26 to 50 of 107 Penetration Testing Jobs in London

SECFORCE is an independent offensive cyber security consultancy specialised in Penetration Testing and Adversary Simulation. Founded in 2008 out of love and passion for the hacking craft, we have grown into a well-respected company based in London, Malta and Greece, with teams across Europe working for top-tier organisations all over the world. What started as a … to align on partner strategy Requirements 3+ years of experience in channel sales partner management Good understanding of the cyber threat landscape Understanding of the cyber services markets e.g. Penetration Testing, Red Team/Purple Team, Adversary Simulation) Excellent communication, negotiation, and interpersonal skills Self-starter with a results-oriented mindset and the ability to work independently Experience More ❯

retain, and develop talent and expertise, including application security specialists. Set and maintain the team's culture and tone. Business Continuity and Disaster Recovery : Contribute to the development and testing of business continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response : Establish and maintain processes for continuous security … and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware development culture with a strong application security focus. Third-Party Risk Management : Develop and implement a program for assessing and managing the information security risks, including application security risks, associated with third-party vendors and service providers. Security Awareness and Training : Develop and deliver More ❯

security architecture and assurance to OFFICIAL and above classifications. Provide specialist advice and knowledge of Public Cloud (Azure, AWS, GCP) cloud-based security architectures. Define and lead external security testing (e.g ITHC) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service (SaaS) solutions. Formulate HMG Information Assurance Risk … across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required, SECRET desirable) or equivalent in other industries Designing & delivering secure systems & tooling: Working … and principles Working within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform) Managing technical assessments of security related technologies, vulnerability assessments and penetration tools and techniques Enabling & informing risk-based decisions: Working with higher impact or more complex risks, advising on the impact and whether this is within risk tolerance Understanding and More ❯

levels Security Posture Management: Develop and maintain a comprehensive security posture management program to proactively identify and address vulnerabilities. Continuously assess the organization's security posture through vulnerability assessments, penetration testing, and threat modelling. Collaborate with cross-functional teams to implement security best practices and ensure compliance with industry standards and regulations. Cyber Exposure Risk Management: Identify, analyse More ❯

s ability to deliver on its vision and strategy. Main responsibilities: Proactively integrate security throughout the application development lifecycle, reacting to find and fix vulnerabilities. Conduct security assessments, support penetration testing, and address vulnerabilities. Transform technical requirements into an effective application development lifecycle within a DevSecOps toolchain. Ensure secure deployment strategies are scalable, repeatable, and highly available. Support … and solutions (Practitioner) Supporting and supporting security support methodologies (Expert) Process analysis and optimization (Practitioner) Risk-based decision making (Working) Modern development standards application (Practitioner) Software engineering: design, coding, testing (Practitioner) Prototyping and testing (Practitioner) Research and innovation in security (Working) Systems design and integration (Practitioner) Understanding security implications of transformation (Working) Experience: Integrating security practices into DevOps … including automated testing and vulnerability management. Experience with CI/CD, IaC, and security automation tools. Implementing Zero Trust models, identity verification, MFA, and adaptive access controls. Knowledge of standards and regulations like GDPR, ISO 27001, NIST, including conducting audits and risk assessments. Leading process optimization investigations. Essential: Analytical, problem-solving, and collaborative skills. Experience as a DevOps professional. More ❯

Assistant Vice President, Penetration Tester page is loaded Assistant Vice President, Penetration Tester Apply locations London time type Full time posted on Posted 2 Days Ago job requisition id -WD Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. … irrespective of the entity which employs you. Develop and maintain governance structure of red team operations and train, and mentor other members of the Red Team. Develop and execute penetration testing plans, including network, web application, and social engineering assessments. Collaborate with SOC team and selected vendor to plan and execute annual purple team testing Identify security … risks and vulnerabilities through simulated attacks, and helping the organization understand the potential impact. Manage Red Team tools and the Security Testing & Validation Platform Implement and maintain governance of any assessments finding remediation progress and create regular reporting for tech and executives Collaborating with other technology teams (i.e. infra, app and etc) to develop and improve defensive strategies and More ❯

and quality Excellent problem-solving techniques and trouble analysis skills Experience in design and publishing Security Standards & Policies Experienced in running global Bug Bounty/VDP programs Experiencedin Pen Testing, from scope, schedule, findings, remediation and risk registration The candidate should have a good knowledge of: Vulnerability Management concepts, controls, and best practices for all Operating systems & asset types More ❯

support the business and technology teams delivery of the security change programme. Provide support to the business and technology teams to understand and address vulnerabilities within SLA, identified through penetration testing, vulnerability scanning and red team exercises Foster relationships with internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic … to changes. Lead the information security updates at business and technology governance forums. The Requirements Technical skills: A comprehensive understanding of information security services (security operations and offensive security testing) Experience of strategic planning and oversight of cyber incident response and crisis management Strong understanding of cybersecurity standards and frameworks (e.g. ISO27001, NIST, CIS) and their application in strategic More ❯

