76 to 100 of 339 Penetration Testing Jobs in the UK

Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and compliance . Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep … cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to More ❯

and cyber security best practices within a defence environment. RESPONSIBILITIES Provide technical cyber security consultancy to public and private sector clients. Perform security assessments, penetration testing, and vulnerability management to protect critical systems. Design, implement, and maintain security architectures and frameworks aligned with government standards. Lead and support … with the Ministry of Defence. Strong technical expertise in areas such as network security, endpoint security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyber threat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and More ❯

with industry accreditations (e.g., ISO 27001, NIST, GDPR), working closely with external auditors and regulatory bodies. Conduct regular risk assessments and vulnerability management, and penetration testing to identify and mitigate security risks. Oversee security awareness training programs, ensuring a strong security culture is implemented and embedded throughout the … IAM solutions. Working knowledge of security frameworks: ISO 27001, NIST, CIS, SOC 2, GDPR, GXP, etc. Experience in cloud security Proficient in threat modeling, penetration testing, vulnerability management, and security incident response. Demonstrated ability to build security teams and drive cybersecurity initiatives from scratch. Experience in supporting organisations More ❯

you make an impact? Security Tooling: Deploy, maintain, integrate, and perform initial configuration of security tools. Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively. Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate … security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you More ❯

architectures. Engagement: Foster a culture of security by engaging meaningfully with engineering and security teams. Continuous Monitoring: Identify threats and vulnerabilities through ongoing monitoring, penetration testing, and vulnerability assessments, audits, and compliance checks. Security Awareness & Best Practices : Provide technical guidance and training to stakeholders, promoting security best practices … AWS tooling (e.g., GuardDuty). Broad exposure to security tooling and operations, including experience with Splunk, Rapid7, Proofpoint, and Akamai, as well as supporting penetration testing, monitoring, and response. Collaborative and proactive approach, with a clear enthusiasm for learning, mentoring, and staying current through communities and podcasts like More ❯

embed security into systems and applications. Technical Expertise: Provide guidance on secure architecture, secrets management, and best practices. Threat Management: Lead all aspects of penetration testing, bug bounty programs, and vulnerability reporting to mitigate risks and align with regulations. Vendor Relationships: Manage partnerships with security vendors, ensuring value … governance. Deep knowledge of modern DevSecOps practices. Experience in leading vulnerability management programs, including expertise in utilising tools and processes for vulnerability scanning, conducting penetration testing, and delivering actionable reporting to support an effective and comprehensive vulnerability management strategy. Excellent communication and stakeholder management skills, with the ability More ❯

system designs and technology choices from the outset. Perform threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure. Oversee and enhance vulnerability management processes, focusing on strategic remediation, root cause analysis … frameworks and standards (e.g., NIST CSF, CIS Benchmarks, OWASP ASVS). Exposure and knowledge of the MITRE ATT&CK framework. Experience effectively coordinating external penetration testing engagements and managing remediation efforts. Nice to have Relevant advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP, OSCP/OSWE More ❯

and design for new and existing applications. Stay up to date with the latest security threats and technologies to proactively improve security measures. Conduct penetration testing and code reviews to identify and mitigate risks. Contribute to the development of security policies, procedures, and best practices. Requirements: Proven experience … in application security, penetration testing, and secure software development practices. Strong understanding of security vulnerabilities (OWASP Top 10, etc.) and secure coding techniques. Experience with security tools (e.g., static/dynamic analysis tools, vulnerability scanners). Familiarity with common web technologies (e.g., Java, Python, JavaScript, SQL). Knowledge More ❯

Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. … If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do • Conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. • Issue detailed reports outlining findings, risks, and recommendations for remediation. • Translate complex … re Looking For • Certifications: Relevant certifications such as CREST CRT, CREST CCT, OSCP, OSWE, OSCE, or equivalent level. • Experience: At least two years in penetration testing, covering network, web, and internal tests and customer engagements. • Tools: Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. • Communication More ❯

Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. … If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do • Conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. • Issue detailed reports outlining findings, risks, and recommendations for remediation. • Translate complex … re Looking For • Certifications: Relevant certifications such as CREST CRT, CREST CCT, OSCP, OSWE, OSCE, or equivalent level. • Experience: At least two years in penetration testing, covering network, web, and internal tests and customer engagements. • Tools: Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. • Communication More ❯

Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. … If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do • Conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. • Issue detailed reports outlining findings, risks, and recommendations for remediation. • Translate complex … re Looking For • Certifications: Relevant certifications such as CREST CRT, CREST CCT, OSCP, OSWE, OSCE, or equivalent level. • Experience: At least two years in penetration testing, covering network, web, and internal tests and customer engagements. • Tools: Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. • Communication More ❯

security standards for cross-cloud deployments, and a deep understanding of cloud security, particularly within AWS platforms. You will conduct independent security reviews, oversee penetration tests as necessary, and provide guidance to stakeholders on remediation strategies and best practices for integrating security into their application platforms. Your role will … SaaS implementations, data management systems, and reporting frameworks being used internally by Amazon Ads teams or externally by Amazon Ads customers. Coordinate and oversee penetration testing activities for platforms and tools. Identify security risks, report findings, and recommend solutions for complex security issues by leveraging existing set of … with AWS products and services - Experience with service-oriented architecture and web services security - Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits - Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols More ❯

Security Engineer – IAM | DORA | Pen Testing | Payments – Banking London/Glasgow | £750/day (Inside IR35) | Financial Services We're seeking a seasoned Security Engineer with a proven track record in banking environments to join a high-impact team driving resilience and security across mission-critical systems. You’ll … bring deep expertise across Identity & Access Management (IAM) , penetration testing , and 3rd party risk , with strong familiarity with DORA compliance and payments/settlement systems . What You’ll Do: Lead and execute advanced penetration testing and vulnerability assessments Own IAM strategy and operations , ensuring airtight … in fast-paced, regulated environments with a laser focus on resilience What You’ll Bring: Hands-on banking experience – essential Expertise in IAM, pen testing, third-party risk , and regulatory frameworks (DORA) In-depth knowledge of financial systems, especially payments & settlement platforms Strong communicator, highly analytical, and security-obsessed More ❯

Security Engineer – IAM | DORA | Pen Testing | Payments – Banking London/Glasgow | £750/day (Inside IR35) | Financial Services We're seeking a seasoned Security Engineer with a proven track record in banking environments to join a high-impact team driving resilience and security across mission-critical systems. You’ll … bring deep expertise across Identity & Access Management (IAM) , penetration testing , and 3rd party risk , with strong familiarity with DORA compliance and payments/settlement systems . What You’ll Do: Lead and execute advanced penetration testing and vulnerability assessments Own IAM strategy and operations , ensuring airtight … in fast-paced, regulated environments with a laser focus on resilience What You’ll Bring: Hands-on banking experience – essential Expertise in IAM, pen testing, third-party risk , and regulatory frameworks (DORA) In-depth knowledge of financial systems, especially payments & settlement platforms Strong communicator, highly analytical, and security-obsessed More ❯

server operating systems, used by billions of customers every day in businesses and across Windows. This team performs security design reviews, code reviews, and penetration testing on key features of Windows to make sure they meet the highest possible security standards. In this role, you will help engineering … teams secure the operating systems built at Microsoft. The ideal candidate will have hands-on experience with native code (C/C++), penetration testing (code audit, writing fuzzers, finding creative ways to break assumptions), a clear understanding of OS security fundamentals, solid computer science skills, and a passion More ❯

to be successful: At least 2 years' industry experience in offensive security including knowledge and experience in some or all of the following: Network penetration testing and a thorough understanding of network protocols Web application penetration testing and a thorough understanding of application layer vulnerabilities Developing More ❯

to be successful: At least 2 years' industry experience in offensive security including knowledge and experience in some or all of the following: Network penetration testing and a thorough understanding of network protocols Web application penetration testing and a thorough understanding of application layer vulnerabilities Developing More ❯

and rules that protect our clients. You will be part of a hands-on, high-level team of experts in areas like malware analysis, penetration testing, exploit research, and reverse engineering. You’ll learn from senior researchers, contribute to global security projects, and have real impact on both … delivery About Security Joes: Security Joes is a global leader in Managed Detection & Response (MDR), offering elite incident response services, red team operations, forensics, penetration testing simulations, and custom security projects. We operate globally and remotely, with a multicultural team of cybersecurity experts working together across time zones. More ❯

