1 to 25 of 174 Permanent Penetration Testing Jobs in the UK

Role: Penetration Testing Account Manager Location: UK Wide (Remote + Rare Travel) Salary: £40,000 - £45,000 + Commission (8-10%) Network IT is recruiting for a Penetration Testing Account Manager to manage and grow relationships with major enterprise clients within a leading cyber security services provider. This role is ideal for someone who understands penetration testing, vulnerability management or offensive security services — and enjoys working closely with customers to drive long-term success. The role is 75% account management/25% new business , focusing primarily on nurturing and expanding existing client relationships while identifying new opportunities for growth within established accounts and adjacent sectors. Key Responsibilities Own and develop relationships with large enterprise … clients , acting as their trusted advisor across penetration testing and offensive security services. Understand client requirements and work with technical delivery teams to scope and coordinate engagements. Identify upsell and cross-sell opportunities across additional security services, assessments, and consultancy offerings. Drive renewals, retention and expansion across assigned accounts. Support new business activity by engaging warm inbound leads More ❯

Penetration Tester - CTM, NCSE, Penetration testing, CPSA, CRT - £55,000 - £65,000 - Homebased Are you an ambitious individual with a passion for uncovering vulnerabilities and strengthening digital defences? As a Penetration Tester you will be playing a key role in protecting our clients' critical systems. Working in a fast-paced environment you will be working on … clients that you could be engaged with both Public and Private Sector, some are one off engagements sometimes there will be multiyear engagements. Key Skills Hands-on experience in penetration testing or IT Health Check delivery Eligibility to obtain and maintain UK security clearances. Familiarity with common tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of … network protocols (TCP/IP, OSI model) and common web application Current penetration testing qualification such as Crest Practitioner Security Analyst (CPSA), Crest Registered Tester (CRT), or Cyber Scheme Team Member (CSTM). Exceptional documentation of your results and deliver the results to the client Ability to have technical chats with non-technical individuals to enable them to More ❯

UK's leading Technology Solutions providers who have specialised in delivering innovative IT services to both public and private sector clients for nearly 40 years! Are you a passionate Penetration Tester who loves solving complex problems, uncovering hidden vulnerabilities, and making a real difference? We’re looking for a Penetration Tester to join a vibrant and growing Security … Testing Practice. In this role, you’ll take the lead in delivering top-notch penetration testing services to clients, helping them stay one step ahead in an ever-evolving security landscape. Key Responsibilities Lead and deliver a range of penetration tests across networks, infrastructure, and web apps. Stay up to date with certifications and industry standards. … Mentor junior consultants and share technical knowledge across the team. Act as a trusted technical advisor to clients. What You’ll Bring Experience: Experience in working in penetration testing teams contributing to the delivery of penetration testing services. Current penetration testing qualification, such as, CREST Practitioner Security Analyst, Crest Registered Tester or Cyber Scheme More ❯

intelligence in a dynamic, fast-paced security operational and strategic role in an organisation at the heart of research and innovation in the UK. Leading the Red Team of penetration testers your broad remit is to identify real-world risks to diverse technical landscapes, uncovering security vulnerabilities, actively exploiting findings, assessing additional impacts through post-exploitation, and providing proactive … advice to teams on the most effective remediation strategies. The role encompasses the full scope and delivery of penetration testing, including Black Box network assessments, insider threat evaluations, credentialed application exploitation, and rigorous testing of human and physical security controls across the UKRI estate. In addition to these offensive security responsibilities, the specialist manages the external penetration testing call-off contract to ensure that UKRI receives high-quality, tailored assessments both internally and externally, supporting a continuous programme of security improvement. Security: As a minimum, due to the nature of this role, candidates must be eligible for clearance in line with UK National vetting guidelines and willing to undertake the process.?Please indicate eligibility in More ❯

Principal Offensive Security Consultant £100k Location: Hybrid (2 days per month in London) Salary: £80,000 - £100,000 + benefits Are you a Senior Offensive Security Consultant or Principal Penetration Tester ready to take the next step into Red Teaming and Adversarial Simulation ? This is your opportunity to join an agile, rapidly growing UK cyber security consultancy where you … to research and tooling that truly make an impact. About the Role As a Senior/Principal Offensive Consultant , you'll lead complex technical engagements that go beyond standard penetration testing - focusing on advanced exploitative infrastructure testing , Active Directory compromise , and assumed breach assessments . You'll work directly with clients to scope, plan, and deliver high … impact projects, while helping to expand the organisation's Red Team and adversarial simulation services . Key Responsibilities: Lead and deliver high-level infrastructure and Active Directory penetration testing engagements. Conduct advanced exploitative testing , lateral movement analysis, and privilege escalation within real-world environments. Support presales activity - crafting scopes, proposals, and technical solutions aligned with client objectives. More ❯

