26 to 50 of 563 Permanent Penetration Testing Jobs

suspicious activity and respond to security incidents. Conduct regular network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of vulnerabilities and remediation efforts. Forensic Analysis: Perform More ❯

so that they are ready for the challenges of today and tomorrow. Essential Duties and Responsibilities: As a Lead InfoSec Consultant, you'll take the lead in executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in … teams to integrate security into the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee … regular penetration tests and vulnerability assessments on applications, networks, systems, and infrastructures. Identify, exploit, and document vulnerabilities, including demonstrating the business impact of potential exploits. Analyse and prioritise vulnerabilities based on risk and provide detailed technical reports with recommended remediation steps for developers and system administrators. Keep up to date with the latest security vulnerabilities, exploits, and attack methodologies More ❯

emergent threats, and develop sophisticated exploits and payloads to test and validate defenses. Architect and maintain a secure development environment, integrating security into the software lifecycle through code analysis, penetration testing, and vulnerability mitigation. Deploy, operate, and fine-tune a suite of advanced cybersecurity tools, including Endpoint Detection and Response (EDR), firewalls, and Intrusion Detection/Prevention Systems … Security Expert (GSE). Specialized credentials in cloud security (e.g., AWS Certified Security, Azure Security Engineer, CCSP). Practical experience executing red team/blue team exercises and comprehensive penetration tests. Advanced knowledge of modern security paradigms like Zero Trust architecture and micro-segmentation. More ❯

Responsibilities: Lead security operationsacross our product and cloud environment (Azure), working closely with DevOps and engineering to ensure security best practices are followed. Manage external relationshipswith security providers, including penetration testers and SOC 2 Type II auditors. Own the SOC 2 audit process, coordinating internal preparation, evidence collection, and communication with auditors to ensure compliance is maintained. Respond to … infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience conducting or managing penetration tests and security audits Can produce network and security architecture designs using More ❯

standards to achieve and maintain Authorization to Operate (ATO). Utilize eMASS to input, track, and manage cybersecurity controls, vulnerabilities, and ATO packages under senior engineer guidance. Perform security testing (e.g., system scans, penetration testing, configuration reviews) to validate hardening measures and ensure ATO readiness. Stay up-to-date on emerging threats, vulnerabilities, and industry standards affecting More ❯

applications. Scripting experience (Python, Bash) for automation of security tasks and data analysis. Experience leading security compliance efforts and working with RMF/ATO processes. Familiarity with threat modeling, penetration testing, and incident response procedures. Active secret clearance is required, with TS/SCI preferred. Industry certifications such as CISSP, CEH, GCIH, GCIA, or AWS Security Specialty are More ❯

Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc DESIRABLE SKILLS More ❯

Must be punctual, reliable, and accountable for themselves, with ability to follow through with tasks to completion Desired Education & Experience: Experience in system and application hardening, vulnerability assessments, and penetration testing. Relevant security certifications preferred. Experience working in an agile environment preferred T-Rex Overview Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including … skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current … maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. Communicate complex security concepts and More ❯

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

in managing the distribution of RMF projects and reporting status on completion efforts of each SCA team member. Their technical functions encompass a range of tasks aimed at assessing, testing, and validating security measures to identify vulnerabilities and enhance overall security posture. GENERAL DUTIES: Security Controls Assessment Planning: Develops comprehensive assessment plans based on established security standards, frameworks (e.g. … NIST SP 800-53, ISO 27001), and regulatory requirements. Define assessment scope, objectives, methodologies, and timelines. Security Controls Testing: Conduct rigorous technical testing of security controls across various domains such as access control, cryptography, network security, and incident response. Use automated tools, manual techniques, and specialized testing methodologies to identify weaknesses and vulnerabilities. Vulnerability Scanning and Analysis … vulnerability scans using automated scanning tools to identify potential security flaws in systems, networks, and applications. Analyze scan results, prioritize vulnerabilities based on risk, and provide recommendations for remediation. Penetration Testing: Conduct simulated cyberattacks to identify exploitable security weaknesses and assess the resilience of defensive measures. Perform network penetration testing, web application testing, wireless network More ❯

Work for an award-winning provider of Security Services, specialising in Cyber Security Services such as Vulnerability Management, Information Security, Penetration Testing, and Managed Security Services. We boast a fully managed Security Operations Centre (SOC) staffed by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise … maintain KQL scripts for querying and analysing data within Azure Sentinel. Collaborate with cross-functional teams to identify security vulnerabilities and develop appropriate solutions. Conduct regular security assessments and penetration testing to identify and mitigate potential risks. Stay updated on emerging cyber security threats and best practices, implementing necessary adjustments to security protocols. Provide guidance and support to More ❯

security architecture and assurance to OFFICIAL and above classifications. Provide specialist advice and knowledge of Public Cloud (Azure, AWS, GCP) cloud-based security architectures. Define and lead external security testing (e.g ITHC) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service (SaaS) solutions. Formulate HMG Information Assurance Risk … across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required, SECRET desirable) or equivalent in other industries Designing & delivering secure systems & tooling: Working … and principles Working within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform) Managing technical assessments of security related technologies, vulnerability assessments and penetration tools and techniques Enabling & informing risk-based decisions: Working with higher impact or more complex risks, advising on the impact and whether this is within risk tolerance Understanding and More ❯

the cloud to ensure design implementation, safeguarding Experian's assets. You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager. Identifying gaps, documenting findings, and recommending improvements to mitigate risks are important responsibilities. Using data-driven testing techniques and a defined methodology, you'll collaborate to ensure … Develop test plans, test cases, and procedures, applying data from security tools to capture evidence. Use queries and dashboards to identify potential control failures as part of the control testing process. Ensure the accuracy and timely completion of control testing, providing peer review. Document findings, including root cause analysis and applicable recommendations for remediation. Be the primary liaison … with partners, delivering clear progress updates and results. Contribute lessons learned by integrating partner feedback to improve the control testing program. About Experian About us, but we'll be brief Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses, and society. Experian is a global data More ❯

the cloud to ensure design implementation, safeguarding Experian's assets. You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager. Identifying gaps, documenting findings, and recommending improvements to mitigate risks are important responsibilities. Using data-driven testing techniques and a defined methodology, you'll collaborate to ensure … Develop test plans, test cases, and procedures, applying data from security tools to capture evidence. Use queries and dashboards to identify potential control failures as part of the control testing process. Ensure the accuracy and timely completion of control testing, providing peer review. Document findings, including root cause analysis and applicable recommendations for remediation. Be the primary liaison … with partners, delivering clear progress updates and results. Contribute lessons learned by integrating partner feedback to improve the control testing program. About Experian About us, but we'll be brief Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses, and society. Experian is a global data More ❯

demonstrating expertise across various areas (e.g., CISM, CISA, OSCP, GPEN). Experience Industry Experience: Minimum of 3-5 years of professional experience in cybersecurity roles such as security analyst, penetration tester, security consultant, or security architect. Teaching Experience: Prior teaching experience in higher education or corporate training environments preferred. Experience with online course platforms and virtual learning environments is … IDS/IPS, network monitoring tools, threat intelligence platforms, and security protocols. Skills and Expectations: Technical Expertise In-depth knowledge of cybersecurity frameworks, tools, and protocols. Practical experience with penetration testing, vulnerability assessments, and security operations. Familiarity with incident response procedures, risk management, and security compliance. Instructional Skills Ability to convey complex technical information clearly and effectively to More ❯

Plan, lead the response to security incidents and breaches, providing expertise in root cause analysis, containment, and remediation. Vulnerability Management: Conduct regular security assessments, including vulnerability scanning and writing penetration testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide guidance on the selection, implementation, and optimization of security tools such as … IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation of the Engineering development lifecycles and how the Product Security specialism aligns Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as the legacy JSP 604 Assurance or the CAF GovAssure processes). More ❯

Perform initial triage and analysis of alerts generated by security tools (e.g., SIEM platforms). Conduct forensic analysis of digital artifacts including disk images and log data. Assist with penetration testing and vulnerability assessments. Apply remediation measures to detected vulnerabilities and provide security hardening recommendations. Support the deployment and monitoring of firewalls, encryption tools, and other security technologies. More ❯

English communication skills. Excellent interpersonal and presentation skills. Strong analytical skills. Good understanding of network traffic flows, normal vs. suspicious activities. Knowledge of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing). Ability to learn forensic techniques. Ability to reverse engineer attacks. Knowledge of ITIL disciplines such as Incident, Problem, and Change Management. Ability to work independently with More ❯

log-searching query languages and methods. Must be confident to handle common security incidents independently. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Education Requirements & Experience Minimum of 2 to More ❯

practices, and common attack vectors. • Knowledge of security compliance frameworks and regulations such as GDPR, HIPAA, PCI DSS, and SOC 2. • Ability to conduct risk assessments, vulnerability assessments, and penetration testing. • Proficiency in scripting languages like Python, PowerShell, or Bash for automation and orchestration tasks. Certifications: (Nice to have, not required: ) • Relevant certifications can be advantageous, such as Certified More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