11 of 11 Contract Penetration Testing Jobs in England

on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits … in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security More ❯

onsite in London or Croydon. Duration:6 months + SC cleared or eligible. The Role The Home Office are currently developing an internal Security Testing capability that will operate out of the Quality Assurance and Testing function. As a Principle Cyber Security Professional, your role will be embedded … in the Home Office Cyber Security (HOCS) function working day to day with senior security stakeholders to lead the continued development of the security testing service and represent security testing for the Home Office. Communication and professionalism are critical for this role as you will be working collaboratively … with senior Home Office Security colleagues across the organisation on a day-to-day basis. Working within Security Testing, you will play a leading role in delivering security testing, vulnerability assessment and continual security compliance capabilities in order to secure Home Office services and to ensure the best More ❯

Remote with travel to Croydon 6 months+ contract ASAP Start £600-650 per day The Role Our client is currently developing an internal Security Testing capability that will operate out of the Quality Assurance and Testing function. As a Principle Cyber Security Professional, your role will be embedded … in the Cyber Security function working day to day with senior security stakeholders to lead the continued development of the security testing service and represent security testing for the client. Communication and professionalism are critical for this role as you will be working collaboratively with senior Security colleagues … across the organisation on a day-to-day basis. Working within Security Testing, you will play a leading role in delivering security testing, vulnerability assessment and continual security compliance capabilities in order to secure services and to ensure the best possible technical security risk-based advice is given More ❯

This is an AppSec team focused on building security automation into delivery pipelines and conducting security focused tests against digital services. Key Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST … cloud security (AWS, Azure, or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC in line with NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and More ❯

be joining an AppSec team focused on building security automation into delivery pipelines and conducting security focused tests against digital services. Key Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST … AWS, Azure, or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and More ❯

Subject Access Requests (SARs) and Right to be Forgotten (RTBF). Third-Party Assessments - evaluation of partners and vendors through risk assessments. Co-ordinating Penetration Testing both internally and externally while documenting findings. Information Security Analyst Experience and Skillset: Experience of Governance, Risk and compliance (GRC) and Information … Knowledge of privacy laws such as GDPR/CCPA. Proven experience managing Phishing simulations and end user training. Proficient in third-party risk assessments, Penetration testing and facilitation. Good communication and organisational skills. The successful candidate will be required to be Onsite 3 days a week in Northampton. More ❯

of third-party vendors by gathering risk information, reviewing security documentation, and conducting assessments to ensure compliance with company standards. Coordinate internal and external penetration testing activities, liaising between technical teams and external testers, tracking findings, and ensuring remediation plans are in place. About you The successful candidate More ❯

candidate will hold active SC Clearance and have a proven background in DevSecOps Cyber Security Engineering, showcasing the following skills and experience: Experience in penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Experience in integrating automated security tools into CI/CD pipelines (SAST … DAST, dependency checking, IaC, etc.) and making necessary recommendations. Proficiency in security testing tools such as Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc. Ability to identify vulnerabilities and ensure secure coding practices. Experience in maintaining security assurance across the SDLC in line with NCSC guidelines. - Knowledge of DevSecOps More ❯

the life cycle, from data ingestion to model deployment. Skills and Qualifications: Security Expertise: Strong understanding of cybersecurity principles, threat modelling, vulnerability assessment, and penetration testing. Cloud Computing: Familiarity with cloud platforms (AWS, Azure, GCP) and their security features. Data Privacy and Compliance: Knowledge of data privacy regulations (GDPR More ❯

bugs Provide technical guidance and mentorship to engineers Advise engineers on functional and non-functional aspects of software development e.g., code vulnerabilities and PEN testing resolutions Evaluate and recommend tools, technologies, and processes to ensure the highest quality product platform. In compliance with the defined application and security architecture … web services, source code repositories and change management tools like Git Knowledge of agile development practices and test automation, especially using tools like Jest, Testing Library, and Cypress Strong experience with build processes and release automation, including using DevOps Pipelines, Nexus, SonarQube, and AquaSec Excellent problem solving and analytical More ❯

bugs Provide technical guidance and mentorship to engineers Advise engineers on functional and non-functional aspects of software development e.g., code vulnerabilities and PEN testing resolutions Evaluate and recommend tools, technologies, and processes to ensure the highest quality product platform. In compliance with the defined application and security architecture … web services, source code repositories and change management tools like Git Knowledge of agile development practices and test automation, especially using tools like Jest, Testing Library, and Cypress Strong experience with build processes and release automation, including using DevOps Pipelines, Nexus, SonarQube, and AquaSec Excellent problem solving and analytical More ❯