1 to 25 of 48 Remote/Hybrid Permanent Penetration Testing Jobs

looking to hire two Lead Penetration Testers with CTL Certification. This is a chance to join a well-established cybersecurity team that supports organisations across both public and private sectors. You’ll play a key role in delivering high-quality penetration testing that helps clients stay secure … fast-moving threat landscape. Role Overview: Role: Lead Penetration Tester (CTL Certified) Location: Remote with ad-hoc travel to client sites. Package: £60,000- £80,000 per annum & benefits. Industry: Cyber Security/Managed Security Services. What You’ll Be Doing: Deliver a wide range of penetration testing ...

based) | Cybersecurity Scale-Up A fast-growing cybersecurity company is seekingSenior Offensive Security Engineers to strengthen their offensive security capabilities. The Role: Conduct comprehensive penetration testing across web applications, infrastructure, APIs, and cloud environments Perform manual security assessments and exploitation Deliver client-facing penetration testing engagements … improvements Essential Requirements: UK Bachelor's degree in Computer Science, Cybersecurity or related subject (or UK Master's as alternative) 3-5 years commercial penetration testing experience Strong understanding of offensive security techniques, OWASP Top 10, MITRE ATT&CK Deep knowledge of operating systems, networking protocols, and system ...

Penetration Tester £40-60K Fully Remote I’m seeking motivated and capable Penetration Tester to join a growing consultancy. You’ll work closely with highly skilled penetration testers, delivering high-quality testing services to a wide variety of organisations. The role covers the full engagement … lifecycle, from pre-sales support through hands-on testing, reporting, and client debriefs. The ideal candidate will have at least two years of hands-on penetration testing experience and be comfortable delivering the following services: Web application penetration testing API security testing Internal ...

verifying the efficacy of our technical, people, physical and process controls from an attacker perspective. The team perform regular Adversary Simulation (Red Team) testing and a range of Ad-Hoc and Tactical Assessments based on changes to the threat landscape and organisational needs. To succeed in this role … adversary simulation. Detailed knowledge of global cyber threats and the procedures used by cyber adversaries. Two or more of the following skills: Network penetration testing and manipulation of network infrastructure Web application penetration testing assessments Email, phone, or physical social-engineering assessments Development, extension, or modifying ...

rapidly growing leader in proactive cybersecurity services is expanding its consulting team and seeking a Security Consultant with a strong background in mobile application penetration testing. This role is ideal for a hands-on penetration tester who enjoys uncovering complex vulnerabilities and delivering meaningful security improvements for enterprise … clients. You will work alongside experienced security professionals, leveraging advanced tooling, automation, and research-driven methodologies to perform deep technical testing across mobile applications and APIs. The focus of this role is on producing high-quality, actionable findings that help organizations strengthen their security posture. Key Responsibilities Perform penetration ...

cybersecurity assessment and certification evaluation of products and components. Examples of the tasks, include, but are not limited to; assessment to latest cybersecurity standards, penetration testing (IoT and WebApp), threat modelling, firmware investigation, code analysis etc. This service will be provided to external clients, who will predominantly … requirements and, using your technical expertise, you will contribute to the development and scaling of a robust product certification framework. Your role will include testing products as well as contributing to the development of an evolving and dynamic cyber assessment service. Main Duties & Responsibilities: Perform assessments to the latest ...

work closely with Software Development teams to ensure application-based vulnerabilities are understood, prioritised, and remediated effectively. You'll contribute to threat modelling, penetration testing, secure design reviews, and the continuous improvement of security testing methodologies. The role also plays a key part in enhancing existing security … automation and the responsible use of AI within application security. INFORMATION SECURITY SPECIALIST ESSENTIAL SKILLS: * Hands-on experience with static and dynamic application security testing tools * Strong understanding of OWASP principles and their use within threat modelling * Experience conducting and reporting on web application penetration testing * Knowledge ...

