2 of 2 Remote Penetration Testing Jobs in the North East

value. Assist in managing security incidents, vulnerabilities, and malfunctions, ensuring efficient resolution. Conduct forensically sound acquisitions of computer systems and media for evidence collection. Provide advice and guidance in penetration testing and improving service offerings. Carry out reviews, internal audits, and spot-checks to ensure effective operation of security measures. Provide expertise in the design and implementation of … science. This will require occasional periods of intense concentration to ensure any evidence collected can be used in a court of law. 16. Provide appropriate advice and guidance in penetration testing and improving the service offering. 17. Carry out reviews, internal audits and spot-checks to ensure the effective operation of (but not limited to): IDS/IPS More ❯

You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