1 to 25 of 69 Permanent Offensive Security Jobs in the UK

intelligence, and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. Our offensive security engineers emulate these real-world threats and provide critical signal on attack vectors to help improve our security posture. This role … will be hands-on and requires a deep understanding of micro-service architecture, multi-tenancy vulnerabilities, cloud security, and web application security. In this role you'll dive deep into the security of our products and more: Conduct security assessments. You'll learn how our products work … then try to break them. This includes everything in our current and future product and service portfolio from Apollo to Foundry. You'll document security findings and work with AppSec and product engineers to develop mitigations. Build offensive testing tooling and automation. Scale offensive security testing More ❯

Senior Offensive Security Engineer Salary: £90,000 - £110,000 per annum Location: UK - Remote You’ll be responsible for identifying and mitigating security vulnerabilities across software products through a combination of secure code review, penetration testing, security assessments, and the development of custom tooling. This role … collaboration with engineering teams to embed secure development practices throughout the software lifecycle – ensuring potential risks are addressed early in the development process. Senior Offensive Security Engineer – Responsibilities: Conduct deep technical offensive security assessments against complex, distributed systems to uncover critical vulnerabilities across cloud, web applications … and internal services. Perform offensive testing throughout the software supply chain, including CI/CD pipelines, version control systems, and third-party integrations. Build and maintain automation and tooling to scale offensive testing across products and teams. Operate as a subject matter expert in offensive security More ❯

another. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel. Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work … to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to … grow our team of penetration testers in the UK. We test web and mobile applications, computer networks, cloud infrastructure, hardware devices, security awareness through social engineering, organizations through red and purple team exercises, and more. At Kroll, your work will help deliver clarity to our clients' most complex governance More ❯

Birmingham, United Kingdom Principal Consultant - Cyber Security We are searching for an experienced Principal Consultant - Cyber Security. Make an Impact at RSM UK Consulting brings together multiple teams across Transactions, Risk & Consulting, ABA, and Outsourcing to provide client-centric solutions for RSM's current and future clients within the … service and identification of further work opportunities. The role will involve managing the delivery of agreed work activities with a primary focus on technical security including offensive security services. You'll benefit from ongoing coaching, career mentoring, and be supported by our career pathway. You will have … to develop market-leading skills across our different capabilities and advance your professional development. You will make an impact by: Planning and delivering cyber security engagements, from scoping through to delivery, debriefs, and report writing. Contributing towards the development of exciting new market-facing offensive security cyber More ❯

Principal Offensive Security Consultant 📍 UK-Based | 🌍 Some International Travel | 🛡 Security Clearance Required Green is hiring a Principal Consultant to launch and lead our Clients' Offensive Security capability. This is a rare opportunity to shape a new service offering within a fast-growing, agile cyber consultancy … working with UK and international clients. You’ll join a high-performing Threat Operations team, delivering advanced offensive security services—penetration testing, phishing simulations, code reviews—and play a key role in shaping how they support their clients' evolving needs. 🔍 What You’ll Do Lead the creation and … delivery of our clients' offensive security services Perform penetration testing, code reviews, phishing simulations, and assessments Travel internationally to support partner nations with cyber capability development Design and deliver bespoke training and mentoring packages Collaborate across the Threat Operations team to share insights and strengthen their cyber intelligence More ❯

Role: Offensive Security Specialist Type: Permanent Location: Remote (UK) Clearance: Eligible for SC Interested in getting away from the grind of endless similar penetration tests? Keen to stretch yourself into a more managerial role over time, building up a capability around you? We are working with a leading … security services provider who are in the process of standing up their Offensive Security capability. The work will be focused on providing services such as Web App testing, Infrastructure testing and Code Review services to clients whilst also looking at how to develop that side of the … something a bit different from either just doing technical tests forever or moving away from the keyboard fully. Key Responsibilities: •Work to develop the Offensive Security capability for the organisation into a market leading function •Customer engagement, through the scoping process, tool selection and overall delivery •Run and More ❯

