101 to 125 of 716 Penetration Testing Jobs in the UK

an initial 5-month contract. The successful candidate will support a Public Sector client of ours within their Application Security Team and will be responsible for the following: * Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. * Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and … assurance across the SDLC in line with set guidelines. * SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. * Penetration testing, ethical hacking, or vulnerability assessments. * Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). * DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub More ❯

In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include representing our global penetration testing team, overseeing the assessment of cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits. Key Responsibilities Cybersecurity Program … as NIST, ISO 27001, and other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Vulnerability Assessment and Penetration Testing Management Represent our vulnerability assessment and penetration testing team Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews. … ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. In-depth understanding of penetration testing and vulnerability assessments and their integration into broader cyber assurance projects. Education & Certifications: Bachelor's or master's degree in information security, Computer Science, Engineering, or a More ❯

client of theirs. You will be joining an AppSec team focused on building security automation into delivery pipelines and conducting security focused tests against digital services. Key Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and … expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub More ❯

threats and implementing appropriate security controls to mitigate risks. Code Review: Review application code to identify security flaws, coding errors, and vulnerabilities, providing guidance and recommendations for remediation. Security Testing: Plan and execute security testing activities, including SAST/DAST/IAST, penetration testing, fuzz testing, and vulnerability scanning to evaluate the effectiveness of security … Application Security. Experience with secure software development methodologies, such as Secure SDLC and DevSecOps. Understanding of IDEs, Code repositories & CI/CD Solutions. Proven experience in application security assessment, penetration testing, and vulnerability management. Strong understanding of web application security concepts, including secure coding practices, authentication mechanisms, and common vulnerabilities. Proficiency in security testing tools and techniques More ❯

a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage … security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization … can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you’ll Need to Succeed: 5+ years in the information security field 5+ More ❯

Security Engineer, you will implement and maintain robust security systems and protocols across the our IT infrastructure. You will conduct risk assessments and vulnerability scans, mitigate vulnerabilities identified in penetration testing, and implement preventative measures to protect against cyber threats. You will monitor the security infrastructure and detect and respond to potential threats. You will help mentor and … Manage MDM\MAM and Conditional Access Manage security certificates and keys. Manage IDS and IPS. Manage PAM systems Deliver Cyber Security Awareness Training Remediate vulnerabilities and weaknesses identified during penetration testing. Ad-hoc IT security projects The successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack CrowdStrike EDR Mimecast … Web Security Gateway KnowBe4 Digicert Certificates and Microsoft Certificate Services Ivanti or Automox patching AppCheck or Tenable WAS Desired Education: CISM, MS SC100, 200 and 900, OSCP or other penetration testing qualifications. Industry: Financial services, SOC, Pentesting is desirable Personal Skills: Excellent inter-personal, written and verbal communication skills The ability to handle multiple priorities, tasks and projects More ❯

incident analysis, investigation, and mitigation. Oversee and maintain security equipment including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), and antivirus systems. Perform periodic security drills and regular penetration testing to ensure the integrity of security systems. Harden security controls across Windows and Linux environments and ensure regular patching and firmware upgrades. Enhance data security through robust … encryption practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications: Minimum 3 years More ❯

incident analysis, investigation, and mitigation. Oversee and maintain security equipment including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), and antivirus systems. Perform periodic security drills and regular penetration testing to ensure the integrity of security systems. Harden security controls across Windows and Linux environments and ensure regular patching and firmware upgrades. Enhance data security through robust … encryption practices during usage, storage, transfer, and disposal. Conduct security evaluations on network and firewall policies and manage application security in both development and testing phases (SAST, DAST). Liaise with internal audit teams and international cybersecurity operations centres to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications: Minimum 3 years More ❯

value. Assist in managing security incidents, vulnerabilities, and malfunctions, ensuring efficient resolution. Conduct forensically sound acquisitions of computer systems and media for evidence collection. Provide advice and guidance in penetration testing and improving service offerings. Carry out reviews, internal audits, and spot-checks to ensure effective operation of security measures. Provide expertise in the design and implementation of … science. This will require occasional periods of intense concentration to ensure any evidence collected can be used in a court of law. 16. Provide appropriate advice and guidance in penetration testing and improving the service offering. 17. Carry out reviews, internal audits and spot-checks to ensure the effective operation of (but not limited to): IDS/IPS More ❯

is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access Report on and assist with all security events and incidents. Oversee Security testing, including penetration testing and vulnerability scanning Ensure products compliance with security standards and regulations Ensure NAVBLUE Security strategy deployment within technical operations Ensure effective synchronization and alignment … Excellent management, analytical and problem-resolution skills Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical More ❯

is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access Report on and assist with all security events and incidents. Oversee Security testing, including penetration testing and vulnerability scanning Ensure products compliance with security standards and regulations Ensure NAVBLUE Security strategy deployment within technical operations Ensure effective synchronization and alignment … Excellent management, analytical and problem-resolution skills Working knowledge of the SDLC and AWS network architecture Knowledge of the SAFe Agile method would be an asset Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP) Knowledge of STRIDE, DICE and other threat and risk frameworks Knowledge of AWS tools Proven experience managing multiple projects simultaneously Practical More ❯

implementation Information Security Maturity Audits/CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be … limited oversight. There is a base requirement to demonstrate understanding of and find ways to integrate activity with BlueVoyant colleagues across the globe, specifically Digital Forensics, Incident Response and Penetration Testing specialists as well as wider BlueVoyant service offerings when appropriate, to produce threat-aware products, services and outputs that are impactful, efficient, cohesive, and are enhanced with More ❯

ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate with IT, DevOps, and engineering teams to remediate identified vulnerabilities quickly and effectively. Scope and coordinate penetration testing activities; track remediation and risk acceptance outcomes. Monitor, measure, and report on vulnerability management performance, including KPIs, SLAs, and risk metrics. Develop and document information security processes … Strong scripting skills using languages such as Python, Bash, PowerShell, or Go. Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack. Ability to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the More ❯

expert advice and guidance on security best practices for AI development and deployment. Stay up to date on the latest AI security threats and vulnerabilities. Conduct security audits and penetration testing of AI systems. Collaboration: Collaborate with data scientists, AI engineers, and other stakeholders to ensure security is integrated throughout the AI lifecycle. Communicate security risks and recommendations More ❯

intelligence, detection/prevention tools across a multi-cloud environment. Provide expert security design and engineering guidance on complex cloud security challenges and risks. Defining the annual and quarterly penetration testing of company infrastructure and in-house developed applications, and re-test vulnerabilities where possible. Work with engineering/development/product teams to help architect and implement More ❯

Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation. Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team. Secure Development Lifecycle: Help implement and improve security gates within the SDLC. Adapt & Collaborate: Be prepared to dive into any More ❯

rolling up their sleeves to get things done. Responsibilities Advise and support project teams to embed security best practices throughout the project lifecycle. Scope, manage, and track remediation of penetration testing and vulnerability assessments. Maintain application security processes, standards and guidelines. Translate application security policies into security requirements. Conduct and document security risk assessments on changes, threats, vulnerabilities More ❯

review skills – essential Ability to identify vulnerabilities using CWE or OWASP Knowledge of operating systems and their hardening techniques Understanding of development concepts such as CICD, Pipelines, and SDLC Penetration testing knowledge is also super useful Familiarity with Cloud Development Kit (CDK) and GitOps Experience operating in a DevOps/agile team environment Understanding of docker, Kubernetes, serverless More ❯

to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information More ❯

or Practitioner AWS Certified Security Familiarity with TCP/IP, DNS, firewalls, VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with application security and OWASP Top Ten Scripting languages Experience with capture-the-flags Familiarity with audit principles and different information More ❯

responses, escalation as required. Supervise the development of and relationship with the (planned) Security Operations Centre Help to ensure that risk is measured and understood effectively by operational teams. Penetration testing and vulnerability assessments Assist with prioritisation of security controls and remediation. Architecture Review and recommend tools and processes for managing information security around new and existing systems. More ❯

of the Cloud Platform, DevSecOps, Endpoints, Virtual Networks, and the Fnality Payment System. As the SME, this person will ensure security across the group, lead cyber projects, manage pen testing engagements, train junior team members, and handle daily security requirements. Role & Responsibilities Develop and implement security requirements for Fnality's platform, DevOps, security, and infrastructure. Support and secure Fnality … of secure, large-scale cloud projects. Knowledge of standards like ISO27001 and NIST. Experience with vulnerability detection tools, email security gateways, EDR solutions, and SIEM. Red teaming or pen testing experience is advantageous. Securing DevOps pipelines. Proficiency with containerization (Docker, Kubernetes, Helm). Scripting skills for automation. Strong understanding of network and security concepts. Experience with M365 and Azure More ❯

vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and GDPR. Ability to support internal/external audits More ❯

In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include representing our global penetration testing team, overseeing the assessment of cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits. Key Responsibilities Cybersecurity Program … as NIST, ISO 27001, and other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Vulnerability Assessment and Penetration Testing Management Represent our vulnerability assessment and penetration testing team Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews. … ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. In-depth understanding of penetration testing and vulnerability assessments and their integration into broader cyber assurance projects. Education & Certifications: Bachelor’s or master’s degree in information security, Computer Science, Engineering, or a More ❯

and risks. Perform threat modeling exercises with development teams to identify threats and implement controls. Review application code for security flaws and provide remediation guidance. Plan and execute security testing activities, including SAST/DAST/IAST, penetration testing, and vulnerability scanning. Ensure applications comply with security standards such as OWASP Top 10, OWASP ASVS, MAVS, PCI … application security. Experience with secure software development methodologies, such as Secure SDLC and DevSecOps. Understanding of IDEs, code repositories, and CI/CD solutions. Proven experience in security assessment, penetration testing, and vulnerability management. Strong knowledge of web application security concepts, including secure coding practices and common vulnerabilities. Proficiency with security testing tools like Burp Suite, SonarQube More ❯