Role: Head of Security Testing & Vulnerability Management Location: Leeds (Hybrid 2/3 split) Salary: £75,000 - £85,000 Summary: The Head of Security Testing and Vulnerability Management is responsible for defining and delivering the organisation's global approach to security testing and vulnerability management. This role … operates in a complex, multi-regional environment and works closely with technology, engineering, and business stakeholders. Key Responsibilities: Define and lead the global security testing and vulnerability management strategy aligned to enterprise risk objectives. Establish governance, metrics, and reporting for security testing and remediation activities. Oversee penetration ...

JUNIOR PCI PENETRATION TESTERS - LONDON (REMOTE) £35,000 - £45,000 | Fully Remote (UK-based) | Cybersecurity Scale-Up A rapidly growing cybersecurity company is seeking Junior PCI Penetration Testers to join their expanding offensive security team. The Role: Conduct PCI-DSS v4.0 compliance testing including manual penetration testing, quarterly vulnerability scanning, and network segmentation assessments Manage client engagements from scoping through to delivery Perform security assessments using industry-standard tools (Nessus, nmap, Burp Suite, Metasploit) Report findings to technical and non-technical stakeholders Support clients in maintaining PCI-DSS compliance Essential Requirements: UK Bachelor ...

JUNIOR PCI PENETRATION TESTERS - LONDON (REMOTE) £35,000 - £45,000 | Fully Remote (UK-based) | Cybersecurity Scale-Up A rapidly growing cybersecurity company is seeking Junior PCI Penetration Testers to join their expanding offensive security team. The Role: Conduct PCI-DSS v4.0 compliance testing including manual penetration testing, quarterly vulnerability scanning, and network segmentation assessments Manage client engagements from scoping through to delivery Perform security assessments using industry-standard tools (Nessus, nmap, Burp Suite, Metasploit) Report findings to technical and non-technical stakeholders Support clients in maintaining PCI-DSS compliance Essential Requirements: UK Bachelor ...

working with an established cyber security consultancy that is looking to hire a Penetration Tester as part of their continued growth. This is a fully remote role, offering exposure to a broad client base and varied technical environments. The consultancy delivers offensive security services to organisations across multiple sectors … making this a great opportunity for a tester who enjoys variety, autonomy, and client-facing work. Responsibilities Deliver penetration testing engagements including: Web application testing Internal and external infrastructure testing API and cloud-based assessments Identify and exploit security vulnerabilities using industry-standard tools and techniques ...

development, DevOps and security, helping teams understand why vulnerabilities exist and how to fix them properly.The foundations are already strong, with regular external penetration testing, positive audit outcomes, and mature security tooling are in place. Your role is to raise the bar further, embedding security deeper into … secure configuration and deployment within Azure (including Azure Front Door, WAF, Defender for Cloud, Sentinel) Support and interpret results from ITHC (UK Government-standard) penetration tests, ensuring findings are understood and remediated across product and platform teams Embed security controls and testing into CI/CD pipelines, improving ...

development, DevOps and security, helping teams understand why vulnerabilities exist and how to fix them properly. The foundations are already strong, with regular external penetration testing, positive audit outcomes, and mature security tooling are in place. Your role is to raise the bar further, embedding security deeper into … secure configuration and deployment within Azure (including Azure Front Door, WAF, Defender for Cloud, Sentinel) Support and interpret results from ITHC (UK Government-standard) penetration tests, ensuring findings are understood and remediated across product and platform teams Embed security controls and testing into CI/CD pipelines, improving ...

role within the Information Security Team. The key tasks and responsibilities include, but are not limited to, the following: Conduct thorough Red Team offensive penetration testing on our IT (on prem and cloud) infrastructure to identify vulnerabilities and provide recommendations for remediation. Perform security assessments on cloud-based … applications, ensuring they adhere to industry standards and best practices. Execute red team exercises to simulate real-world attack scenarios, testing the firm's detection and response capabilities both internal and external. Assess and test the security of internally deployed infrastructure IoT devices and sensors, identifying potential vulnerabilities ...

wide range of technologies and platforms for our client's digital solutions. You will secure enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members. You will belong to an internationally connected team of specialists helping clients with … modelling approaches such as cyber kill chain, STRIDE, exposure analysis, etc. Awareness and understanding of cyber and business risks in the threat, vulnerability and penetration testing domain. Stay up-to-date on current security threats, trends and control solutions. Experience in preparing system security reports by collecting, analysing ...