Principal Security Engineer, AWS Security Job ID: Amazon Web Services Australia Pty Ltd This position can also be based in Sydney, Australia. We are looking for an experienced Principal Security Engineer to join the Security team in Australia. You will be on a team responsible for … conducting both pre and post launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. This team partners with the larger Security organization and Service … teams to continuously validate security throughout the service/system lifecycle. You will be an expert across multiple domains such as cyber security; threat, vulnerability and risk assessments (TVRA), security tools (e.g. Splunk, Crowstrike, etc.), application of security frameworks (e.g. ISM, NIST, etc.) and/or More ❯

from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps … pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing … structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring More ❯

from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps … pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing … structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring More ❯

Bitcoin Offensive Security Engineer - 100% Remote, Blockchain, DeFi About Halborn Inc Our mission is to provide value-add security services and products to the world's most cutting edge technology firms and that starts with blockchain tech. Founded in 2019, Halborn is an elite cyber security … growth trajectories. Our Culture Halborn is a globally distributed team of 100+, looking to grow our elite team of white hat hackers, sales professionals, security engineers and DevSecOps specialists who value independence, want to make their own hours, work for themselves and have a passion for the ever evolving … agreement with Halborn Inc. Responsibilities Conduct realistic adversary simulations from conception through reporting. Perform testing on systems, applications, networks, and processes. Research cutting-edge offensive security techniques. Develop tools and exploits. Communicate clearly and effectively, both written and orally, regarding risks and required remediations. Work collaboratively and independently More ❯

their strategic goals and empower our people to make an impact and develop their own unique career path. We are seeking an enthusiastic Cyber Security Consultant to join our team. Working alongside our experienced team of specialists, you'll be delivering offensive security services including digital footprint … reconnaissance, social engineering, penetration testing and vulnerability assessments to high profile clients across all industries. The purpose of this role is to deliver our offensive security services including digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modelling, cyber-attack simulation exercises, and more to high profile … role is perfect for you! We value diverse experiences and perspectives. Here's what we're looking for in our ideal candidate: Experience in offensive security and penetration testing. Demonstrable experience in infrastructure and web application testing; experience in API testing is desirable. Demonstrable experience using common pentesting More ❯

Solana) Offensive Security Engineer - 100% Remote, Blockchain, DeFi About Halborn Inc Our mission is to provide value-add security services and products to the world's most cutting edge technology firms and that starts with blockchain tech. Founded in 2019, Halborn is an elite cyber security … growth trajectories. Our Culture Halborn is a globally distributed team of 100+, looking to grow our elite team of white hat hackers, sales professionals, security engineers and DevSecOps specialists who value independence, want to make their own hours, work for themselves and have a passion for the ever evolving … agreement with Halborn Inc. Responsibilities Conduct realistic adversary simulations from conception through reporting. Perform testing of systems, applications, networks, and processes. Research cutting-edge offensive security techniques. Develop tools and exploits. Communicate clearly and effectively, both written and orally, the risks that exist and remediations required. Work collaboratively More ❯

You will need to login before you can apply for a job. Sr. Security Engineer, AppSec - Amazon Stores Security Sector: Distribution and Warehouse, Technology Role: Professional Contract Type: Permanent Hours: Full Time DESCRIPTION At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. … Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment … healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe's largest AWS deployment. As a Senior Security Engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day More ❯

We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches. With experience informed by years of simulating sophisticated cyber attacks against … high and aggressive growth phase of our journey and are excited to continue adding colleagues to join our phorce of nature. Our vision for offensive security is continuous. But what's the role? We are seeking an ambitious Information Security Engineer to join our Platforms team to … focus on our internal security programme. Sounds great-what will I do? This role involves: Security Architecture in the Cloud : Designing and implementing secure cloud infrastructures, ensuring robust protection against potential threats. Endpoint Management and Administration : Overseeing the deployment, configuration, and maintenance of endpoint security solutions to More ❯

