13 of 13 Penetration Testing Jobs in Gloucestershire

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc DESIRABLE SKILLS More ❯

ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST … . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as More ❯

ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST … . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as More ❯

is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access Report on and assist with all security events and incidents. Oversee Security testing, including penetration testing and vulnerability scanning Ensure products compliance with security standards and regulations Ensure NAVBLUE Security strategy deployment within technical operations Ensure effective synchronization and alignment … Excellent management, analytical and problem-resolution skills Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical More ❯

Role: Penetration Tester Type: Permanent Location: Cheltenham/Remote Clearance: SC/DV Are you an offensive security specialist who is excited about delivering the best service possible? Keen to work in a business where you stand to work alongside some very talented testers? CND are working with a boutique Cyber Security consultancy who are focused on the Penetration Testing market. What makes them stand out? They are not interested in flashy marketing and would never be caught trying to pass off a Nessus scan as a Penetration Test. The business has been built on delivering excellent testing and reports as well as ensuring that clients see the real benefits of their testing outputs. … The company have an office in Cheltenham however you are welcome to work where is best for you. Key Responsibilities: • Work to deliver CHECK penetration testing services • Lean into non-CHECK work where necessary • Work with the sales team to flesh out technical input as needed • Deliver quality reports to customers, • Stay up to date with industry trends More ❯

Key responsibilities include: Designing security architectures, solutions, and controls to safeguard client assets and data. Developing incident response plans and assisting customers in their implementation. Performing security assessments , including penetration testing, to identify vulnerabilities and proposing mitigation strategies. Recommending and implementing security tools such as firewalls, IDS, endpoint protection, and DDoS mitigation solutions. Building strong client relationships through More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯

to work in a business where you stand to work alongside some very talented testers? CND are working with a boutique Cyber Security consultancy who are focused on the Penetration Testing market. What makes them stand out? They are not interested in flashy marketing and would never be caught trying to pass off a Nessus scan as a … Penetration Test. The business has been built on delivering excellent testing and reports as well as ensuring that clients see the real benefits of their testing outputs. The company have an office in Cheltenham however you are welcome to work where is best for you. Key Responsibilities Lean into non-CHECK work where necessary. Work with the … team to flesh out technical input as needed. Deliver quality reports to customers. Stay up to date with industry trends and new attack methods. Take a broad approach to testing, working on INF, APP, Mobile, AD, or Cloud tests. Currently holds a CHECK equivalency certification. Eligibility to hold or currently hold clearance. Experience working with Linux and Windows OS. More ❯

to: Rapidly summarise and assess new domains Provide domain knowledge for technical analysis, experimental development and subsequent engineering Researchers undertaking vulnerability & technical research are expected to: Know which pen-testing and reverse engineering tools and methodologies are appropriate to a given problem Have experience of advanced vulnerability assessment techniques such as fuzzing and code injection Researchers undertaking experimental development More ❯

to protect their digital assets effectively. Main Purpose of Role: This role is key to supporting the Company with consistently high standards in the delivery of the range of penetration testing that we offer clients, including scoping, testing, and reporting. Key Responsibilities: Deliver CHECK penetration testing engagements. Deliver non-CHECK penetration testing engagements. … well as wider cyber trends in the industry. Maintaining SC/DV Clearance. Assist in the creation of training material and methodologies for consumption by the wider team. Providing penetration testing of all kinds - INF, APP, Mobile, Cloud, AD etc. Giving guidance to new and developing team members with varying levels of skill and experience, ensuring that the More ❯