1 to 25 of 129 Permanent Penetration Testing Jobs in London

Technical Program Manager, Stores Security, Penetration Testing Job ID: Amazon UK Services Ltd. Amazon Stores Penetration Testing is seeking a Security Technical Program Manager (TPM) II to help keep Amazon's applications and services secure for its customers. This team is responsible for supporting penetration testing Amazon's services, applications, and websites; and partnering with service teams to remediate weaknesses and sharpen our software development lifecycle. You will be challenged with opportunities, both technologically and as a leader, but will also be a great deal of fun if hacking Amazon sounds exciting to … a broad range of work, this role is focused on supporting the Proactive Pentest team for EMEA and APAC customers in driving strategic application penetration testing initiatives by influencing key stakeholders and partnering with teams throughout Amazon to enable the implementation of innovative security solutions and mechanisms to More ❯

Senior Consultant If you have experience in penetration testing and are seeking to enhance your skills to become a subject matter expert, consider exploring what we have to offer! This is a hybrid role with the flexibility to work both virtually and from our London office. Aon is … helping our colleagues and clients succeed. What the day will look like As a Senior Consultant, you can expect to get involved in: Application penetration testing and application source code review. Cloud platform penetration testing. Vulnerability and penetration assessments on internal and external infrastructure. Applying and … pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development. Our international Security Testing team specializes in application and network infrastructure security, red teaming, and source code review, publishes books and security blogs, contributes to open-source software More ❯

collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include representing our global penetration testing team, overseeing the assessment of cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party … other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Vulnerability Assessment and Penetration Testing Management Represent our vulnerability assessment and penetration testing team Partner with the penetration testing team to incorporate findings … lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. In-depth understanding of penetration testing and vulnerability assessments and their integration into broader cyber assurance projects. Education & Certifications: Bachelor's or master's degree in information security More ❯

collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include representing our global penetration testing team, overseeing the assessment of cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party … other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Vulnerability Assessment and Penetration Testing Management Represent our vulnerability assessment and penetration testing team Partner with the penetration testing team to incorporate findings … lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. In-depth understanding of penetration testing and vulnerability assessments and their integration into broader cyber assurance projects. Education & Certifications: Bachelor’s or master’s degree in information security More ❯

Responsibilities Plan, research, and execute testing of computer systems and applications to simulate real-world attacks on Microsoft's services and infrastructure. Assess existing security capabilities to detect and respond to emerging threats. Outline and document risk impacts in executive summary reports and communicate findings to relevant stakeholders. Perform … research to stay current with penetration testing tools, methodologies, tactics, and mitigations. Participate as an infrastructure/operation specialist in overt penetration testing engagements, including Purple Team exercises where we emulate real-world adversaries. Develop and maintain penetration testing procedures and methodologies. Conduct research … the Microsoft Security Community. Qualifications Experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection. Experience with penetration testing/red-teaming, cloud, services, and network security. Strong coding skills in languages such as C#, Python, C++, Go, PowerShell, ASP.NET, JavaScript. More ❯

for the challenges of today and tomorrow. Essential Duties and Responsibilities: As a Lead InfoSec Consultant, you'll take the lead in executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and … the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee regular penetration tests and vulnerability assessments on applications, networks, systems, and infrastructures. Identify, exploit, and document vulnerabilities, including demonstrating the business impact of potential exploits. Analyse and prioritise vulnerabilities based on risk and provide detailed technical reports with recommended remediation steps for developers More ❯

Penetration Testing Team Lead - AVP Penetration Testing Team Lead - AVP Apply locations London time type Full time posted on Posted 3 Days Ago job requisition id -WD Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group … hat arrangement. Develop and maintain governance structure of red team operations and train, and mentor other members of the Red Team. Develop and execute penetration testing plans, including network, web application, and social engineering assessments. Collaborate with SOC team and selected vendor to plan and execute annual purple … testing. Identify security risks and vulnerabilities through simulated attacks, and helping the organization understand the potential impact. Manage Red Team tools and the Security Testing & Validation Platform. Lead and manage a team of security professionals and vendor resources to conduct regular risk assessments to identify and exploit vulnerabilities, mis More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat … provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure … use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. More ❯