Security Consultant What we're offering (we know, everyone jumps to this section first!) Salary of £40,000 - £50,000 Share options so you benefit from our success 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want. Once you reach 3 years of … service, you get an extra day of paid holiday every year until 7 years at Intruder Flexible working - most of the Security team works from home, but we have the option of an office in Shoreditch if you ever feel like some human connection! A yearly off-site for … years promise more of the same, with plenty of growth opportunities for us and our teams! About this position: We are looking for a Security Consultant to facilitate the day-to-day running of the Intruder platform, and deliver Premium consultancy services including pentesting. This role is varied and More ❯

+ benefits & bonus Location: Remote (UK-based with occasional travel) – Work from anywhere in the UK Looking for a highly skilled offensive security professional ready to lead cutting-edge red team operations. This is your chance to step into a pivotal leadership role, guiding a talented red team … and stay at the forefront of emerging attack methods. You’ll lead a high-performing team, work on the most exciting and complex cyber security projects, and have the chance to drive real-world change for clients across various industries. The role also offers substantial career growth with access … attack methodologies and integrate the latest threat intelligence to stay ahead of attackers. Provide mentorship and leadership to red team members, sharing expertise in offensive security tactics and best practices. Collaborate with clients to ensure simulations junior deliver actionable insights and improvements to their security infrastructure. Contribute More ❯

Security Consultant What we're offering: Salary of £40,000 - £50,000 Share options so you benefit from our success 28 days paid holiday plus bank holidays, and an additional 5 unpaid if you want. Once you reach 3 years of service, you get an extra day of paid … holiday every year until 7 years at Intruder. Flexible working - most of the Security team works from home, but we have the option of an office in Shoreditch if you ever feel like some human connection! A yearly off-site for the whole company. Last year we went to … years promise more of the same, with plenty of growth opportunities for us and our teams! About this position: We are looking for a Security Consultant to facilitate the day-to-day running of the Intruder platform and deliver Premium consultancy services including pentesting. This role is varied and More ❯

in the most secure way possible. We want to provide them secure platforms and tools to build and interact with exciting applications. The Protocol Security team ensures the security of all onchain development at Coinbase. We partner closely with product teams to make sure that our users can … safely and confidently engage with the onchain world. What you'll be doing (ie. job duties): Perform threat modeling and security assessments of blockchain products and services. Propose, plan, and execute Red Team operations based on realistic threats. Write detailed reports covering the goals and outcomes of Red Team … significant observations and recommendations. Collaborate with partner teams to improve detection and response capabilities. Provide expert technical guidance to the team in building new security frameworks and analysis tools. Stay informed on current security trends, advisories, publications, and academic research. What we look for in you (ie. job More ❯

looking to bring in their 3rd Sales Engineer in EMEA, can be based in UK, Germany or Italy . Ideally somebody who has an offensive security background with presales experience to join a global team of 100. Languages: English, Italian nice to have Responsibilities: Partner with the EMEA … of industry news and developments to provide and maintain a deep industry and domain expertise Required Skills: 4+ years of presales experience selling cyber security software in either; VM, Threat Exposure, ASM, Pentesting, Application Security, Security Automation or Cloud Security solutions 2+ years of application security experience, understand security fundamentals and common vulnerabilities (e.g. OWASP Top Ten). Excellent communication, presentation, and demonstration skills. This role requires you to understand and articulate our platform's business value and technical advantages. Comfortable working in a dynamic, sometimes nebulous, fast-paced startup environment and experience at More ❯

Application Security Senior Manager Location: London Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse … work and live. It is personal to all of us." - Julie Sweet, Accenture CEO As a team We are currently looking for keen Application Security Senior Manager , who would join our Application Security team in UK. Our team helps our clients to protect their business by helping them … their cloud modernization and securing the transformation of their digital core. These include wide range of tasks from assessment of client maturity, securing and security design and architecture, design of operating model and process design, engineering of new capabilities, management & maintenance of automated security testing and remediation at More ❯

