8 of 8 Contract Penetration Testing Jobs in London

Job Title: CREST Accredited Security Tester 6 Month Contract Hybrid (Central London based) £670 Per Day Inside IR35 Overview: Seeking a CREST-accredited Security Tester with strong penetration testing and vulnerability management expertise. Skilled in Tenable Nessus and experienced in managing third-party testing engagements , you'll deliver high-impact security assurance across complex environments. Key Responsibilities … Conduct internal penetration testing and security assessments across cloud and on-premise systems. Scope, execute, and report on tests using CREST standards and Nessus . Produce clear, high-quality scopes, proposals, and technical reports . Provide SME guidance on threats, risks, and testing methodologies. Manage and coordinate third-party CHECK/CREST testers . Lead vulnerability management … activities, validating remediation. Contribute to testing frameworks, playbooks, and secure-by-design practices . Research and assess emerging threats to enhance testing capability. Skills & Experience: CREST certification (CRT or equivalent). Proven penetration testing and security assurance expertise. Strong hands-on experience with Tenable Nessus . Track record of managing third-party pen testing engagements More ❯

client, a leading global organization, is looking for a skilled Internal Pentester to join a leading security team in London. This contract role is perfect for someone experienced in penetration testing across networks, systems, web applications, APIs, and cloud environments, who can identify vulnerabilities, simulate attacks, and deliver actionable remediation advice. Youll work in a compliance-driven, high … security environment, collaborating with cross-functional teams to strengthen the organizations security posture. What Youll Do Conduct full-scope penetration tests on applications, APIs, internal infrastructure, networks, and cloud environments (AWS, Azure, GCP). Identify and exploit security flaws: insecure authentication, authorization bypass, input validation issues, cloud misconfigurations, AD misuse, etc. Perform internal/external network testing, AD … enumeration, privilege escalation. Automate security testing where possible, integrating IaC and ServiceNow workflows. Simulate real-world attacks using the same techniques and tools as malicious actors. Produce detailed, actionable reports with executive summaries and technical findings. Collaborate with development, cloud, and infrastructure teams on remediation. Keep up to date with latest vulnerabilities, exploit techniques, and pentesting tools. Essential Skills More ❯

Penetration Tester - HIRING ASAP Start date: ASAP Duration: Till end of December 2025 with an extension thereafter Location: 2-3 days in Wokingham, 2-3 days remote working. Rate: £459 per day inside ir35 Responsibilities Conduct manual and automated penetration tests on web applications, networks, APIs, and mobile platforms. Identify, exploit, and document security vulnerabilities with detailed risk … latest attack vectors, tools, and security trends. Assist in security awareness training and internal education efforts. Contribute to security policies and best practices development. Key Skills Proven experience in penetration testing, ethical hacking, or red teaming. Strong understanding of OWASP Top 10, MITRE ATT&CK, and CVSS scoring. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, Kali More ❯

Position: Penetration Tester Location: London (with potential travel to client sites) Contract Role - [6-12 months, extendable] A deliverables-focused role, working on defined OT penetration testing engagements. What You'll Do: Conduct thorough penetration tests on client systems, applications, and networks - specifically OT/ICS systems - to identify security weaknesses. Perform threat modelling and adversarial … simulations. Collaborate with clients to understand their security needs and provide tailored recommendations. Develop and execute test plans, ensuring all testing is carried out ethically and professionally. Document and present findings in clear, concise reports, highlighting vulnerabilities and their potential impacts. Advise on remediation steps aligned with OT security best practices and relevant standards (eg IEC 62443, NIS2, NERC More ❯

Position: Penetration Tester Location: London (with potential travel to client sites) Contract Role - [6-12 months, extendable] A deliverables-focused role, working on defined OT penetration testing engagements. What You'll Do: Conduct thorough penetration tests on client systems, applications, and networks - specifically OT/ICS systems - to identify security weaknesses. Perform threat modelling and adversarial … simulations. Collaborate with clients to understand their security needs and provide tailored recommendations. Develop and execute test plans, ensuring all testing is carried out ethically and professionally. Document and present findings in clear, concise reports, highlighting vulnerabilities and their potential impacts. Advise on remediation steps aligned with OT security best practices and relevant standards (e.g. IEC 62443, NIS2, NERC More ❯

extend. Local candidates will be preferred. Skills/experience required: Demonstrable experience in analysing and deconstructing Android applications ( Java essential; native code experience advantageous) Proficiency in vulnerability identification and penetration testing techniques Strong understanding of Android OS security features and architecture Ability to work independently, with excellent attention to detail and analytical skills Comfortable navigating large, unfamiliar codebases … point during the recruitment process, if there is a better way for us to communicate, please do let us know. Developer, Engineer, Programmer, Java, Android, Mobile OS, Malware, Virus, Penetration Test, Threat, OSCP, Cyber, Infosec, Security, Information Security, Pentest #vacancy #jobadvert #recruit #hiring #jobsearch #careers #talent #recruitment #job Circle Recruitment is acting as an Employment Agency in relation to More ❯

Start Date: ASAP About the Role Our client, a leading global organization, is looking for an experienced DevSecOps Pentester to join a leading security team in London. Youll perform penetration tests and security assessments across CI/CD pipelines, cloud environments, and applications, integrating automated security tools and practices into DevOps workflows. This role is ideal for someone who … and development teams, and help improve enterprise security posture. Key Responsibilities Integrate security tools and practices into CI/CD pipelines for continuous validation. Conduct manual and automated security testing on web apps, APIs, pipelines, and cloud infrastructure. Identify and exploit vulnerabilities in CI/CD workflows, IaC, containers, and cloud-native architectures (AWS, Azure, GCP, Docker, Kubernetes). … threat modeling, and secure design review. Proficiency in automating security checks using Jenkins, GitLab, Ansible, or similar tools. Secure coding knowledge and familiarity with common developer pitfalls. Scripting for testing/automation: Python, Bash, Go. Cloud-native and container experience: Docker, Kubernetes, IaC. Cloud security knowledge: AWS, Azure, GCP, and cloud security best practices. Experience collaborating in agile, fast More ❯

Role/Job Title: DevSecOps Pentester Work Location: London (2 - 3days) The Role Conducts security assessments and penetration tests across CI/CD pipelines, cloud infrastructure, and application environments. Integrates automated security tools and practices within DevOps workflows to ensure continuous security validation. Identifies and exploits vulnerabilities in code, containers, APIs, and infrastructure-as-code before they reach production. … automation efforts. Identify potential security threats and vulnerabilities during the design phase identify flaws in CI/CD, IaC, and cloud/containerized environments. Perform manual and automated security testing on web apps, APIs, pipelines. Participate in agile ceremonies (sprint planning, threat modeling, grooming). Create detailed reports, providing actionable advice to clients on how to address the identified … automating security checks within the CI/CD pipeline using tools like Jenkins, GitLab, and Ansible is vital. Knowledge of secure coding practices and common developer pitfalls. Scripting for testing/automation (Python, Bash, Go). Experience with cloud-native architectures (Docker, Kubernetes, IaC). Knowledge of securing cloud platforms (AWS, Azure, GCP) and understanding cloud security best practices. More ❯