Synack's Penetration Testing as a Service platform manages customers' attack surfaces by discovering new assets, pentesting for critical vulnerabilities and gaining visibility into the root causes of security risks. We are committed to making the world more secure by harnessing a talented, vetted community of security researchers … to deliver continuous penetration testing and vulnerability management, with actionable results. Synack's PTaaS platform has uncovered more than 71,000 exploitable vulnerabilities to date, protecting a growing list of Global 2000 customers and U.S. agencies in a FedRAMP Moderate Authorized environment. For more information, please visit . … as a technical advisor and advocate, helping our customers achieve maximum value from our product and services. You will have a deep understanding of penetration testing attack surfaces and a knack for developing unique solutions that align to customer goals. Your technical knowledge and client-focused approach enable More ❯

Security Testing Consultant (Pen Tester) Location: London SE1 Salary: £45,000 - £60,000 depending on relevant experience Hours: Full-time, Monday to Friday Work Location: Office-based during probation, then hybrid (3 days office/2 days WFH) Full time/Permanent Remarkable Jobs are recruiting on behalf of … a dynamic and growing cybersecurity organisation. We are seeking a Security Testing Consultant (Pen Tester) to join their expert team in London SE1. This is a fantastic opportunity for an experienced professional to take on a varied, high-impact role conducting in-depth security assessments across multiple platforms. Security … Testing Consultant (Pen Tester) Role: As a Security Testing Consultant (Pen Tester) , you will play a vital role in identifying and mitigating vulnerabilities in client systems including applications, infrastructure, cloud platforms, APIs, and mobile technologies. You'll be part of a collaborative team, providing expert guidance and helping More ❯

Description The Offensive Security Manager is responsible for the provision of penetration & red team testing services to the business, including leading teams, creating processes, and management of technologies & 3rd parties that make up the service. The role reports to the Director of Offensive Security. The position does not … need to be filled by a hands-on penetration/red tester, as organizational, leadership, relationship and supplier management skills are the key focuses of the role but will need to have a good understanding of security vulnerabilities and testing methodology to be able to understand the subject … fostering a culture which is both security aware and is a great place to come to work. Responsibilities Create, maintain and execute appropriate security testing processes to enable timely detection, risk-based prioritization, and coordinate the remediation of security testing findings. Penetration Assessments: To plan and execute More ❯

systems and products are secure. Be a key representative for Cybersecurity in decision-making forums such as the Change Advisory Board (CAB). Manage penetration testing for customer-facing and internal systems, working with internal teams and external partners to implement remediations effectively. Cloud & Application Security Act as … for securing Microsoft Azure, ensuring that cloud security requirements are integrated into all new systems and services. Drive application and platform security by conducting penetration tests, running audits, and managing automated scans like SCA, SAST, and DAST. Maintain a strong Cloud Security Posture by continuously improving infrastructure, processes, and … Security Tools: Practical experience with Azure Sentinel, Defender, and tools like Wiz or MS Defender for Cloud to identify, mitigate, and monitor security threats. Penetration Testing: Experience managing pen-testing and remediation, including working with third-party suppliers or using tools like Wiz, Cobalt, or internal systems. More ❯

CHECK Senior Infrastructure Penetration Tester PGI is a global consultancy that helps organisations build digital resilience. We deploy our people to implement solutions on behalf of clients or to support them in developing their capabilities. Our Penetration Testers work with organisations of all sizes and types to detect … to safeguard assets. What you'll be doing: Providing professional cybersecurity consultancy to internal and external stakeholders. Leading the delivery of PGI's infrastructure penetration testing. Collaborating on the design and delivery of new and existing service lines related to offensive security assessments. Supporting and often leading technical pre … consultants or clients by sharing knowledge and overseeing skill development. Participating in exercises such as Capture The Flag (CTF) challenges. Providing accurate scoping of penetration testing opportunities for sales activities. Supporting sales activities with proposals and client presentations. Supporting marketing with subject matter expertise and content development. Developing More ❯

Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients. Key Responsibilities: Client Engagement Management: Lead client projects, ensuring clear … communication, timely delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance. Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical … stakeholders. Red Team Challenges: Participate in red team simulations, encompassing social engineering attacks and advanced penetration tactics. Post-initial access, perform internal testing to escalate privileges and gain high-level access. Document methodologies and outcomes, providing actionable insights for enhancing security. Technical Proficiencies: Python/Scripting: Demonstrate a More ❯

you make an impact? Security Tooling: Deploy, maintain, integrate, and perform initial configuration of security tools. Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively. Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate … security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

and design for new and existing applications. Stay up to date with the latest security threats and technologies to proactively improve security measures. Conduct penetration testing and code reviews to identify and mitigate risks. Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience … in application security, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL). Knowledge More ❯

complicated threats and exposures into straightforward explanations that resonate with both technical teams and non-technical stakeholders. Additionally, you'll lead or participate in penetration tests and reviews, turning findings into actionable improvements. Whether you're recommending new tooling, enforcing best-practice encryption standards, or guiding policy updates, you … stakeholders. Advise multidisciplinary groups (Engineering, DevOps, Architecture) on risk assessments, recommending proportionate controls for cloud, on-premise, and hybrid environments. Oversee or assist in penetration testing and security assessments, verifying vulnerabilities are identified and tracked to resolution. Communicate complex security concepts clearly, helping both technical and non-technical … concepts at a technical level, working with security tools, network security infrastructure technologies, and Information Security Management frameworks (e.g. ISO 27000, CoBIT, NIST). Penetration testing & remediation - planning or scoping tests, interpreting findings, and guiding improvements to maintain system integrity. Effective communication - translating security concepts for diverse audiences More ❯

Conducting comprehensive security assessments: This involves evaluating an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing More ❯

Conducting comprehensive security assessments: This involves evaluating an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing More ❯

risk, and data privacy issues. The analyst serves as an expert on cybersecurity protection, detection, response, and recovery. This individual is responsible for coordinating penetration testing and managing internal and external cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such … security technologies by developing selection criteria to identify appropriate security solutions to support strategic, operational needs, and security requirements. Participate in the development and testing of the security incident response plan, act as the incident response leader. Develop security, risk, and compliance reports and alerts. Participate in the yearly … review of policies and procedures to support information security, risk, and security compliance activities. Participates in developing, testing, and implementation of disaster recovery procedures for the cybersecurity technology in place. Manages cybersecurity projects to ensure that the delivery is on-time, within budget, and adopted to meet the company More ❯

with other teams to establish and enforce network access policies, ensuring that only authorized individuals and devices have the correct access privileges. Proactive Security Testing and Vulnerability Management Conduct vulnerability assessments and penetration testing to identify and address security weaknesses in mobile network architectures. Develop and enforce More ❯

architect and design secure products and services, embedding implementation reviews as part of the SDLC and CI/CD pipeline via code analysis and penetration testing, and guiding technology innovation in terms of security and control across Goldman Sachs. The team plays a critical role in designing and … Develop Proof-of-Concepts (PoC), to be shown as solutions, and handover to Engineering for broader rollout. Work with engineers to develop customized security testing strategy to complement the existing security testing program managed by Technology Risk. Be responsible to communicate program to broader developers' community for solutions … identified findings, conduct analysis (e.g. impact, accuracy etc.), develop and customise detection capability of one or more of the following solutions: Static Application Security Testing (SAST) Dynamic/Interactive Application Security Testing (DAST/IAST) Software Composition Analysis (SCA) Infrastructure as Code (IaC) Container Security Mobile Security Preferred More ❯

vendor contracts, understanding third-party risk, and data privacy issues. This individual serves as an expert on cybersecurity protection, detection, response, and recovery, coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, data … for security compliance. Develop, test, and implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. More ❯

and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative … of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing policies, processes and procedures as part of an information security programme, including training and awareness to employees More ❯

/CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management … base requirement to demonstrate understanding of and find ways to integrate activity with BlueVoyant colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient More ❯