26 to 50 of 723 Penetration Testing Jobs in the UK

suspicious activity and respond to security incidents. Conduct regular network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of vulnerabilities and remediation efforts. Forensic Analysis: Perform More ❯

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

so that they are ready for the challenges of today and tomorrow. Essential Duties and Responsibilities: As a Lead InfoSec Consultant, you'll take the lead in executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in … teams to integrate security into the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee … regular penetration tests and vulnerability assessments on applications, networks, systems, and infrastructures. Identify, exploit, and document vulnerabilities, including demonstrating the business impact of potential exploits. Analyse and prioritise vulnerabilities based on risk and provide detailed technical reports with recommended remediation steps for developers and system administrators. Keep up to date with the latest security vulnerabilities, exploits, and attack methodologies More ❯

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

systems and data. How will you make an impact? Security Tooling: Deploy, maintain, integrate, and perform initial configuration of security tools. Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively. Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop … cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you also have: Relevant certifications such More ❯

Assist with the collection, collation and presentation of assurance that the Banks security controls are operating as intended and within the Banks risk tolerance (including organising vulnerability management and penetration testing exercises) Lead the Bank's collection, interpretation and dissemination of the current Cyber threat landscape and help with the identification of innovative controls and mitigations to match … servers and cloud services. Understanding of Patching and Vulnerability management Experience Working with security technologies such as Firewalls, Proxies, IDS and AV Planning and scoping security vulnerability assessments and penetration tests Practical experience of developing and implementing policies, processes and procedures as part of an information security programme, including training and awareness to employees at all levels. Experience of More ❯

utilizing cloud technologies to support our audit colleagues effectively. As a key team member, you will work with Product Owners, Solution and Cloud Architects, Experience Designers, Business Analysts, and Testing specialists to develop and manage a portfolio of innovative products. Our products have rapidly expanded in size and scale, providing significant growth opportunities in our technology capabilities. Now is … security processes per KPMG's trust and verify framework. Support the design and management of security processes and automated tools. Conduct threat modeling and security-focused code reviews. Support penetration testing and vulnerability remediation. Manage logging and SIEM integration for SOC monitoring. Lead incident response and risk management efforts. Promote cloud security principles within the engineering team. Coordinate More ❯

collaborative. The Role As a Senior Cyber Security Engineer w ith XPS you will: Using expert security knowledge, provide technical security guidance for securing IT assets, change control, security testing, secure systems design and making recommendations to implement effective security controls. Take ownership of day-to-day running of technical vulnerability management programme. Use expert security knowledge with a … particular focus in application security testing, web application firewalls, vulnerability management and securing development pipelines to make improvements. Provide security direction and leadership as required with ability to mentor other security team members. Carry out cyber security engineering tasks using best-practice service management (ITIL), to agreed SLAs/KPIs, whilst promoting and adhering to XPS workplace values. Develop … AV, email and web security gateways, firewalls, load-balancers, ACLs, TCP/IP, routing and switching. Knowledge of current and future security initiatives e.g. OWASP standards, SASE intelligence led penetration testing, zero-trust, threat centric security, risk-based vulnerability management. Come from an infrastructure/networks background to fully support XPS changes and security initiatives. Has, or is More ❯

as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principles, best practices, OWASP/related standards. Some knowledge/experience in scoping/undertaking internal pen testing and creation of external penetration testing scopes. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network protocols & practices, firewalls, intrusion detection/ More ❯

complex malware and intrusion issues * Evaluate/Implement new cyber security tools as well as policies to enhance Draper's security posture * Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. * Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat More ❯

and procedures to ensure compliance with regulatory requirements. Collaborate with clients to understand their security needs and provide tailored solutions. Lead security assurance activities, including risk assessments, vulnerability assessments, penetration testing, and threat modelling techniques such as MITRE ATT&CK, STRIDE, DREAD, and PASTA. Provide expert guidance on security controls and measures to protect cloud infrastructure and data. More ❯

expert advice and guidance on security best practices for AI development and deployment. Stay up to date on the latest AI security threats and vulnerabilities. Conduct security audits and penetration testing of AI systems. Collaborate with data scientists, AI engineers, and other stakeholders to ensure security is integrated throughout the AI lifecycle. Communicate security risks and recommendations effectively More ❯

Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch. System administration on Unix, Linux, or Windows Network forensics, logging, and event management Defensive network infrastructure (operations or engineering) Vulnerability assessment and penetration testing concepts Malware analysis concepts, techniques, and reverse engineering In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve More ❯

as well as the Fnality Payment System. As the SME, this person will be tasked with ensuring the security of the Fnality group, leading cyber related projects, managing pen testing engagements, training junior members of the team and ensuring the day-to-day security requirements of the business. Role & Responsibilities Develop and deliver security requirements for Fnality's Platform … Experience managing best practice standards, such as ISO27001 and NIST Experience maintaining vulnerability detection tooling, email security gateways, EDR solutions and SIEM technology Experience in red teaming/pen testing advantageous Experience in securing the development of DevOps pipelines Experience with containerisation and orchestration technologies (Docker, Kubernetes, Helm) Knowledge of scripting languages to support automation Strong understanding of network More ❯

Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc DESIRABLE SKILLS More ❯

Collaborate with teams to resolve performance issues and ensure business continuity. Monitor and maintain security infrastructure, including firewalls, VPNs, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and penetration testing. Apply patches and updates to mitigate security threats. Lead response efforts in cyber-attacks or security breaches, including containment and remediation. Perform root cause analysis and recommend mitigation More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including … skills, and the ability to provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current … maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. Communicate complex security concepts and More ❯

continuous ecosystem for managing vulnerabilities and offensive security to limit Bupa’s exposure from both strategic and tactical threats. End to end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming. Provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and … remediate vulnerabilities and threat exposures Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and penetration testing requirements. Act as Bupa’s subject matter expert on vulnerability impact and risk, providing guidance on root cause and managing the full lifecycle of reported vulnerabilities through to closure. Collaborate with their counterparts in other … bring Solid experience in cybersecurity, with extensive experience in threat management, vulnerability management, offensive security practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing More ❯

Work for an award-winning provider of Security Services, specialising in Cyber Security Services such as Vulnerability Management, Information Security, Penetration Testing, and Managed Security Services. We boast a fully managed Security Operations Centre (SOC) staffed by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise … maintain KQL scripts for querying and analysing data within Azure Sentinel. Collaborate with cross-functional teams to identify security vulnerabilities and develop appropriate solutions. Conduct regular security assessments and penetration testing to identify and mitigate potential risks. Stay updated on emerging cyber security threats and best practices, implementing necessary adjustments to security protocols. Provide guidance and support to More ❯

educating DevOps teams in security best practices Conduct/Lead threat modelling and security design activities alongside Dev/Engineering Teams Work with 3rd parties to support vulnerability and penetration testing Process reports from external penetration testing vendors and coordinate feedback with teams to ensure actions are followed to mitigate identified risks Skills: Software engineering background … Security Frameworks e.g. OWASP SAMM/DSOMM etc Hands-on knowledge of information security processes such as security design review, threat modelling, OWASP Top 10, risk analysis, and software testing techniques Strong understanding of application security awareness, including the security of web applications Experience with risk management activities - identifying, assessing and providing remediation options for application and technology risks More ❯

SC Clearance') This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential Skills/experience Required Experience penetration testing, ethical hacking, or completing vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube … Leader) - desirable Knowledge of UK public sector security and data protection standards (e.g., NCSC, Cyber Essentials Plus) - desirable Threat modelling and secure design practices - desirable Role/Responsibilities Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and … Cleared, Dv Clearance, Dv Check, Developed Vetted, Developed Vetting, Dv Strap, Active DV, Security, Cyber, Cybersecurity, Infosec, Cloud, AWS, Amazon Web Services, Azure, Python, Bash, Script, Scripting, Automate, Automation, Penetration, Pentest, Pentesting, Pen-Test, Pen-Testing, Hacking, Vulnerability, Threat, Engineer #vacancy #jobadvert #recruit #hiring #jobsearch #careers #talent #recruitment #job Circle Recruitment is acting as an Employment Agency in More ❯

security architecture and assurance to OFFICIAL and above classifications. Provide specialist advice and knowledge of Public Cloud (Azure, AWS, GCP) cloud-based security architectures. Define and lead external security testing (e.g ITHC) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service (SaaS) solutions. Formulate HMG Information Assurance Risk … across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required, SECRET desirable) or equivalent in other industries Designing & delivering secure systems & tooling: Working … and principles Working within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform) Managing technical assessments of security related technologies, vulnerability assessments and penetration tools and techniques Enabling & informing risk-based decisions: Working with higher impact or more complex risks, advising on the impact and whether this is within risk tolerance Understanding and More ❯

ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST … NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry More ❯

part of projects and initiatives. Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard. Organise penetration testing, managing the necessary remedial work and communicating go-live risks. Contribute to the development of the security architecture, the SDLC, and application security testing standards. Support … point of escalation in the event of Major Incidents, Disaster Recover or Business Continuity scenarios. Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC. Assist the CISO, as required, in the wider delivery of Cyber Security. Skills and Experience: Proven experience in a similar role within a mid More ❯