a strong leader to take the reins. This role sits at the heart of delivery, performance and client experience, bringing structure, pace and commercial focus to a critical … 000pa & Benefits Industry: Cyber Security What You’ll Be Doing: Leading the day-to-day performance and operations of a multi-region penetration testing practice Managing utilisation, capacity planning and revenue delivery across the team Ensuring consistent, high-quality delivery across all client engagements Partnering with Sales ...

Penetration Test Lead (Hands-On) Rate: £500 - £550 per day Inside IR35 - total to umbrella Duration: 3 months initial (Scope for extension) Location: South West (onsite once per month) We're looking for an experienced Penetration Test Lead to join a growing internal security function, combining hands … technical delivery with team leadership. The Role: You'll lead a team of three penetration testers, taking ownership of testing intake, engagement scoping and delivery oversight. Alongside managing workloads and priorities, you'll stay hands-on supporting complex assessments, validating findings and driving improvements in testing approaches. ...

documentation and evidence packs Track and drive remediation activities Coordinate gap assessments and readiness reviews Provide senior leadership with audit and risk reporting Security Testing & Assurance Coordinate penetration testing and vulnerability assessments Work with internal teams and third-party providers Track remediation of security findings Embed testing … desirable) Background in fintech or regulated financial services (preferred) Experience managing audits and working with auditors Understanding of risk management frameworks Experience with control testing and evidence management Knowledge of cloud, infrastructure, and application security concepts Experience coordinating penetration testing and vulnerability management Strong policy writing ...

Principal Cybersecurity Test Engineer is an elite-level individual contributor role within the Spacelabs Cybersecurity Team. This position is responsible for designing and conducting penetration testing to ensure robust security controls for Spacelabs products, infrastructure, and solutions. Key Responsibilities Design and execute penetration tests simulating advanced cyber … emerging threats, vulnerabilities, and attacker methodologies using internal and external resources. Develop and maintain security assessment project plans. Create and implement security exploits for penetration testing; continuously adopt new exploit development methods. Evaluate applicability of exploits and tools for products and applications. Support security awareness initiatives and product ...

remediation of vulnerabilities based on risk Work with engineering and IT teams to ensure vulnerabilities are resolved effectively Analyse outputs from vulnerability scanning and penetration testing activities Support both internal teams and clients in improving security posture Maintain clear documentation of vulnerabilities, risks and remediation actions Ensure systems … function Hands-on experience with tools such as Qualys, Nessus, Rapid7 or similar Strong understanding of vulnerability assessment and remediation workflows Experience working with penetration testing outputs and security findings Solid understanding of security principles and risk-based decision making Experience with Windows/Linux environments and cloud ...

implement and maintain robust security systems and protocols across the IT infrastructure. You will conduct risk assessments and vulnerability scans, mitigate vulnerabilities identified in penetration testing, and implement preventative measures to protect against cyber threats. You will monitor the security infrastructure and detect and respond to potential threats. … SSO.* Manage MDM\MAM and Conditional Access* Manage security certificates and keys.* Deliver Cyber Security Awareness Training* Remediate vulnerabilities and weaknesses identified during penetration testing.Experience - EssentialThe successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack * CrowdStrike EDR* Mimecast Mail ...

assessments (SIAs) Define and review security requirements for applications and infrastructure Review conceptual, logical, and physical solution designs Manage and oversee vulnerability assessments and penetration testing Support risk identification, remediation, and ongoing risk management Contribute to enterprise security architecture frameworks and standards Perform ISO 27001 compliance assessments … e.g. OWASP, IAM, cryptography) Infrastructure security (networks, endpoints, cloud) Operational security (incident management, DR/BCP, patching) Experience managing or supporting vulnerability assessments and penetration testing Ability to produce high-quality documentation and deliver presentations to stakeholders Strong stakeholder engagement and communication skills Desirable Experience with TOGAF, SABSA ...

Fiori Launchpad authorisations. Integrate SAP security with Identity and Access Management (IAM) solutions and Single Sign-On (SSO) frameworks. Support security audits, compliance checks, penetration testing, and risk remediation activities. Produce and maintain comprehensive SAP security documentation including role matrices, SoD rulesets, and access policies. Ensure alignment with … remediation. Experience integrating SAP security with IAM and SSO solutions. Strong documentation skills with experience producing security design artefacts. Experience supporting audit, compliance, and penetration testing activities. Excellent stakeholder management and communication skills. Desirable Experience: Experience with SAP GRC Access Control or similar GRC tools. Working knowledge ...