Principal Offensive Security Consultant £100k Location: Hybrid (2 days per month in London) Salary: £80,000 - £100,000 + benefits Are you a Senior Offensive Security Consultant or Principal Penetration Tester ready to take the next step into Red Teaming and Adversarial Simulation This is your opportunity to join an agile, rapidly growing UK cyber security consultancy where you … to research and tooling that truly make an impact. About the Role As a Senior/Principal Offensive Consultant , you'll lead complex technical engagements that go beyond standard penetration testing - focusing on advanced exploitative infrastructure testing , Active Directory compromise , and assumed breach assessments . You'll work directly with clients to scope, plan, and deliver high … impact projects, while helping to expand the organisation's Red Team and adversarial simulation services . Key Responsibilities: Lead and deliver high-level infrastructure and Active Directory penetration testing engagements. Conduct advanced exploitative testing , lateral movement analysis, and privilege escalation within real-world environments. Support presales activity - crafting scopes, proposals, and technical solutions aligned with client objectives. More ❯

intelligence in a dynamic, fast-paced security operational and strategic role in an organisation at the heart of research and innovation in the UK. Leading the Red Team of penetration testers your broad remit is toidentify real-world risks to diverse technical landscapes, uncovering security vulnerabilities, actively exploiting findings, assessing additional impacts through post-exploitation, and providing proactive advice … to teams on the most effective remediation strategies. The role encompasses the full scope and delivery of penetration testing, including black box network assessments, insider threat evaluations, credentialed application exploitation, and rigorous testing of human and physical security controls across the UKRI estate. In addition to these offensive security responsibilities, the specialist manages the external penetration testing call-off contract to ensure that UKRI receives high-quality, tailored assessments both internally and externally, supporting a continuous programme of security improvement. Security: As a minimum, due to the nature of this role, candidates must be eligible for clearance in line with UK National vetting guidelines and willing to undertake the process.?Please indicate eligibility in More ❯

a unique opportunity to build a highly sought-after, niche skill set at the intersection of these disciplines. Progression within this role includes the opportunity for upskilling into WebApp penetration testing with support and training available to support this progression. This is a remote position, with the very occasional requirement to travel to our North Yorkshire offices, industry … events and potentially client sites. Key Responsibilities Develop, maintain, and enhance security-focused applications and tooling. Collaborate with engineers to troubleshoot, debug, and write clean, scalable code. Implement development, testing and automation tools, as well as IT infrastructure. Continuously improve CI/CD pipelines and DevSecOps processes. Work across multiple projects, including client-facing engagements. Provide innovative and robust … solutions to complex, cutting-edge challenges. Support the Web Application Penetration Testing Team on code assisted web application tests. Who we are looking for Technical Essential skills Strong development skills inat least one programming language(e.g. Python, JavaScript, Java, C#, Go) Solid understanding ofcloud security principles and architecture(e.g. AWS well-architected framework) Knowledge of modernprogramming frameworks(e.g. More ❯

Penetration Tester - Leading Managed Services Provider Remote based. Salary: Up to 60k, depending on experience. A leading Managed Services Provider are seeking to recruit a technically skilled Cyber Security/Penetration Tester. This is a fantastic opportunity to join a well-established organisation delivering high-quality security services to enterprise clients across the UK. As a Penetration Tester, you will be responsible for conducting manual penetration testing across both application and infrastructure layers. You will contribute to secure build reviews, advise on secure design practices, and provide technical insight to both internal teams and clients. Key Responsibilities Perform manual penetration testing of web applications and infrastructure Conduct security build reviews across common … and concise technical reports for a range of stakeholders Collaborate with internal teams and clients to support remediation and secure development Required Skills and Experience Proven experience in manual penetration testing (application and infrastructure) Strong understanding of TCP/IP and core networking principles Extensive experience testing web-based applications Familiarity with secure configuration and build reviews More ❯