Description The Offensive Security Manager is responsible for the provision of penetration & red team testing services to the business, including leading teams, creating processes, and management of technologies & 3rd parties that make up the service. The role reports to the Director of Offensive Security. The position does … as organizational, leadership, relationship and supplier management skills are the key focuses of the role but will need to have a good understanding of security vulnerabilities and testing methodology to be able to understand the subject matter of the service and manage quality. The role will work closely alongside … the rest of the Cyber Team (e.g. Vulnerability Management), the wider Information & Cyber Security function (e.g. Project Assurance) and leaders in operational IT teams to ensure accurate detection, and the prioritized, timely and appropriate resolution of security vulnerabilities. We are looking for a collaborative team player, with a More ❯

Dynamic Application Security Testing for your AI Powered by the world's largest attack library for AI, Mindgard enables red teams, security, and developers to swiftly identify and remediate AI security vulnerabilities. Continuous Security Testing & Automated AIRed Teaming We empower organizations to create and run secure … Empower your team to identify AI risks that static code or manual testing cannot detect. Reduce testing times from months to minutes. Comprehensive AI Security Coverage: Gain actionable visibility with the most accurate AI security insights, empowering teams to swiftly address emerging threats. Scale red team capabilities by … controls across your organization, ensuring robust and secure AI deployment. Founded in a leading UK university lab with 10+ years of research in AI security, we have partnerships that ensure access to the latest advancements and the most qualified talent. How Mindgard Works Connect your AI Model: Point the More ❯

the DevSecOps team, collaborating closely with IT and engineering teams daily to ensure applications and products are developed and deployed securely. You will champion security best practices, working with engineering teams and managers to develop secure products. Reporting to the Head of DevSecOps, you will influence the security posture across the company's applications and products, ensuring security is integral to the development and engineering lifecycle. The Role Manage and develop a team of DevSecOps engineers, guiding them to execute your strategy effectively. Develop and drive the DevSecOps strategy, integrating security throughout the development lifecycle … including software and infrastructure. Lead the DevSecOps engagement plan, educating engineers, scaling security champions, implementing security best practices, threat modeling, and participating in design reviews. Prioritize automation to provide valuable feedback during deployment processes. Adopt a risk-based approach, balancing business needs with security requirements. Provide Level More ❯

We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches. With experience informed by years of simulating sophisticated cyber attacks against … high and aggressive growth phase of our journey, and are excited to continue adding colleagues to join our phorce of nature. Our vision for offensive security is continuous. But what's the role? We are looking for an ambitious colleague to join watchTowr as our first Head of … Information Security to manage and continuously evolve watchTowr's internal cyber security capability. As such, this is a hands-on role that will act as an individual-contributor in the initial stages. Although watchTowr's first dedicated internal Info Sec role, as a cyber security company, watchTowr More ❯

CHIEF INFORMATION SECURITY OFFICER - AEROSPACE AND DEFENSE: Bullisher is a data-centric fintech solution provider in the aerospace and defense industry for institutional-level investors, looking to disrupt and revolutionize a $3 trillion dollar industry. We spearhead an industry-leading Blackbox to facilitate and administer trade agreements, driven by … new generation benchmark delivering solutions through innovation with uncompromising agility. JOB DESCRIPTION: The oversight requires a sophisticated operating model that allows for a stronger security posture centralized in a Security Operations Center (SOC). This role will oversee global operations with a unified management of API calls, space … will undergo formal approval by the Change Approval Board (C.A.B). The role will also involve micromanaging cybersecurity engineers, penetration testing engineers, and other security personnel, ensuring compliance with NIST cybersecurity framework and DoD requirements. PHYSICAL DEMANDS: This position requires the ability to communicate and exchange information, utilizing necessary More ❯