email campaigns, LinkedIn outreach, and industry events. Client Qualification – Assess the security needs and challenges of potential clients to determine how the company’s penetration testing, red teaming, and cyber maturity assessments can add value. Sales Outreach – Initiate contact with prospects, educate them on cyber security services, and … position services effectively. Qualifications & Experience 2+ years of experience in business development, sales, or lead generation within the cyber security sector. Strong understanding of penetration testing, red teaming, incident response, and cyber maturity assessments. Excellent communication skills, with the ability to simplify complex technical concepts and convey their More ❯

integration with the departments audit service and implement security controls as agreed with Security Architects Create accessible interfaces that meet WCAG 2.2 standards Support penetration testing, performance testing, and accessibility testing activities Collaborate across multidisciplinary teams in an agile environment Mentor junior developers and provide technical … Experience implementing accessibility standards (WCAG 2.2) Knowledge of AWS services and cloud-based application development Understanding of API design and development Experience with automated testing and CI/CD pipelines Familiarity with Git and collaborative development workflows Desired Experience: Previous experience with geospatial data visualisation applications Experience developing data More ❯

Outstanding opportunities have arisen for Penetration Testers to join our ever-growing team. We are seeking individuals who are looking to build knowledge and enhance their skill sets. We are seeking passionate security professionals who are eager to hone your skills and contribute to a world-class security practice. … About You: CREST Registered Tester, or equivalent Cyber Scheme or OSCP qualification Minimum two years' penetration testing experience in infrastructure and application disciplines, ideally with exposure to client site testing such as internal pen tests and IT health checks SC clearance and experience of formal NCSC CHECK … testing for central government clients an advantage but not essential Excellent written and verbal communication skills Highly organised with strong attention to detail Flexibility and resilience to meet the demands of the role Ability to demonstrate exceptional customer service A team player, able to work alongside colleagues and clients More ❯

to make significant contributions to the success of the company and drive the quality of our products forward. 4+ years' experience in a software testing role Degree in Computer Science, Engineering or an IT related field (or equivalent third level qualification) Proven End to End Automation testing experience … running tests in CI/CD Experience in running tests in parallel Experience in setting up dashboards for reporting Experience in monitoring team on testing best practices Experience in API Testing tools like SoapUI/ReadyAPI, Postman Strong knowledge of software QA methodologies, tools, and processes Experience in … and optimize current processes Can recognize and flag issues outside area of own expertise or responsibility to manager ISEB/ISTQB Foundation in Software Testing Experience working in an Agile/Scrum development process Experience of JIRA Experience of IT Security/Penetration testing and tools Experience More ❯

OFFICIAL and above classifications. Provide specialist advice and knowledge of Public Cloud (Azure, AWS, GCP) cloud-based security architectures. Define and lead external security testing (e.g ITHC) of solutions on the public cloud (Azure, AWS, GCP), cloud native platforms (Docker, Kubernetes, etc.), and Software as a Service (SaaS) solutions. … Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required, SECRET desirable) or equivalent in other industries Designing … utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform) Managing technical assessments of security related technologies, vulnerability assessments and penetration tools and techniques Enabling & informing risk-based decisions: Working with higher impact or more complex risks, advising on the impact and whether this is More ❯

Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement. As an Assessments & Exercises Vice President in Penetration Test, you will play a significant role in enhancing our firm's cybersecurity and resiliency posture. You will use industry-standard assessment methodologies and techniques to … proactively identify risks and vulnerabilities in our people, processes, and technology. As a key member of our team, you will perform hands-on penetration testing of some of our most critical applications, platforms, and the perimeter. You will collaborate with application developers to understand and mitigate vulnerabilities, and … looking for team members who are eager to learn, drive to excel, and have excellent technical knowledge of security concepts and proven expertise in penetration testing. Job responsibilities Design and execute testing and simulations - such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and More ❯

UK for 5 years or more). Vulnerability Management Carry out internal vulnerability assessments in line with industry best practice. Manage our 3rd party penetration testing (Continuous Security Testing) service, review of reports and ensure technical teams resolve defects in a timely manner. Ensuring our automated scanning More ❯