Penetration Tester - Leading Managed Services Provider Remote based. Salary: Up to 60k, depending on experience. A leading Managed Services Provider are seeking to recruit a technically skilled Cyber Security/Penetration Tester. This is a fantastic opportunity to join a well-established organisation delivering high-quality security services to enterprise clients across the UK. As a Penetration Tester, you will be responsible for conducting manual penetration testing across both application and infrastructure layers. You will contribute to secure build reviews, advise on secure design practices, and provide technical insight to both internal teams and clients. Key Responsibilities Perform manual penetration testing of web applications and infrastructure Conduct security build reviews across common … and concise technical reports for a range of stakeholders Collaborate with internal teams and clients to support remediation and secure development Required Skills and Experience Proven experience in manual penetration testing (application and infrastructure) Strong understanding of TCP/IP and core networking principles Extensive experience testing web-based applications Familiarity with secure configuration and build reviews More ❯

Network Security Engineer Network Security/Penetration Testing/CREST/CSTL/API Testing/Config Reviews/Infrastructure/Outside IR35/West London We’re seeking an experienced Network Security Engineer to support a major multi-phase security testing project. You’ll conduct penetration tests, configuration reviews, and infrastructure assessments, contributing to … a high-profile programme of work extending into next year. Required Strong background in network and infrastructure security. Experience performing penetration testing, configuration reviews, and API testing. Knowledge of “classic” CHECK-style testing methodologies. CREST, CSTL or CTL certification (Team Member or Team Leader level). Ability to deliver high-quality reports and communicate technical findings clearly. … Hands-on experience across infrastructure, networking, and external testing. Desirable Experience working within CHECK or other accredited testing schemes. Strong understanding of secure network architecture and hardening practices. Previous consultancy or project-based testing experience. Contract Details Outside IR35 West London (on-site presence required for majority of testing) 0-hours contract – project-based work, phase by More ❯

Network Security Engineer Network Security/Penetration Testing/CREST/CSTL/API Testing/Config Reviews/Infrastructure/Outside IR35/West London We’re seeking an experienced Network Security Engineer to support a major multi-phase security testing project. You’ll conduct penetration tests, configuration reviews, and infrastructure assessments, contributing to … a high-profile programme of work extending into next year. Required Strong background in network and infrastructure security. Experience performing penetration testing, configuration reviews, and API testing. Knowledge of “classic” CHECK-style testing methodologies. CREST, CSTL or CTL certification (Team Member or Team Leader level). Ability to deliver high-quality reports and communicate technical findings clearly. … Hands-on experience across infrastructure, networking, and external testing. Desirable Experience working within CHECK or other accredited testing schemes. Strong understanding of secure network architecture and hardening practices. Previous consultancy or project-based testing experience. Contract Details Outside IR35 West London (on-site presence required for majority of testing) 0-hours contract – project-based work, phase by More ❯

Network Security Engineer Network Security/Penetration Testing/CREST/CSTL/API Testing/Config Reviews/Infrastructure/Outside IR35/West London We’re seeking an experienced Network Security Engineer to support a major multi-phase security testing project. You’ll conduct penetration tests, configuration reviews, and infrastructure assessments, contributing to … a high-profile programme of work extending into next year. Required Strong background in network and infrastructure security. Experience performing penetration testing, configuration reviews, and API testing. Knowledge of “classic” CHECK-style testing methodologies. CREST, CSTL or CTL certification (Team Member or Team Leader level). Ability to deliver high-quality reports and communicate technical findings clearly. … Hands-on experience across infrastructure, networking, and external testing. Desirable Experience working within CHECK or other accredited testing schemes. Strong understanding of secure network architecture and hardening practices. Previous consultancy or project-based testing experience. Contract Details Outside IR35 West London (on-site presence required for majority of testing) 0-hours contract – project-based work, phase by More ❯

