1 to 25 of 520 Permanent Penetration Testing Jobs

retain, and develop talent and expertise, including application security specialists. Set and maintain the team’s culture and tone. Business Continuity and Disaster Recovery: Contribute to the development and testing of business continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response: Establish and maintain processes for continuous security … and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC): Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware development culture with a strong application security focus. Third-Party Risk Management: Develop and implement a program for assessing and managing the information security risks, including application security risks, associated with third-party vendors and service providers. Security Awareness and Training: Develop and deliver More ❯

retain, and develop talent and expertise, including application security specialists. Set and maintain the team’s culture and tone. Business Continuity and Disaster Recovery: Contribute to the development and testing of business continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response: Establish and maintain processes for continuous security … and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC): Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware development culture with a strong application security focus. Third-Party Risk Management: Develop and implement a program for assessing and managing the information security risks, including application security risks, associated with third-party vendors and service providers. Security Awareness and Training: Develop and deliver More ❯

and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture and application development. Maintain and enhance incident response procedures and disaster recovery plans. More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and compliance . Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The … incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/ More ❯

You'll be working on interesting large-scale Government and private sector projects. ROLE OBJECTIVE We are seeking a highly skilled Cyber Security Consultant with a strong background in penetration testing and network security. This role is ideal for a cybersecurity professional with experience in identifying, assessing, and mitigating security risks across various platforms. The consultant will play … a critical role in evaluating and strengthening our clients’ cybersecurity postures by conducting in-depth security assessments, vulnerability analysis, and developing comprehensive security strategies. RESPONSIBILITIES Conduct comprehensive penetration tests, vulnerability assessments, and security audits to identify risks and ensure compliance with industry best practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems’ security postures. Investigate … to prepare the organization to respond efficiently and effectively to cyber threats. Travel to various client locations when required (potential international travel) and deliver high quality solutions (e.g. OT testing or other IT services). Collaborate with client teams to develop, document, and implement security policies, standards, and guidelines aligned with industry standards (e.g., ISO 27001, NIST). Assist More ❯

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

Azure Disk Encryption for data protection. • Automation & Security Tools Utilize automation tools (e.g. ArgoCD) and DevSecOps principles to implement security into the CI/CD pipeline, ensuring that security testing, vulnerability scanning, and security checks are integrated into the entire software development lifecycle. Leverage Infrastructure as Code (IaC) tools such as Terraform, Bicep, or Azure Resource Manager (ARM) templates … cloud usage and costs, recommend optimization strategies, and help implement cost-effective cloud solutions while ensuring security and performance. • Risk Assessment & Management Conduct security risk assessments, vulnerability assessments, and penetration testing to identify weaknesses in Azure-based applications and infrastructure. Provide remediation strategies to address identified risks. • Collaboration & Leadership Collaborate with cross-functional teams (DevOps, operations, development, and … monitoring and logging tools such as Azure Monitor, Application Insights, or Log Analytics and third-party solutions like Splunk or Elastic Stack. • Experience in risk management, vulnerability assessment, and penetration testing, along with a strong understanding of incident response and remediation strategies in the cloud. • Hands-on experience with CI/CD tools (e.g.,Azure DevOps,ArgoCD) and More ❯

including evaluating vendor risk, examining vendor contracts, understanding third-party risk, and data privacy issues. This individual serves as an expert on cybersecurity protection, detection, response, and recovery, coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, data leakage prevention, patching, encryption, vulnerability … Review policies and procedures annually for security compliance. Develop, test, and implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

PENETRATION TESTER: Senior and Expert Levels Location: Chantilly, VA US Security Clearance Requirement: TS/SCI with Full Scope Polygraph Clearance Status: Must be Current JOB DESCRIPTION: Inferno Systems is currently looking for Penetration Tester positions with a minimum of 7+ years experience conducting technical security and/or vulnerability assessments. Please note the security clearance requirement above … candidates MUST have a current/active TS/SCI with Full Scope Poly to be considered. JOB SUMMARY: We are looking for Penetration Testers whose work will directly impact U.S. policymakers, military officials and law enforcement agencies. You should be able to use sophisticated techniques to identify vulnerabilities, exploit them, and gain and maintain access to targets. You … center architecture. • Understanding in cloud computing platform technologies such as AWS, Microsoft Azure, Google, cloud computing environment and cloud security. • Demonstrated real world experience performing gray and black box penetration testing. • Strong familiarity with some of the following: OWASP top 10, DoD and NSA Vulnerability and Penetration Testing Standards. • Understanding of basic IP fundamentals and how protocols More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and more. Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The Role … skills, and the ability to work collaboratively with clients and internal teams. Key Responsibilities Design, implement, and maintain security solutions to protect networks, applications, and data. Conduct security assessments, penetration testing, and vulnerability management. Monitor and respond to security incidents, ensuring swift mitigation and resolution. Develop and enforce security policies, procedures, and best practices. Perform security audits and … efforts, ensuring alignment with industry standards and regulations. Requirements Proven experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash More ❯

with industry standards such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK … Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities, penetration testing, and compliance Experience with network security, encryption, TLS, SSL, and security monitoring tools MUST have the Right to work in the UK i.e. British Citizen, ILR status or Settled status More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

and data governance best practices seamlessly into the software development life cycle. Evaluate company and vendor technology infrastructure security. Participate in disaster recovery and business continuity planning, reviews, and testing to continuously improve our organizational and operational resilience. As a key member of our Security Incident Response team, apply keen investigative skills and take swift action in resolving security … alerts or breaches, safeguarding our digital borders. Conduct penetration testing and vulnerability scanning on all company networks and applications. Collaborate with engineering stakeholders to prioritize and remediate vulnerabilities based on severity and impact. Research emerging products, technologies, and best practices to improve security posture for the company. Provides recommendations to security leadership for implementation. Key participant in company More ❯

suspicious activity and respond to security incidents. Conduct regular network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of vulnerabilities and remediation efforts. Forensic Analysis: Perform More ❯

so that they are ready for the challenges of today and tomorrow. Essential Duties and Responsibilities: As a Lead InfoSec Consultant, you'll take the lead in executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in … teams to integrate security into the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee … regular penetration tests and vulnerability assessments on applications, networks, systems, and infrastructures. Identify, exploit, and document vulnerabilities, including demonstrating the business impact of potential exploits. Analyse and prioritise vulnerabilities based on risk and provide detailed technical reports with recommended remediation steps for developers and system administrators. Keep up to date with the latest security vulnerabilities, exploits, and attack methodologies More ❯

continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats. End to end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming. Provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and … remediate vulnerabilities and threat exposures Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and penetration testing requirements. Act as Bupa’s subject matter expert on vulnerability impact and risk, providing guidance on root cause and managing the full lifecycle of reported vulnerabilities through to closure. Collaborate with their counterparts in other … bring Solid experience in cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing More ❯

Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations to match … servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing policies, processes and procedures as part of an information security programme, including training and awareness to employees at all levels. Experience of More ❯

Responsibilities: Lead security operationsacross our product and cloud environment (Azure), working closely with DevOps and engineering to ensure security best practices are followed. Manage external relationshipswith security providers, including penetration testers and SOC 2 Type II auditors. Own the SOC 2 audit process, coordinating internal preparation, evidence collection, and communication with auditors to ensure compliance is maintained. Respond to … infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience conducting or managing penetration tests and security audits Can produce network and security architecture designs using More ❯

Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch. System administration on Unix, Linux, or Windows Network forensics, logging, and event management Defensive network infrastructure (operations or engineering) Vulnerability assessment and penetration testing concepts Malware analysis concepts, techniques, and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve More ❯