51 to 75 of 117 Security Testing Jobs in the UK

Security Development & Test Director Location: London (remote-first, travel to client site a few times a month) Salary: Up to £135,000 (depending on experience) + 20% Bonus + Car Allowance A leading security function is seeking a Security Development and Test Director to drive the strategy and execution of secure software development, DevSecOps integration, and security testing across a portfolio of high-impact programmes. This is a key leadership role for a technically credible professional who can influence architecture, shape delivery, and build security into every phase of the development lifecycle. You will work closely with engineering, architecture, and client-facing teams to embed secure-by-design principles, lead tooling and automation strategy … and ensure consistent delivery of secure, compliant, and high-quality software systems. Key Responsibilities Strategic & Technical Leadership Lead secure development and testing strategy across complex environments. Integrate security into CI/CD pipelines through SAST, DAST, SCA, container scanning, and automated policy enforcement. Establish and govern secure architecture standards aligned to industry frameworks (e.g. NIST, OWASP, ISO More ❯

Security Development & Test Director Location: London (remote-first, travel to client site a few times a month) Salary: Up to £135,000 (depending on experience) + 20% Bonus + Car Allowance A leading security function is seeking a Security Development and Test Director to drive the strategy and execution of secure software development, DevSecOps integration, and security testing across a portfolio of high-impact programmes. This is a key leadership role for a technically credible professional who can influence architecture, shape delivery, and build security into every phase of the development lifecycle. You will work closely with engineering, architecture, and client-facing teams to embed secure-by-design principles, lead tooling and automation strategy … and ensure consistent delivery of secure, compliant, and high-quality software systems. Key Responsibilities Strategic & Technical Leadership Lead secure development and testing strategy across complex environments. Integrate security into CI/CD pipelines through SAST, DAST, SCA, container scanning, and automated policy enforcement. Establish and govern secure architecture standards aligned to industry frameworks (e.g. NIST, OWASP, ISO More ❯

Months Initially (Extensions Likely) £625.00 p/d Remote Based (Adhoc London - Travel Expensed) ASAP Start The Role: In this role you will work closely with the clients Cyber Security team. In this role, you will ensure the security of products being released into production environments—across containers, hosts, and APIs. You will play a part in identifying … remediating, and mitigating risks and vulnerabilities, integrating security into every stage of the development lifecycle. Responsbilities Work directly with Cyber Security and DevOps teams to embed security best practices into the CI/CD pipeline. Proactively identify, assess, and remediate vulnerabilities in applications and infrastructure (containers, hosts, APIs). Implement and manage static and dynamic application security testing (SAST/DAST) tools and workflows. Support secure cloud deployments within AWS, ensuring compliance with internal and standards. Skills & Experience Strong experience in a DevSecOps or security-focused DevOps role. In-depth knowledge and hands-on experience with SAST, DAST and API security testing Solid understanding of AWS and security configurations. Experience in More ❯

My client, an up-and-coming re-insurance organisation, is looking for a Head of Application Security to join their growing team in London. About the Head of Application Security Role: In this role, you will work closely with Engineering, SRE, and Product teams to embed risk-conscious technical security controls into their services, products, development workflows … and activities. What will you be doing? You will act as a subject matter expert on application security, conduct Threat Modelling exercises with engineering teams, and develop cloud-native security tooling. Your work will involve automating security processes and leveraging infrastructure as code. Bringing your experience in writing and reviewing code, along with a strong interest in … security, you will facilitate and manage security testing workflows within the SDLC using code and runtime security scanners and vulnerability testing tools. You will also enable cloud security governance for AWS and GCP through security monitoring, posture management, and vulnerability management. Team and Environment: This role is part of the Security Architecture More ❯

Security Development & Test Director £140,000 GBP Onsite WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Security Development & Test Director London (Hybrid, 2-3 days onsite) Up to £140,000 + Benefits + Bonus We're hiring a Security Development & Test Director to lead a rapidly growing security capability at a major global consultancy. … This is a leadership role where you'll shape strategic offerings around secure software development, DevSecOps, and security testing - while staying hands-on enough to influence tooling, architecture, and delivery standards across complex client environments. You'll be joining a high-performing cyber team with serious backing and a strong pipeline of transformation work across multiple sectors. What … you'll be doing: Leading the definition and implementation of secure architecture and DevSecOps practices across large-scale client programmes Overseeing security testing operations - including tooling (SAST, DAST, SCA), processes and coverage Driving service maturity and quality across delivery, with a focus on automation, governance, and continuous improvement Supporting business development and client engagement - from presales and solution More ❯

We are currently looking for a WAF & Application Security SME to join an existing team at one of our retail banking clients. The role will be working on the enhancement of a Web Application Firewall across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF uplifts. This role involves a strong focus … on WAF Efficacy and security posture uplift by crafting efficacy testing custom rules and configurations; additionally, the role will cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and … with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps Crafting efficacy testing for baseline & custom rules and features and integrating testing in the automation pipelines Providing SME support for other security testing More ❯

We are currently looking for a WAF & Application Security SME to join an existing team at one of our retail banking clients. The role will be working on the enhancement of a Web Application Firewall across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF uplifts. This role involves a strong focus … on WAF Efficacy and security posture uplift by crafting efficacy testing custom rules and configurations; additionally, the role will cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and … with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps Crafting efficacy testing for baseline & custom rules and features and integrating testing in the automation pipelines Providing SME support for other security testing More ❯

and validates the technical exposure of our global network of Member Firms against real world cybersecurity threats. The ideal candidate will have experience with attack surface discovery, exposure management, security controls validation and threat intelligence technologies. Reporting directly to the Director of Cybersecurity Programmes within our compliance workstream, the candidate will bring a strong technical background, combined with an … articulate risk profiling mindset. Main Responsibilities The Senior Associate will support with the implementation of the global adversarial exposure programme, including: Security Testing Continuously discover external assets and attribute them to members of our organisation. This insight detects a wide range of exposures, including high risk vulnerabilities, misconfigurations, exploitable administration paths, and additional types of exposed threats. Perform … security testing using Breach and Attack simulation products for a variety of scenarios including adversarial simulations and control validation exercises. Collaboration with various operation security teams across the GT network to conduct exercises Manage risk validation to identify attack paths, adversarial context and threat prioritisation. Manage notifications and workflows to support risk remediation processes. Operational Liaison This More ❯

