managed services, and compliance teams Skills You’ll Need: 2-5+ years in penetration testing (network, web, cloud, etc.) Mastery of tools like Burp Suite, Metasploit, Cobalt Strike, Nmap Deep knowledge of OWASP Top 10, MITRE ATT&CK, and exploitation techniques Strong communication skills (you’ll explain risks to both tech & non-tech stakeholders) Certifications like OSCP, eCPPT, CREST More ❯
/internal). Experience in scoping penetration testing assessments. Strong knowledge of security testing methodologies and frameworks (eg, OWASP, NIST). Proficiency with industry-standard tools (eg, Burp Suite, Nmap, Metasploit, Kali Linux). Excellent written and verbal communication skills. O ne of the following qualifications is essential: OSCP, Crest CRT, ECPPT, GPEN, CRTO or equivalent. Experience with red teaming More ❯
Leeds, West Yorkshire, England, United Kingdom Hybrid / WFH Options
Eames Consulting
Bring - Skills & Experience 2 to 5+ years of hands-on penetration testing experience across network, web, wireless, and cloud environments. Expert with core tools: Burp Suite, Metasploit, Cobalt Strike, Nmap , and custom scripting. Deep understanding of vulnerabilities (OWASP Top 10, MITRE ATT&CK) and exploitation methods. Experience delivering reports aligned to PTES, OWASP, NIST, or OSSTMM standards. Exceptional communicator who More ❯
threat mitigation, and root cause analysis. Conduct internal security reviews, network scans, and targeted penetration tests of applications and infrastructure using common security tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. More ❯
Newcastle Upon Tyne, Tyne and Wear, North East, United Kingdom Hybrid / WFH Options
GoDefend Limited
Minimum 3 years of hands-on penetration testing experience. Skilled in testing: Web apps, Mobile apps, Cloud (AWS, Azure, GCP), and On-prem infrastructure. Familiar with Burp Suite, Metasploit, Nmap, Wireshark, and other industry tools. Scripting ability in Python, Bash or similar. Comfortable with Linux, networking principles, and cloud environments. Soft Skills & Consulting Ability: Excellent verbal and written communication skills. More ❯
Stratford-upon-avon, Warwickshire, United Kingdom Hybrid / WFH Options
Ccl Solutions Group
hands-on penetration testing experience in enterprise environments. Deep understanding of infrastructure testing, Active Directory security, and cloud technologies (AWS, Azure, Kubernetes). Strong familiarity with tools such as Nmap, Burp Suite, Metasploit, Impacket, and SMBClient. Able to articulate technical findings to both technical and non-technical audiences in written and verbal formats. How to be successful in this role More ❯
SR2 | Socially Responsible Recruitment | Certified B CorporationTM
across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10, CVSS, and secure coding principles Experience with tools such as Burp Suite, Nmap, Metasploit, Kali, and custom scripts Familiarity with MITRE ATT&CK, red teaming methodologies, and reporting best practices Highly Desirable: CHECK, CREST, OSCP, or CRTO certifications Experience working in or alongside More ❯
across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting best practices Highly Desirable: CHECK, Crest, OSCP, or CRTO certifications Experience working in or alongside More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
SR2
across web apps, APIs, infrastructure, and cloud environments (AWS, Azure, GCP) Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting best practices Highly Desirable: CHECK, CREST, OSCP, or CRTO certifications Experience working in or alongside More ❯
Go and Node.js application security. Experience with TEE technologies or confidential computing. Knowledge of OWASP Top 10, CVEs, and secure coding practices. Proficiency with tools like Burp Suite, Metasploit, Nmap, Wireshark, etc. Certifications such as OSCP, CEH, or GIAC are a plus. Nice to Have: Experience with Kubernetes and container security. Familiarity with CI/CD security integration. Familiarity with More ❯
City Of London, England, United Kingdom Hybrid / WFH Options
Hamilton Barnes 🌳
and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS, Azure, GCP). Understanding of mobile security (Android & iOS), networking protocols, and the OSI model. Excellent verbal and written communication More ❯
experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD More ❯
City of London, London, Grange, United Kingdom Hybrid / WFH Options
Applause IT Recruitment Ltd
experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable Extras: Experience with CI/CD More ❯
security defences. Technologies and Soft Skills required: Advanced technical knowledge of penetration testing techniques, security assessments, and vulnerability exploitation. Expertise in security testing tools (such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.), as well as manual testing methods. Strong understanding of common application security vulnerabilities (such as SQL injection, XSS, CSRF, insecure deserialization, etc.) and OWASP Top 10. Proficiency More ❯
Central London, London, England, United Kingdom Hybrid / WFH Options
Bupa UK
MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap, Claire, and OpenSCAP). Extensive experience with Red Teaming, Purple Teaming and Attack Automation. Familiarity with industry regulations and compliance standards related to cybersecurity, such as NIST CSF, SOC2, PCI More ❯
above Eligible to attain SC (Security Check) clearance Demonstrated track record of effective customer engagement on previous CHECK engagements Hands-on expertise with common testing tools (e.g. Burp Suite, Nmap, Metasploit, Cobalt Strike) Strong written and verbal communication skills What We Offer Flexible engagement options: Permanent or Contract Competitive day rate or salary package Hybrid working with occasional client site More ❯
of the external threat environment and attacker tactics, techniques, and procedures Your skills and experiences: Demonstrable experience in penetration testing Proficient in penetration testing tools such as Burp Suite, Nmap, Metasploit etc CREST Registered Penetration Tester (CRT) The ability to clearly communication both verbally and written Practical Penetration Certifications such as PNPT/eCPPT Offensive Security Certified Professional (OSCP) CHECK More ❯
or Nessus Palo Alto Firewalls, InTune, Entra ID, Active Directory Desirable: Imperva WAF, Menlo Security, Cisco Secure Access/Umbrella, KnowBe4, AppCheck Ivanti or Automox patching Kali Linux, Metasploit, NMAP, BurpSuite Candidate Profile Professional certifications such as CISM, MS SC100/200/900, OSCP are advantageous Background in financial services, SOC environments, or penetration testing preferred Strong interpersonal and More ❯
or Nessus Palo Alto Firewalls, InTune, Entra ID, Active Directory Desirable: Imperva WAF, Menlo Security, Cisco Secure Access/Umbrella, KnowBe4, AppCheck Ivanti or Automox patching Kali Linux, Metasploit, NMAP, BurpSuite Candidate Profile Professional certifications such as CISM, MS SC100/200/900, OSCP are advantageous Background in financial services, SOC environments, or penetration testing preferred Strong interpersonal and More ❯
or Nessus Palo Alto Firewalls, InTune, Entra ID, Active Directory Desirable: Imperva WAF, Menlo Security, Cisco Secure Access/Umbrella, KnowBe4, AppCheck Ivanti or Automox patching Kali Linux, Metasploit, NMAP, BurpSuite Candidate Profile Professional certifications such as CISM, MS SC100/200/900, OSCP are advantageous Background in financial services, SOC environments, or penetration testing preferred Strong interpersonal and More ❯
Web Security Gateway Menlo CASB Cisco Secure Access Cisco Umbrella Cisco ASA KnowBe4 Digicert Certificates and Microsoft Certificate Services Ivanti or Automox patching AppCheck or Tenable WAS Kali Linux (NMAP, Metasploit, BurpSuite, John etc) Desired Education: CISM, MS SC100, 200 and 900, OSCP or other penetration testing qualifications. Industry: Financial services, SOC, Pentesting is desirable Personal Skills:Excellent inter-personal More ❯
