1 to 25 of 37 Permanent Penetration Testing Jobs in Central London

Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations to match … servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing policies, processes and procedures as part of an information security programme, including training and awareness to employees at all levels. Experience of More ❯

part of projects and initiatives. Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard. Organise penetration testing, managing the necessary remedial work and communicating go-live risks. Contribute to the development of the security architecture, the SDLC, and application security testing standards. Support … point of escalation in the event of Major Incidents, Disaster Recover or Business Continuity scenarios. Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC. Assist the CISO, as required, in the wider delivery of Cyber Security. Skills and Experience: Proven experience in a similar role within a mid More ❯

best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and … ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST … AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications such as CISSP, OSCP, GWAPT, CEH or CSSLP are a plus. Experience with Infrastructure More ❯

incident analysis, investigation, and mitigation. Oversee and maintain security equipment including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), and antivirus systems. Perform periodic security drills and regular penetration testing to ensure the integrity of security systems. Harden security controls across Windows and Linux environments and ensure regular patching and firmware upgrades. Enhance data security through robust … encryption practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications: Minimum 3 years More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised, successful … in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all third-party vendors involved in the remediation process. The job holder will also prepare the necessary More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised, successful … in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all third-party vendors involved in the remediation process. The job holder will also prepare the necessary More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID More ❯

Security Engineer, you will implement and maintain robust security systems and protocols across the our IT infrastructure. You will conduct risk assessments and vulnerability scans, mitigate vulnerabilities identified in penetration testing, and implement preventative measures to protect against cyber threats. You will monitor the security infrastructure and detect and respond to potential threats. You will help mentor and … Manage MDM\MAM and Conditional Access Manage security certificates and keys. Manage IDS and IPS. Manage PAM systems Deliver Cyber Security Awareness Training Remediate vulnerabilities and weaknesses identified during penetration testing. Ad-hoc IT security projects The successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack CrowdStrike EDR Mimecast … Microsoft Certificate Services Ivanti or Automox patching AppCheck or Tenable WAS Kali Linux (NMAP, Metasploit, BurpSuite, John etc) Desired Education: CISM, MS SC100, 200 and 900, OSCP or other penetration testing qualifications. Industry: Financial services, SOC, Pentesting is desirable Personal Skills: Excellent inter-personal, written and verbal communication skills The ability to handle multiple priorities, tasks and projects More ❯

overall security posture. Key responsibilities: Conducting comprehensive security assessments: This involves evaluating an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying More ❯

cyber domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT, Security+, CySA+, OSCP, AWS, GCP or Azure Security Certs, or similar Why More ❯

potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints for NAC upgrades and troubleshooting. 4. IP Telephony Support More ❯

Conditional Access systems Maintain security certificates, encryption keys, and IDS/IPS systems Deliver cybersecurity awareness training and lead ad-hoc security projects Support and resolve issues identified during penetration testing Ideal Experience We’re looking for someone with strong hands-on experience in most of the following technologies: Essential: CrowdStrike EDR Mimecast Duo, Okta Rapid7 IVM, Tenable … patching Kali Linux, Metasploit, NMAP, BurpSuite Candidate Profile Professional certifications such as CISM, MS SC100/200/900, OSCP are advantageous Background in financial services, SOC environments, or penetration testing preferred Strong interpersonal and communication skills, with the ability to engage across teams and deliver training effectively Able to manage multiple priorities and collaborate cross-functionally What More ❯

tech and collaborate with some of the brightest minds in the industry. Desired Experience (full job spec available): Strong experience working in technical security roles Experience in vulnerability assessment, penetration testing, and vulnerability management processes, etc. Familiarity with security incident response procedures. Excellent communication skills and the ability to collaborate with cross-functional teams. Experience with Python scripting More ❯

required Familiar with NIST, ISO 27001, ITIL Azure - 5 years experience Info Sec (Azure AD, Defender, Sentinel) PIM/PAM Audits and report writing Assessments Vulnerability Management and Pen Testing Zero Trust Architecture Automation (eg powershell, python More ❯

auditors, and address any gaps or risks. Collaborate with engineering teams to embed secure coding practices and tackle vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding/offboarding processes, and device compliance using SSO/SCIM and MDM platforms. Conduct third-party More ❯

Job Title: Penetration Tester Role: An exciting opportunity for a mid-level Penetration Tester to join a dynamic and collaborative security consultancy based in London. This role is ideal for a proactive individual with a hacker’s mindset and broad security testing experience across applications, networks, cloud platforms, and more. You'll be a key player in … delivering high-quality penetration tests while also supporting client advisory, team development, and process improvement. What’s in it for you? Autonomy and ownership in conducting diverse penetration testing engagements. Ongoing professional development with access to industry events and training. A positively charged work environment with flexibility for hybrid working post-probation. Responsibilities: Conduct web, mobile, API … infrastructure, cloud, and wireless penetration testing. Create detailed technical reports and deliver test findings directly to clients. Provide remediation advice and post-assessment consultancy. Contribute to internal testing methodologies and Red Team/social engineering activities. Mentor junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and More ❯

