Technical Vulnerability Management Engineer

Technical Vulnerability Management Engineer (Offensive Security/Penetration Testing)

London (3 days onsite / 2 days remote)

Up-to £450 per day PAYE equivalent (Inside IR35)

Initial 3 months with strong expectation of long-term extension

To start ASAP



About the role

We're supporting one of the world's leading technology companies in hiring a contractor to join their Information Security Assurance team.

This is an excellent opportunity for someone with a background in penetration testing or offensive security who enjoys understanding how vulnerabilities work and helping engineering teams reduce security risk at scale.

Rather than carrying out traditional penetration testing engagements, you'll analyse newly disclosed vulnerabilities, assess their potential impact across a large enterprise environment and work with internal stakeholders to drive remediation.



Responsibilities

  • Analyse newly published CVEs and security advisories to understand technical impact and exploitability.
  • Assess the potential impact of vulnerabilities across enterprise infrastructure and systems.
  • Identify affected assets using internal tooling and vulnerability data sources.
  • Work closely with engineering and system owners to prioritise and coordinate remediation activities.
  • Write Python, Bash or similar scripts to automate repetitive analysis and operational tasks.
  • Produce clear technical documentation, vulnerability assessments and remediation guidance.
  • Support ongoing improvements to vulnerability management processes.


About you

You'll ideally have experience in a technical security role such as Penetration Testing, Offensive Security, Application Security or Vulnerability Management, together with:

  • Hands-on experience in penetration testing or offensive security.
  • Good understanding of how vulnerabilities are discovered, exploited and remediated.
  • Strong Linux knowledge and confidence working from the command line.
  • Scripting experience using Python, Bash or similar.
  • Familiarity with CVE, CVSS, NVD and common vulnerability management practices.
  • A methodical approach to analysing technical risk and prioritising remediation.
  • Strong communication skills with the ability to explain technical issues to non-security stakeholders.


Desirable

Experience with one or more of the following would be beneficial:

  • Vulnerability management platforms (Tenable, Qualys, Rapid7, Microsoft Defender VM or similar).
  • OWASP Top 10.
  • Security automation.
  • Enterprise vulnerability management.
  • Cloud infrastructure security.
  • Relevant certifications such as OSCP, CREST CRT, GPEN or similar.

Job Details

Company
PCR Digital
Location
City of London, London, Lime Street, United Kingdom
Employment Type
Contract
Salary
£400 - £450/day Inside IR35
Posted