1 to 25 of 157 Remote Permanent Penetration Testing Jobs

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

including evaluating vendor risk, examining vendor contracts, understanding third-party risk, and data privacy issues. This individual serves as an expert on cybersecurity protection, detection, response, and recovery, coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, data leakage prevention, patching, encryption, vulnerability … Review policies and procedures annually for security compliance. Develop, test, and implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

with industry standards such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK … Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities, penetration testing, and compliance Experience with network security, encryption, TLS, SSL, and security monitoring tools MUST have the Right to work in the UK i.e. British Citizen, ILR status or Settled status More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

and data governance best practices seamlessly into the software development life cycle. Evaluate company and vendor technology infrastructure security. Participate in disaster recovery and business continuity planning, reviews, and testing to continuously improve our organizational and operational resilience. As a key member of our Security Incident Response team, apply keen investigative skills and take swift action in resolving security … alerts or breaches, safeguarding our digital borders. Conduct penetration testing and vulnerability scanning on all company networks and applications. Collaborate with engineering stakeholders to prioritize and remediate vulnerabilities based on severity and impact. Research emerging products, technologies, and best practices to improve security posture for the company. Provides recommendations to security leadership for implementation. Key participant in company More ❯

applications. Scripting experience (Python, Bash) for automation of security tasks and data analysis. Experience leading security compliance efforts and working with RMF/ATO processes. Familiarity with threat modeling, penetration testing, and incident response procedures. Active secret clearance is required, with TS/SCI preferred. Industry certifications such as CISSP, CEH, GCIH, GCIA, or AWS Security Specialty are More ❯

ensure we continuously improve our security posture. What you'll be doing: Ensure Security Engineering capabilities align with business needs and scale effectively with growth. Lead assurance activities, including penetration testing, purple teaming, and application security assessments, to validate control effectiveness and uncover areas for improvement. Drive key security initiatives such as developing secure coding standards, conducting threat More ❯

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

the cloud to ensure design implementation, safeguarding Experian's assets. You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager. Identifying gaps, documenting findings, and recommending improvements to mitigate risks are important responsibilities. Using data-driven testing techniques and a defined methodology, you'll collaborate to ensure … Develop test plans, test cases, and procedures, applying data from security tools to capture evidence. Use queries and dashboards to identify potential control failures as part of the control testing process. Ensure the accuracy and timely completion of control testing, providing peer review. Document findings, including root cause analysis and applicable recommendations for remediation. Be the primary liaison … with partners, delivering clear progress updates and results. Contribute lessons learned by integrating partner feedback to improve the control testing program. About Experian About us, but we'll be brief Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses, and society. Experian is a global data More ❯

the cloud to ensure design implementation, safeguarding Experian's assets. You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager. Identifying gaps, documenting findings, and recommending improvements to mitigate risks are important responsibilities. Using data-driven testing techniques and a defined methodology, you'll collaborate to ensure … Develop test plans, test cases, and procedures, applying data from security tools to capture evidence. Use queries and dashboards to identify potential control failures as part of the control testing process. Ensure the accuracy and timely completion of control testing, providing peer review. Document findings, including root cause analysis and applicable recommendations for remediation. Be the primary liaison … with partners, delivering clear progress updates and results. Contribute lessons learned by integrating partner feedback to improve the control testing program. About Experian About us, but we'll be brief Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses, and society. Experian is a global data More ❯

Plan, lead the response to security incidents and breaches, providing expertise in root cause analysis, containment, and remediation. Vulnerability Management: Conduct regular security assessments, including vulnerability scanning and writing penetration testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide guidance on the selection, implementation, and optimization of security tools such as … IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation of the Engineering development lifecycles and how the Product Security specialism aligns Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as the legacy JSP 604 Assurance or the CAF GovAssure processes). More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

security policies. Ensure security integration into the Software Development Lifecycle (SSDLC) by collaborating with product owners to implement security best practices. Lead and follow up on non-functional security testing (code scanning, penetration testing, threat modelling) and the yearly security auditing campaign, ensuring follow-up as part of the risk management process. Manage the related security risks … in the context of our software development and coordination activities, work with product owners and software development teams on managing identified risks. Provide security expertise to testing teams to enhance security coverage in functional test cases. Organise and perform security trainings for the teams. Support the architecture design activities with security related knowledge. Act as the single point of More ❯

part of projects and initiatives. Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard. Organise penetration testing, managing the necessary remedial work and communicating go-live risks. Contribute to the development of the security architecture, the SDLC, and application security testing standards. Support … point of escalation in the event of Major Incidents, Disaster Recover or Business Continuity scenarios. Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC. Assist the CISO, as required, in the wider delivery of Cyber Security. Skills and Experience: Proven experience in a similar role within a mid More ❯

financial services or large-scale enterprises, with an understanding of regulatory requirements in IT and cybersecurity. Security certifications such as CISSP, CISM, CCSK, or similar. Familiarity with vulnerability management, penetration testing, and reviewing IT and security clauses in contracts. Knowledge of control frameworks and audit methodologies within second line risk functions. Strong communication and influencing skills, capable of More ❯

tools OSINT and cyber-threat intelligence gathering Familiarity with cybersecurity processes Background from system administration or Security Operation Center/CSIRT work is considered an advantage. Computer forensics expertise, penetration testing experience, academic studies, and security related certifications (like: GCFA, GCFE, GCIA, GCIH, CISSP, GREM, OSCP) are a strong plus. Strong ethics, fluent written and spoken English as More ❯

experience with cloud platforms (AWS, Azure, or GCP) - cloud security knowledge preferred. Familiarity with virtualization technologies and associated security controls. Demonstrated experience in at least one of the following: Penetration Testing : Offensive security and exploitation techniques. Digital Forensics : Host, network, or memory-based investigation. Threat Hunting : Detection engineering and hypothesis-driven threat investigation. Knowledge of modern security tooling More ❯

In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include representing our global penetration testing team, overseeing the assessment of cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits. Key Responsibilities Cybersecurity Program … as NIST, ISO 27001, and other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Vulnerability Assessment and Penetration Testing Management Represent our vulnerability assessment and penetration testing team Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews. … ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. In-depth understanding of penetration testing and vulnerability assessments and their integration into broader cyber assurance projects. Education & Certifications: Bachelor's or master's degree in information security, Computer Science, Engineering, or a More ❯

Description: We are seeking Cybersecurity Software Evaluators to assess and analyze the security of software applications used in high-security government environments. This role involves conducting cyber evaluations, security testing, and risk assessments on software applications to ensure compliance with Department of Defense (DoD) cybersecurity standards. This position is initially for a few months with the potential for long … Test applications for compliance with DoD cybersecurity frameworks, including NIST 800-53, RMF, and STIGs. • Work closely with developers, security engineers, and system administrators to implement security recommendations. • Perform penetration testing and vulnerability assessments on government software systems. • Document findings, create security reports, and provide actionable recommendations for remediation. • Assist with the development of secure coding practices and … with the ability to maintain it in valid status. • Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). • 5+ years of experience in cybersecurity, penetration testing, or software security evaluation. • Certifications such as CISSP, CEH, OSCP, or GIAC GWEB are highly preferred. • Experience with secure coding practices and software vulnerability assessment tools (e.g. More ❯