ReRoot Cyber is seeking highly skilled and forward-thinking CHECK Team Members to join one of the UK’s most respected testing teams. This is an independent, privately owned testing consultancy led by industry-recognised names who are hackers at heart. This team is led by an active penetration tester who understands the niggles of day penetration testing operations. As a result, engagements are centred around making your day-to-day responsibilities as easy as possible, with a pure focus on value added testing. Most of your time will be spent on advanced testing and large-scale engagements that give you the opportunity to collaborate with wider technologists. (engineers, developers and blue teamers) They … but that’s not where they phish. If you thrive on bringing ideas to life, creating bespoke tools and adding true value to your clients, then this is the penetration testing team for you. This is a home based position with very very very limited travel & public sector work. Full right to work in the UK is required More ❯

strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud … updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication and stakeholder More ❯

strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence to ensure alignment with group-wide security standards and initiatives. Vulnerability Management, Penetration Testing & PSIRT Lead vulnerability assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud … updates to leadership on risk posture and mitigation plans. Requirements Proven experience in a senior security role, ideally within a technology or SaaS environment. Strong understanding of vulnerability management, penetration testing, SecOps, and cloud security. Experience establishing or contributing to PSIRT processes. Experience working with cross-functional teams including engineering, operations, and client services. Excellent communication and stakeholder More ❯

Location: Belfast Workplace: Hybrid The opportunity: The Security Vulnerability and Penetration Testing Engineer will oversee and serve as a technical resource for all assessment activities related to the security posture of existing and proposed firm systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems per the firm's business objectives … regulatory requirements, and strategic goals. Main responsibilities: Perform security penetration testing of the Firm's systems, platforms, and applications Serve as a Subject Matter Expert (SME) for the VAPT function Serve as the system owner for common VAPT toolsets, platforms, and processes Provide technical assessment reports that are easily understandable by the target audience and include practical and … is required Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables Extensive experience with common automated VAPT tools such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave Expert in common More ❯

own and mature our vulnerability and threat intelligence lifecycle. This role will focus on proactively identifying, assessing, and reducing security risks across our environment. You will lead vulnerability scanning, penetration testing, bug bounty findings, patch management facilitation, and KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on … calls with IT/application teams, track progress, and drive accountability. Monitor and report on key vulnerability metrics and KPIs, presenting regular updates to security leadership. Manage third-party penetration testing activities, track findings, and ensure timely remediation. Oversee bug bounty program operations, triage reports, and coordinate with development teams for remediation. Continuously assess external attack surface and … and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. Experience with security tools such as BurpSuite Enterprise, Wiz, CrowdStrike, BitSight, or equivalent platforms. Familiarity with vulnerability frameworks such as CVSS, OWASP Top 10, MITRE ATT More ❯

own and mature our vulnerability and threat intelligence lifecycle. This role will focus on proactively identifying, assessing, and reducing security risks across our environment. You will lead vulnerability scanning, penetration testing, bug bounty findings, patch management facilitation, and KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on … calls with IT/application teams, track progress, and drive accountability. Monitor and report on key vulnerability metrics and KPIs, presenting regular updates to security leadership. Manage third-party penetration testing activities, track findings, and ensure timely remediation. Oversee bug bounty program operations, triage reports, and coordinate with development teams for remediation. Continuously assess external attack surface and … and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. Experience with security tools such as BurpSuite Enterprise, Wiz, CrowdStrike, BitSight, or equivalent platforms. Familiarity with vulnerability frameworks such as CVSS, OWASP Top 10, MITRE ATT More ❯

own and mature our vulnerability and threat intelligence lifecycle. This role will focus on proactively identifying, assessing, and reducing security risks across our environment. You will lead vulnerability scanning, penetration testing, bug bounty findings, patch management facilitation, and KPI reporting — ensuring our overall vulnerability posture is well understood and continuously improved. As part of a small, hands-on … calls with IT/application teams, track progress, and drive accountability. Monitor and report on key vulnerability metrics and KPIs, presenting regular updates to security leadership. Manage third-party penetration testing activities, track findings, and ensure timely remediation. Oversee bug bounty program operations, triage reports, and coordinate with development teams for remediation. Continuously assess external attack surface and … and consistency of vulnerability processes. 🏡 What we’re looking for Experience in vulnerability management, threat intelligence, or related information security roles. Strong knowledge of vulnerability scanning, patch management, and penetration testing processes. Experience with security tools such as BurpSuite Enterprise, Wiz, CrowdStrike, BitSight, or equivalent platforms. Familiarity with vulnerability frameworks such as CVSS, OWASP Top 10, MITRE ATT More ❯