cloud infrastructure using Infrastructure as Code principles Establish and maintain security controls and monitoring systems aligned with ISO27001 requirements Build and maintain CI/CD pipelines with integrated security testing and compliance checks Implement automated security scanning and vulnerability management processes Develop and maintain disaster recovery and backup solutions for critical systems Configure and manage secure cloud environments in … Deep understanding of cloud security best practices and implementing Zero Trust architecture Experience with healthcare compliance requirements (ISO27001, ISO13485, HIPAA) and security controls Proven track record implementing automated security testing and vulnerability management Strong knowledge of monitoring and observability tools (Azure Monitor, Application Insights) Experience implementing secure networking and identity management solutions in Azure Strong communication skills with ability … collaborate on security requirements across teams Track record of building secure and compliant DevOps practices Desired Skills Experience with quality management systems in medical device software development Experience of penetration testing Background in implementing Agile methodologies Experience of startup environments More ❯

5+ years with ForgeRock IAM stack : PingGateway, PingAM, PingIDM, PingDS Advanced cloud security knowledge (AWS CLI, security controls, policies) Strong experience with PKI, HSMs, certificate lifecycle management Proficiency in penetration testing , threat modeling, and vulnerability management Automating security with GitLab CI/CD, Chef, AWS CLI Collaborating with CISO, engineering, and product teams on secure architecture Completion of More ❯

review skills – essential •Ability to identify vulnerabilities using CWE or OWASP •Knowledge of operating systems and their hardening techniques •Understanding of development concepts such as CICD, Pipelines, and SDLC •Penetration testing knowledge is also super useful •Familiarity with Cloud Development Kit (CDK) and GitOps •Experience operating in a DevOps/agile team environment •Understanding of docker, Kubernetes, serverless More ❯

Job Title: Security Testing Consultant (Penetration Testing) Location: London SE1 (with hybrid working available post-probation) Salary: £45,000 - £60,000 + benefits Are you a skilled Penetration Tester looking to join a collaborative and mission-driven cyber security team? This Security Testing Consultant position offers the chance to deliver high-impact security assessments across … web applications, infrastructure, cloud platforms, APIs, mobile, and wireless systems. You'll be part of a close-knit team delivering trusted security testing and advisory services for clients across various industries. If you're passionate about offensive security and want to contribute to Red Team activities while supporting junior team members, this role is for you. What You'll … Be Doing: Conduct web and mobile application assessments, plus API, infrastructure, and cloud penetration tests. Deliver high-quality technical reports and confidently present findings to clients. Support remediation efforts and provide client-facing consultancy. Help develop internal testing methodologies and contribute to Red Team and social engineering operations. Support junior team members and engage in knowledge sharing. Key More ❯

Senior Penetration Tester -240,000+ Total Package Entasis Partners are proud to be exclusively supporting a global organisation at the forefront of innovation in financial systems and high-performance computing. This is not your average security role. Our partner operates in a deeply technical, high-trust environment where the scale of data, the pace of experimentation, and the calibre … of internal talent make for an exceptionally challenging and rewarding opportunity. With a newly developed central London site focused on next-generation research, this firm is seeking a Senior Penetration Tester to strengthen its already world-class internal security capability. The Opportunity This is a hands-on, highly autonomous role embedded within a specialist cyber function. You’ll be … trusted to scope, execute, and deliver sophisticated penetration tests and control assessments across a range of technologies including Kubernetes, Jenkins, and Windows-based infrastructure. More than just finding issues, you’ll work in partnership with teams across the business to advise, remediate, and embed meaningful improvements. The environment is agile, collaborative, and engineered for depth not red tape. What More ❯

A premier UK consultancy is seeking a skilled and passionate Penetration Tester to join its growing team of cybersecurity experts. This is a dynamic opportunity for individuals with strong technical skills and a proactive mindset, eager to make a tangible impact across a wide range of client environments. Working on mission critical projects across National Security, Critical National Infrastructure … and Defence the Senior Penetration Tester will liaise with highly-skilled teams acting as a trusted advisor. Key Responsibilities: Conduct hands-on internal penetration tests in infrastructure/Active Directory environments Produce clear and concise technical reports, summarising findings for both technical and business stakeholders Work directly with clients as a trusted advisor – this is a consulting-facing … also be available: Possesses industry-recognised certifications such as CTM, CSTM, CTL, CSTL, OSCP, or CREST/Cyber Scheme qualifications. Brings specialist knowledge in one or more areas of penetration testing – this could include mobile app security, cloud environments, operational technology (OT), or specific sectors such as telecommunications, defence, or maritime. Demonstrates a strong desire to contribute to More ❯

gaps and resolve team resourcing challenges. Ensure infrastructure availability, scalability, performance, and alignment with corporate IT strategy. Maintain secure, compliant infrastructure environments with robust documentation. Oversee operational and security testing, including penetration testing. Keep stakeholders informed on progress and risks. If you think you hit the mark, please apply or email me oscar.saadet@lafosse.com More ❯

gaps and resolve team resourcing challenges. Ensure infrastructure availability, scalability, performance, and alignment with corporate IT strategy. Maintain secure, compliant infrastructure environments with robust documentation. Oversee operational and security testing, including penetration testing. Keep stakeholders informed on progress and risks. If you think you hit the mark, please apply or email me oscar.saadet@lafosse.com More ❯