or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security More ❯

and Mitigation : Collaborate with cross-functional teams to perform threat modelling, identify security risks, and implement effective countermeasures. Proactively assess the security posture of applications through code reviews, manual penetration testing, and static/dynamic security testing (SAST/DAST). Security Tooling and Automation : Implement and maintain security tools used in the development and deployment processes … from you if you have Application Security Expertise: Deep understanding of identifying, assessing, and mitigating security risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge … and Implementation experience: Direct experience with threat modelling, security reviews, and penetration testing. Proven ability to secure cloud-native architectures, containerization technologies, and Infrastructure as Code (IaC) environments. Familiarity with industry standards and frameworks such as OWASP, BSIMM, PCI DSS, ISO 27001, and GDPR. Security Integration experience: Demonstrated ability to seamlessly integrate secure development practices into SDLC/SSDLC More ❯

PCI, NIST CSF etc.) Experience working on implementation in a SOC environment. Experience working in Microsoft Defender, Microsoft Purview and Microsoft Sentinel is essential. Experience in or understanding of penetration testing and hacking techniques. Experience across applying NIST CSF, ITIL, ISO 27001, ISO and other best practice standards Desirable Experience/Skills: In-depth knowledge of architecture, engineering More ❯

or Practitioner AWS Certified Security Familiarity with TCP/IP, DNS, firewalls, VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with application security and OWASP Top Ten Scripting languages Experience with capture-the-flags Familiarity with audit principles and different information More ❯

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

engineering, and compliance, while leading the charge on modern, cloud-first security strategy. Responsibilties: Designing and implementing robust security policies, controls, and infrastructure protection strategies. Leading vulnerability management efforts, penetration testing, and remediation plans. Monitoring and investigating security events, managing incident response processes end-to-end. Ensuring compliance with security standards such as ISO 27001 and supporting audits More ❯

controls to secure systems, applications, network, or infrastructure services Hands-on experience with security tools and devices such as network firewalls, web proxy, intrusion prevention system, vulnerability scanner, and penetration testing tools. Demonstrated understanding of TCP/IP networking concepts and DNS. 3+ years of related Identity Management tools engineering experience, including installing, configuring and troubleshooting experience with More ❯

Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation. Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team. Secure Development Lifecycle: Help implement and improve security gates within the SDLC. Adapt & Collaborate: Be prepared to dive into any More ❯

ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track remediation and risk acceptance outcomes. Monitor, measure, and report on vulnerability management performance, including KPIs, SLAs, and risk metrics. Develop and document information security processes … Strong scripting skills using languages such as Python, Bash, PowerShell, or Go. Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack. Ability to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the More ❯

such as GCP Security Command Center, Cloud IAM, VPC Service Controls, Azure Security Center, Microsoft Defender for Cloud, and Azure Active Directory. Lead regular vulnerability assessments, security audits, and penetration testing activities across the cloud infrastructure and hosted applications. Monitor cloud platforms for security threats, suspicious activity, misconfigurations , and vulnerabilities using automated tools and custom detection methods. Act More ❯

solutions Ensure security policies and standards are applied through a hands-on, consultative approach Translate technical risk into business-friendly language for a range of audiences Scope and support penetration testing and vulnerability assessments, ensuring timely remediation Conduct impact assessments in line with Smart Energy Code, GDPR, and internal policy Deliver artefacts such as Supplier Security Assessments, Software More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Experience: CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID/Azure AD/ More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID/ More ❯

/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 IVM/IDR, Palo Alto Firewalls, InTune, and Entra ID/ More ❯

maintain security tools such as Cloud IAM, Security Command Center, VPC Service Controls, Azure Security Center, Azure AD, and Microsoft Defender for Cloud. Conduct security assessments, vulnerability scans, and penetration testing. Monitor cloud environments for threats and lead incident response efforts. Integrate security into the CI/CD pipeline and ensure secure configurations. Develop and enforce cloud security policies More ❯

maintain security tools such as Cloud IAM, Security Command Center, VPC Service Controls, Azure Security Center, Azure AD, and Microsoft Defender for Cloud. Conduct security assessments, vulnerability scans, and penetration testing. Monitor cloud environments for threats and lead incident response efforts. Integrate security into the CI/CD pipeline and ensure secure configurations. Develop and enforce cloud security policies More ❯

measures in line with best practices to ensure that the client is protected against the latest cyber security threats • Work with third parties and internal teams to schedule proactive penetration tests, ensuring that vulnerabilities are resolved or mitigated • Support the delivery of security training to all end users • Regular monitoring of potential security risks externally and internally, provide clear … to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation • Experience in testing and reviewing new security solutions • A strong commitment More ❯