Cyber Security Consultant (Penetration Tester) Milton Keynes, Buckinghamshire, United Kingdom We are seeking an experienced Cyber Security Consultant (Penetration Tester) . Make an Impact at RSM UK At RSM, our consulting team brings together diverse advisory experts to deliver our six core solutions: business transformation, forensic, deal services, restructuring, finance function support, and risk and governance. Our solutions … seeking an enthusiastic Cyber Security Consultant to join our team. Working alongside our experienced team of specialists, you'll deliver offensive security services including digital footprint reconnaissance, social engineering, penetration testing, vulnerability assessments, and more to high-profile clients across all industries. The purpose of this role is to deliver offensive security services such as digital footprint reconnaissance … social engineering, vulnerability assessments, penetration testing, threat modeling, cyber-attack simulation exercises, and more. You'll benefit from ongoing coaching, career mentoring, and support through our career pathway. You will have opportunities to develop market-leading skills across different capabilities and advance your professional development. You will make an impact by: Supporting technical scoping activities for client assignments. More ❯

the Director of Architecture, Engineering and Test, this role operates horizontally across engineering teams, working closely with the Head of Engineering, Technology Owners and Head of Data to embed testing and quality at every stage of the software development lifecycle.You will lead the transformation of our testing function, focusing on automation, continuous testing, performance engineering, and governance … ensuring that testing is integrated seamlessly into all development processes. Key Responsibilities include: Defining and implementing a company-wide test strategy that aligns with engineering and business goals. Establishing best practices for test automation, performance testing, security testing, and continuous integration. Driving the adoption of test automation frameworks to increase efficiency and reliability. Ensuring test automation is … a culture of continuous improvement, innovation, and knowledge sharing. Ensuring observability, monitoring, and incident/defect management practices incorporate quality metrics. Leading initiatives to enhance system resilience and failover testing for mission-critical services. Ensuring software releases comply with security, regulatory, and compliance standards (e.g., GDPR, ISO 27001). Collaborating with security teams to integrate penetration testing More ❯

effective security controls and countermeasures. Conduct threat modelling exercises to identify potential security risks and vulnerabilities early in the development lifecycle. Conduct in-depth security assessments, code reviews, and penetration testing of applications to identify and mitigate security vulnerabilities. Utilise industry-standard tools and methodologies to assess the security posture of applications and provide actionable recommendations for remediation … person, with the ability to educate and influence on Application Security matters Basic experience in Software Development with any programming language Security Test Management Application Security Assessments Security Assurance Penetration Testing Security Evaluation & Functional Testing Application Security Testing If the above is of interest, please apply with an updated copy of your CV and a member More ❯

Penetration Tester – Cyber Security Contract until December 2025 (extension likely) Hybrid working, 50/50 split between home and site in Berkshire Active SC clearance required ABOUT THE CLIENT: Our client is a leading organisation within the cyber and defence technology sector, delivering secure digital solutions to UK government and critical national infrastructure programmes. They are expanding their cyber … capability and are seeking an experienced Penetration Tester to join the team on a long-term contract, supporting a range of high-impact security projects. THE PENETRATION TESTER ROLE: As a Penetration Tester, you will perform manual and automated testing across web applications, networks, APIs, and mobile platforms. You’ll identify and document vulnerabilities, support red … team operations, and collaborate with development and infrastructure teams to ensure effective remediation and security improvements. Key responsibilities include: Conducting penetration tests and vulnerability assessments across multiple environments Performing red team and threat simulation exercises Producing detailed reports outlining findings, risks, and mitigation strategies Staying current with emerging attack vectors, tools, and exploits Contributing to internal security awareness and More ❯

Penetration Tester – Cyber Security Contract until December 2025 (extension likely) Hybrid working, 50/50 split between home and site in Berkshire Active SC clearance required ABOUT THE CLIENT: Our client is a leading organisation within the cyber and defence technology sector, delivering secure digital solutions to UK government and critical national infrastructure programmes. They are expanding their cyber … capability and are seeking an experienced Penetration Tester to join the team on a long-term contract, supporting a range of high-impact security projects. THE PENETRATION TESTER ROLE: As a Penetration Tester, you will perform manual and automated testing across web applications, networks, APIs, and mobile platforms. You’ll identify and document vulnerabilities, support red … team operations, and collaborate with development and infrastructure teams to ensure effective remediation and security improvements. Key responsibilities include: Conducting penetration tests and vulnerability assessments across multiple environments Performing red team and threat simulation exercises Producing detailed reports outlining findings, risks, and mitigation strategies Staying current with emerging attack vectors, tools, and exploits Contributing to internal security awareness and More ❯