Cyber Security Engineer - Security Cleared

We are currently recruiting for a Cyber Security Engineer to work 2-3 days on-site per week in London for a contract running to the start of October this year - it has not yet been confirmed if extensions would be granted.

Key Responsibilities

• Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure.
• Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations.
• Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices.
• Provide expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling.
• Assist in maintaining security assurance

Essential experience

• Penetration testing, ethical hacking, or vulnerability assessments.
• Security testing tools (eg, Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.).
• DevSecOps principles and tools (eg, Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.).
• Secure Cloud Infrastructure, specifically AWS and Azure.
• Scripting and automation using Python and Bash.
• Strong communication skills and the ability to explain security issues to technical and non-technical stakeholders.

Certifications

• OSCP or Crest/TIGER Scheme

Desirable

• Experience delivering assessments under the CHECK scheme (eg, as a CHECK Team Member/Leader).
• Threat modelling and secure design practices.

If you feel you have the skills and experience needed for this role; please do apply now.