13 of 13 Contract Penetration Testing Jobs

network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK Vulnerability Assessment : 2+ years using VA tools would be a bonus Penetration Testing : Exposure to Penetration Testing and Web Application Testing. ...

security architecture reviews for critical systems and services. Develop and maintain security reference architectures, standards, principles, and best practices. Support IT Health Checks (ITHC), penetration testing exercises, and remediation activities. Provide technical security leadership and governance across development, integration, and delivery teams. Work with customers, stakeholders, and accreditors … Cloud Security Principles, and GDPR. Strong understanding of authentication and authorisation technologies including SAML, OAuth2, OpenID Connect, Active Directory, ADFS, and LDAP. Experience supporting penetration testing, vulnerability remediation, and IT Health Check activities. Experience working with multidisciplinary Agile delivery teams across complex technical programmes. Ability to engage with ...

Enterprise Security (ES) Solid understanding of: Network protocols Cloud security (AWS/Azure) MITRE ATT&CK framework Additional desirable experience: Vulnerability Assessment tools Penetration Testing/Web Application Testing exposure Security policy and standards development Certifications (Desirable) Cyber Security: CompTIA Security+, Network+, CySA+, GSEC CISSP, GCIH, GCIA ...

Enterprise Security (ES) Solid understanding of networking, cloud security (AWS/Azure), and MITRE ATT&CK Experience in vulnerability assessment (desirable) Exposure to penetration testing and web application security (desirable) Qualifications Cyber security certifications (e.g. Security+, CySA+, CISSP, GCIH, CCSP) CrowdStrike certifications (e.g. CCFA, CCFR, CCSE) - preferred Splunk ...

Enterprise Security (ES) Solid understanding of networking, cloud security (AWS/Azure), and MITRE ATT&CK Experience in vulnerability assessment (desirable) Exposure to penetration testing and web application security (desirable) Qualifications Cyber security certifications (e.g. Security+, CySA+, CISSP, GCIH, CCSP) CrowdStrike certifications (e.g. CCFA, CCFR, CCSE) - preferred Splunk ...

such as 007/SPF, NCSC Cloud Security Principles, NCSC Principles for Using Software as a Service (SaaS) securely, Cyber Essentials, and the CHECK penetration testing scheme Broad familiarity with UK Government physical and personnel security such as NPSA and UKSV Risk assessment using recognised standards such ...

Advanced Splunk (SPL + Enterprise Security) expertise Solid understanding of networks, cloud (AWS/Azure), and MITRE ATT&CK Bonus: Vulnerability Assessment and Pen Testing experience MUST HAVE LOCAL GOVERNMENT EXPERIENCE Certifications (desirable): Splunk Certified Cybersecurity Defense Engineer (highly preferred) CrowdStrike certifications (CCFA, CCFR, CCSE) CISSP, GCIH, or similar ...

with security requirements. Maintain and document security design assessments for new services. Carry out hands-on security checks (e.g. configuration reviews), and coordinate independent penetration testing. Provide recommendations to support stage gate reviews and go-live decisions. Own and manage all security-related delivery evidence required for project assurance. … risks and controls to non-technical stakeholders. Technical experience across: Enterprise security tooling such as email filtering, antivirus, firewalls, WAF, and Microsoft Defender Security testing approaches including SAST and DAST Enterprise platforms including Active Directory, PKI, SCCM, Microsoft 365, and Azure (including Entra and Intune) Virtualisation and operating systems ...

Leadership experience (Tier 2 acceptable) Defence experience Responsibilities: Support info security delivery: policies, standards, processes Monitor and secure digital infrastructure, logs, and networks Perform penetration testing and compliance reviews Work in ITIL environment, using knowledge of anti-virus, networking, vulnerability management, encryption, Microsoft & Linux technologies, GDPR and Data ...

firewalls, including rule configuration, access control, and network segmentation Support secure network architecture for critical power and automation systems Conduct vulnerability assessment and mitigation, penetration testing, security compliance checks, and remediation activities Collaborate with engineering, IT, and OT teams to ensure secure and reliable system operation Related Certifications ...

interacting with the data A key part of the engagement will be ensuring the rebuilt platform is secure, robust, and capable of passing penetration/security testing. Required Skills & Experience Strong commercial experience with Node.js Experience refactoring or rewriting existing applications Solid understanding of secure software engineering practices Experience … architectural decisions Desirable Previous experience working with AI/LLM-powered applications Python experience to help interpret the existing codebase Experience preparing systems for penetration testing/compliance review DevOps/cloud infrastructure experience Contract Details Contract: Outside IR35 Rate: £(Apply online only) per day Location: Fully remote ...

HSTS, encryption; logging/auditing; pen-testing. SDLC & DevSecOps guardrails: CI/CD Pipeline definition, source control, branching, release management, change/configuration management, Testing & Quality guardrails. Architecture & Integration Guardrails: Reference architecture; integration patterns; API standards; data model and tenancy; HA/DR. Monitoring & Observability: Logging, metrics, tracing; dashboards ...

security design assessment for new services Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing) Plan and co-ordinate independent pen testing Provide recommendations for stage gating and go live decisions Own completion and accuracy of all security … delivery evidence Provide recommendations for SecOps processes and automation for new systems Technical scope Security products (email filtering, AV, firewalls, WAFs, MS Defender) Security Testing (SAST, DAST) Virtualisation platforms and operating systems, including Hyper-V and Windows Server. Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra ...