1 to 25 of 51 Penetration Testing Jobs in the City of London

Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations to match … servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing policies, processes and procedures as part of an information security programme, including training and awareness to employees at all levels. Experience of More ❯

As a crucial member of the team, you will collaborate with a talented mix of Product Owners/Managers, Solution, Cloud and Enterprise Architects, Experience Designers, Business Analysts, and Testing specialists to build, deliver, and manage a portfolio of truly exciting products. In recent years, our products' size and scale have rapidly expanded, leading to significant growth in our … and management of Product/Platform security processes and automated tooling that prevent security issues. Support on threat modelling exercises for our products. Perform security-focused code reviews. Support penetration testing activities. Prioritise and oversee vulnerability remediation. Manage the implementation of logging and integration to the corporate SIEM for SOC monitoring. Lead Clara’s response to incidents and … principles across our product engineering team. Manage escalations of security related issue, risk or exceptions, including audit actions Lead Clara’s relationships with central security teams (Security Architecture, Security Testing, Security Operations) and contribute to communities of practice. What will you need to do it? Excellent understanding of security controls within Azure environments Previous experience developing cloud-native applications More ❯

part of projects and initiatives. Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard. Organise penetration testing, managing the necessary remedial work and communicating go-live risks. Contribute to the development of the security architecture, the SDLC, and application security testing standards. Support … point of escalation in the event of Major Incidents, Disaster Recover or Business Continuity scenarios. Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC. Assist the CISO, as required, in the wider delivery of Cyber Security. Skills and Experience: Proven experience in a similar role within a mid More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised, successful … in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all third-party vendors involved in the remediation process. The job holder will also prepare the necessary More ❯

Cyber Vulnerability Management Analyst Fixed Term Contract (Maternity Cover) 18 months Must have experience working on Tenable.IO, analysed vulnerabilities form penetration testing reports, work with vendors to remediate vulnerabilities, has patch management experience, has patched/worked on windows, Linux and Azure cloud systems, analyse and remediate SOC/NOC alerts. Our Client is a globally recognised, successful … in line with our long-term goals. The role of Cyber Vulnerability Management Analyst is to deal with all remediation work in relation to identified vulnerabilities inclusive of patch testing and implementation within SLA. The job holder will work very closely with all third-party vendors involved in the remediation process. The job holder will also prepare the necessary More ❯

best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations. Investigate security incidents, prioritise remediation and … ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST … AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications such as CISSP, OSCP, GWAPT, CEH or CSSLP are a plus. Experience with Infrastructure More ❯

incident analysis, investigation, and mitigation. Oversee and maintain security equipment including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), and antivirus systems. Perform periodic security drills and regular penetration testing to ensure the integrity of security systems. Harden security controls across Windows and Linux environments and ensure regular patching and firmware upgrades. Enhance data security through robust … encryption practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications: Minimum 3 years More ❯

who are eager to develop their skills in a collaborative and fast-paced environment. Responsibilities: •Monitor and analyze security alerts to identify potential threats. •Assist with vulnerability assessments and penetration testing. •Support the implementation of security tools and protocols. •Investigate and respond to security incidents alongside the IT team. •Create detailed reports on security findings and recommendations for stakeholders. More ❯

Incident Response: Assist in the investigation and response to security incidents, such as malware infections, unauthorized access attempts, and data breaches. Vulnerability Management: Assist in conducting vulnerability assessments and penetration testing to identify potential system and network weaknesses. Work with senior team members to apply patches and updates to mitigate vulnerabilities. Network Access Control: Configure switches and endpoints More ❯

applicants Join to apply for the Senior Security Consultant role at Bridewell Direct message the job poster from Bridewell Senior Talent Acquisition Business Partner - Cyber Security | Managed Security Services | Penetration Testing | Data Privacy About Bridewell One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID More ❯

Logic Apps. Administering security tools, including firewalls, endpoint protection, and vulnerability management systems. Ensuring data security by managing encryption, access controls, and compliance requirements. Performing security assessments, audits, and penetration testing. Developing security automation processes for identity and access management (IAM), network security, and patch management. Collaborating with stakeholders to ensure security best practices are integrated into new and More ❯

Security Engineer, you will implement and maintain robust security systems and protocols across the our IT infrastructure. You will conduct risk assessments and vulnerability scans, mitigate vulnerabilities identified in penetration testing, and implement preventative measures to protect against cyber threats. You will monitor the security infrastructure and detect and respond to potential threats. You will help mentor and … Manage MDM\MAM and Conditional Access Manage security certificates and keys. Manage IDS and IPS. Manage PAM systems Deliver Cyber Security Awareness Training Remediate vulnerabilities and weaknesses identified during penetration testing. Ad-hoc IT security projects The successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack CrowdStrike EDR Mimecast … Microsoft Certificate Services Ivanti or Automox patching AppCheck or Tenable WAS Kali Linux (NMAP, Metasploit, BurpSuite, John etc) Desired Education: CISM, MS SC100, 200 and 900, OSCP or other penetration testing qualifications. Industry: Financial services, SOC, Pentesting is desirable Personal Skills: Excellent inter-personal, written and verbal communication skills The ability to handle multiple priorities, tasks and projects More ❯

overall security posture. Key responsibilities: Conducting comprehensive security assessments: This involves evaluating an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying More ❯

cyber domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT, Security+, CySA+, OSCP, AWS, GCP or Azure Security Certs, or similar Why More ❯

potential threats. Investigate security alerts, logs, and incidents (e.g., malware, unauthorized access, breaches). Assist in incident response and remediation efforts. 2. Vulnerability Management Conduct vulnerability assessments and support penetration testing. Collaborate with senior teams to patch systems and mitigate risks. 3. Network Access Control (NAC) Configure switches and endpoints for NAC upgrades and troubleshooting. 4. IP Telephony Support More ❯

robust integration capabilities with payment gateways, partner banks, and other relevant third-party systems. · Develop and implement comprehensive security policies, procedures, and controls. · Oversee security audits, vulnerability assessments, and penetration testing. · Collaborate with the Chief Compliance Officer (CCO) to ensure technology solutions meet all regulatory obligations within the remittance industry. Qualifications Proficiency in Software Development and Product Development skills More ❯

Conditional Access systems Maintain security certificates, encryption keys, and IDS/IPS systems Deliver cybersecurity awareness training and lead ad-hoc security projects Support and resolve issues identified during penetration testing Ideal Experience We’re looking for someone with strong hands-on experience in most of the following technologies: Essential: CrowdStrike EDR Mimecast Duo, Okta Rapid7 IVM, Tenable … patching Kali Linux, Metasploit, NMAP, BurpSuite Candidate Profile Professional certifications such as CISM, MS SC100/200/900, OSCP are advantageous Background in financial services, SOC environments, or penetration testing preferred Strong interpersonal and communication skills, with the ability to engage across teams and deliver training effectively Able to manage multiple priorities and collaborate cross-functionally What More ❯

ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track remediation and risk acceptance outcomes. Monitor, measure, and report on vulnerability management performance, including KPIs, SLAs, and risk metrics. Vulnerability Engineer – Your Background The ideal … Strong scripting skills using languages such as Python, Bash, PowerShell, or Go. Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack. Ability to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the More ❯

tech and collaborate with some of the brightest minds in the industry. Desired Experience (full job spec available): Strong experience working in technical security roles Experience in vulnerability assessment, penetration testing, and vulnerability management processes, etc. Familiarity with security incident response procedures. Excellent communication skills and the ability to collaborate with cross-functional teams. Experience with Python scripting More ❯

tech and collaborate with some of the brightest minds in the industry. Desired Experience (full job spec available): Strong experience working in technical security roles Experience in vulnerability assessment, penetration testing, and vulnerability management processes, etc. Familiarity with security incident response procedures. Excellent communication skills and the ability to collaborate with cross-functional teams. Experience with Python scripting More ❯

required Familiar with NIST, ISO 27001, ITIL Azure - 5 years experience Info Sec (Azure AD, Defender, Sentinel) PIM/PAM Audits and report writing Assessments Vulnerability Management and Pen Testing Zero Trust Architecture Automation (eg powershell, python More ❯

Responsibilities Plan, research, and execute testing of computer systems and applications to simulate real-world attacks on Microsoft’s services and infrastructure. Assess existing security capabilities to detect and respond to emerging threats. Outline and document risk impacts in executive summary reports and communicate findings to relevant stakeholders. Perform research to stay current with penetration testing tools … methodologies, tactics, and mitigations. Participate as an infrastructure/operation specialist in overt penetration testing engagements, including Purple Team exercises where we emulate real-world adversaries. Develop and maintain penetration testing procedures and methodologies. Conduct research to remain updated with the latest in application security, both offensive and defensive techniques, and share findings within the Microsoft … Security Community. Qualifications Experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection. Experience with penetration testing/red-teaming, cloud, services, and network security. Strong coding skills in languages such as C#, Python, C++, Go, PowerShell, ASP.NET, JavaScript. Preferred: Master’s degree in computer science, software engineering, information security, or More ❯

and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools and data stream processing tools Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. Experience in writing content/polices for monitoring in line with MITRE ATT&CK framework Familiarity with regulatory requirements such as GDPR More ❯