.NET, Python.* C2 frameworks such as Cobalt Strike, Sliver, Mythic.Required & Valued Certifications in at least one of the below please * OSEP - Offensive Security Experienced Penetration Tester* OSCE/OSCE3 - Offensive Security Certified Expert/Expert3* OSEE - Offensive Security Exploit Expert* OSCP - Offensive Security Certified Professional* OSWE - Offensive Security … Expert* OSED - Offensive Security Exploit Developer* CCSAS - CREST Certified Simulated Attack Specialist* CRT - CREST Registered Penetration Tester* CCT INF/CCT APP - CREST Certified Tester (Infrastructure/Applications)* GPEN - GIAC Penetration Tester* GXPN - GIAC Exploit Researcher & Advanced Penetration Tester* CRTO - Certified Red Team OperatorProfessional Attributes Exceptional consulting ...

Cloud security certifications for AWS. Risk management experience (CRISC, ISO 27005, NIST RMF). Network security and coding experience (Python, Bash, PowerShell, GitHub). Penetration testing exposure. ...

desirable? * Experience working in a managed services or MSP environment* Exposure to compliance frameworks such as GDPR, ISO 27001, or NIST* Vulnerability assessment or penetration testing experience* SOC or security operations experience* Mentoring or leadership exposure within technical teams The Package * 40-hour working week (Monday-Friday ...

technology refresh cycles. Ensure compliance with IT security standards, including Cyber Essentials, Intune, and Sharp security initiatives. Schedule, coordinate, and document annual disaster recovery testing and penetration testing activities. Lead the development, maintenance, and delivery of the organisation’s IT strategy and annual roadmap. Serve as Chair ...

designs with frameworks such as Cyber Essentials, ISO27001, and NCSC guidelines. Conduct internal and client-facing security reviews, readiness assessments, and recommendations. Maintain current penetration testing qualifications to support Cyber Essentials Plus assessments. ?Vulnerability Assessment & Remediation (30%) Oversee and support vulnerability assessments across client environments, ensuring consistent methodology ...

maturity assessments Collaboration with infrastructure, support, compliance, and security teams Nice to Haves Background in SOC , infrastructure, or technical security roles Exposure to penetration testing concepts (understanding how testing works, not hands-on delivery) Experience improving immature or overly compliance-led risk processes Familiarity with public sector ...

VoIP traffic is well designed, secure and optimised. You will ensure best practices are used for delivering network security. Continually monitoring, maintaining and testing the threat landscape and security posture. Provide regular service status updates to line management and agree and monitor service availability targets. Manage … hundred office, home and field-based employees. Provide day-to-day cyber security guidance and support to relevant technical & business stakeholders. Deliver annual penetration testing and implement recommended improvements. Research latest network cyber threat developments and recommend any actions that will improve network performance and security. Work closely ...

assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation, and problem-solving capability Knowledge ...

Implement advanced monitoring tools to detect, analyse, and respond to security threats in real-time. Proactively identify vulnerabilities and risks through regular assessments and penetration testing and lead incident response efforts for cloud-related security breaches, ensuring minimal downtime and data loss. Develop automated workflows for vulnerability management ...

collaborating with engineers to embed security into development workflows rather than treating it as an afterthought. You'll be hands-on with security testing across a range of environments, running Dynamic Application Security Testing (DAST) against live applications, focusing on issues such as cross-site scripting, SQL injection … broken access control. You'll also use Interactive Application Security Testing (IAST) tools for runtime analysis, including tools such as Burp Suite, OWASP ZAP and Frida, alongside Static Application Security Testing (SAST) and software composition analysis to assess source code, binaries, and third-party dependencies. Location/ ...