Security Testing Practice Lead | £80-85k | London (Hybrid) We're working with a growing cyber security consultancy looking to hire a Security Testing Practice Lead to take ownership of their security testing function. This is a hands-on leadership role, combining technical delivery with practice growth … tech. Salary: £80-85,000 Location: London (2 days onsite) The Role: You'll be responsible for leading and scaling the security testing practice, ensuring high-quality delivery across engagements while shaping the future direction of the service offering. This includes owning delivery standards, supporting commercial activity, and mentoring ...

contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement ...

change, systems upgrades, incident response, and technology risk management. Govern system access controls, IT policies, and disaster recovery processes. Oversee cybersecurity strategy, controls, testing (including penetration testing), and ongoing monitoring. Ensure compliance with FCA/PRA cyber requirements, NCSC guidance, and GDPR. Own the incident response plan ...

hardening projects to protect our client's IT infrastructure, networks, and data. RESPONSIBILITIES Provide expert technical security guidance covering IT assets, change control, security testing, secure systems design, and security controls Own and develop the vulnerability management programme, with a focus on application security testing, web application firewalls … market reviews, supplier assessments, and client security questionnaires ESSENTIAL REQUIREMENTS Right to work in the UK Strong experience in web application security, vulnerability management, penetration testing, and hardening IT systems Experience with cloud hosting, cloud migration, application testing, and working with developers to improve security Solid knowledge ...

Role: We are looking for a senior, hands-on Principal Cybersecurity Test Engineer to join our Cybersecurity Team. You will lead and execute advanced penetration testing across products, applications, infrastructure, and medical devices, ensuring robust security controls are in place and effective. Responsibilities: Design and execute advanced penetration … Research emerging threats, vulnerabilities, and attacker intelligence using internal and external sources Create and manage security assessment plans; develop, evaluate, and apply exploits and testing tools Document test scope, scenarios, findings, evidence, and recommendations in formal reports Provide regular assessment status updates and participate in technical and management reviews ...

wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP ...

assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation, and problem-solving capability Knowledge ...

wider SGN Security team and organisation Working alongside third-party network vendors, coordinating security activities Support with varied tasks, including internal and external audits, penetration testing activities and input into Incident & Lessons Learnt calls to identify solutions Ensuring security policies are enforced and completing routine technical vulnerability assessments ...

Advanced Splunk (SPL + Enterprise Security) expertise Solid understanding of networks, cloud (AWS/Azure), and MITRE ATT&CK Bonus: Vulnerability Assessment and Pen Testing experience MUST HAVE LOCAL GOVERNMENT EXPERIENCE Certifications (desirable): Splunk Certified Cybersecurity Defense Engineer (highly preferred) CrowdStrike certifications (CCFA, CCFR, CCSE) CISSP, GCIH, or similar ...

Robert Half have partnered with an insurtech organisation based in London who are looking to engage an experienced Application Tester to support testing across thier internal legacy .NET application. This is an initial 3-month contract focused on maintaining quality and stability across existing systems during ongoing change … maintenance activity. Responsibilities: Manual testing of legacy .NET applications Creation and execution of test cases, test scenarios, and test scripts Functional, regression, and UAT testing Identification, logging, and tracking of defects through to resolution Working closely with developers and wider stakeholders to clarify requirements Supporting release cycles ...

Robert Half have partnered with an insurtech organisation based in London who are looking to engage an experienced Application Tester to support testing across thier internal legacy .NET application. This is an initial 3-month contract focused on maintaining quality and stability across existing systems during ongoing change … maintenance activity. Responsibilities: Manual testing of legacy .NET applications Creation and execution of test cases, test scenarios, and test scripts Functional, regression, and UAT testing Identification, logging, and tracking of defects through to resolution Working closely with developers and wider stakeholders to clarify requirements Supporting release cycles ...

security team, monitoring and analysing real-time security events and responding to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause … Entra, Purview and Copilot Experience with conditional access policies and mobile application management policies Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous, as would a background in general windows server support, ideally with broad experience of networks ...

security team, monitoring and analysing real-time security events and responding to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause … Entra, Purview and Copilot Experience with conditional access policies and mobile application management policies Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous, as would a background in general windows server support, ideally with broad experience of networks ...

recommend continuous improvements and be involved in - Respond to Security Incidents, reports and alerts ensuring prompt containment and recovery. Plan and oversee regular security penetration testing against new and existing services to identify weaknesses and formulate plans and processes to minimise current and future risk Conduct regular security ...

assessments, threat modelling, incident response planning, and recovery testing. Strengthen information governance, data protection, and secure configuration baselines. Own security-focused change control, coordinate penetration testing, and manage remediation activity. Essential Skills & Experience Strong Microsoft support and administration background, with proven experience supporting complex, enterprise Microsoft environments. ...

/identity and access SCCM Playing an active role in cyber security initiatives, including endpoint protection, vulnerability management, and responding to security findings Supporting penetration testing activity and helping implement recommendations Contributing to change control, documentation, and technical standards Working closely with senior stakeholders to explain risks, options ...

controls Experience with C2 frameworks, EDR evasion, and post exploitation techniques Understanding of Active Directory and enterprise environments Experience with cloud and web application testing Ability to write scripts and modify tooling Strong reporting and stakeholder communication skills Experience with frameworks such as CBEST, TIBER, or similar … process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Red Team, Offensive Security, Penetration Testing, C2 Frameworks, Active Directory, EDR Evasion, Post Exploitation, Cloud Security, Social Engineering, CBEST, TIBER ...