Join a leading Cyber Security provider, established in early 2018 and rapidly growing in the UK. They specialize in a wide array of security services including Penetration Testing, Cloud Security, Continuous Security Testing, Adversarial Emulation, End Point Detection and Response, Backup & Restore solutions, and more. Role: Graduate Sales Development Representative Location: Newcastle or Leeds … Responsibilities: Learn and understand their comprehensive range of Cyber Security services. Assist in identifying and developing new business opportunities. Engage with potential clients to understand their security needs and offer tailored solutions. Collaborate with their experienced sales team to support the sales process with lead generation. Requirements: Recent graduate with a keen interest in sales and business development. … Strong communication and interpersonal skills. Ability to learn quickly and adapt to new challenges. Passion for Cyber Security and technology solutions. Proactive attitude and eagerness to contribute to a growing company. Benefits: Opportunity to work in one of the fastest growing industries. Comprehensive training and mentorship from industry experts. Competitive salary and uncapped performance-based incentives. Flexible work environment More ❯

Role Title: WAF & Application Security SME Location: Birmingham B1 1HQ (Hybrid 60% office/40% home - 3 days in the office is mandatory) Start Date: 15/09/2025 End Date: 15/09/2026 Rate: £495p/d via Umbrella Job Description: This role will play a critical role in enhancing our Web Application Firewall (WAF … across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF uplifts. This role involves a strong focus on WAF Effiacy and security posture uplift by crafting efficacy testing custom rules and configurations; additionally, the role will cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning … company's operations, reputation, and customers and monitor and review tuning request, proactively assist with identifying false positives and provide expert recommendations and stay updated with the latest web security threats and trends to ensure optimal protection and performance. Candidate Profile Summary: The primary role is to tune WAF accurately and safely - avoiding outage and bypass. We are not More ❯

We are looking for a Penetration Testing Consultant based in the United Kingdom to join our rapidly expanding Penetration Testing team at Rootshell Security. The role involves remote engagements and on-site client visits to conduct penetration security testing and help mitigate risks for our clients. Rootshell Security is an equal opportunity employer that values … diversity regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. Responsibilities Perform technical tasks on security testing engagements Deliver high-quality technical solutions to clients Assist in identifying, resolving, and documenting security incidents Provide guidance and mentoring to team members Offer technical scoping advice Desired Skills Ideally hold a CREST or CyberScheme … qualification Eligible to apply for UK Security Clearance Good knowledge of TCP/IP Company Benefits Long-term career development Continuous technical and non-technical training Opportunities to attend DefCon in Las Vegas and UK conferences Bonus scheme Variety of work across sectors Opportunities to innovate and be recognized and rewarded Mentoring from senior leadership Equality, Diversity, and Inclusion More ❯

the UK defense sector. Since its inception, the company has grown to employ elite technical experts who have contributed to some of the world's largest technology and digital security projects. The NCSC-approved CHECK company specializes in penetration testing and security assessment services under the government-accredited CHECK scheme. They are currently seeking for a skilled … or customer site. Are you ready to take the next step in your career? Apply today! Responsibilities: Utilize a combination of industry-standard and in-house developed tools for security testing. Conduct manual reviews to identify issues within customer infrastructure and web applications. Perform various types of security testing, including network penetration, web application, mobile security … and social engineering. Participate in red team engagements, employing creative strategies to outsmart defenders. Explore various approaches to gain unauthorized access to customer networks during red team exercises. Perform security assessments in accordance with the CHECK scheme. Skills/Must Have: Demonstrates a motivated, passionate, and resilient mindset. Exceptional analytical and problem-solving capabilities. Possesses a solid understanding and More ❯

Sanderson G&D are working with a fast growing Cyber Security consultancy delivering secure, user-focused digital services for the UK Government. They’re looking for an experienced Application Security/DevSecOps Engineer to embed security at the heart of modern software delivery. This is a newly defined role focused on integrating security into the software … development lifecycle (SDLC). You’ll play a critical part in shifting security left, guiding engineering teams, testing controls, and supporting secure design across a range of digital services. The Role This is far more than just an AppSec testing role. You’ll be embedded into agile product teams, helping them design and build secure digital services … from the ground up. Your day-to-day might include: Conducting hands-on threat modelling and secure design reviews Testing APIs and infrastructure manually and with tools like Burp Suite, ZAP, and Nessus Driving secure-by-design principles across CI/CD pipelines Working across cloud-native platforms (AWS, Azure) and tooling (GitHub, Python, etc.) Collaborating with platform and More ❯

most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders. Position Summary The penetration testing team at Claranet Cyber Security is composed of highly skilled, professional ethical hackers with a real passion for improving our clients’ security posture by demonstrating how systems … Mission Claranet’s strategy is to build long-term, trusted relationships with its customers by delivering market-leading, integrated managed services. We are seeking highly driven and aspirant penetration testing consultants to conduct a broad range of specialist engagements. Duties and Responsibilities Essential Roles & Responsibilities As an Associate Penetration Tester at Claranet, you will able to deliver you own … web application tests and through training and partnering, you will have the opportunity to become involved in a full range of testing work from mobile app and infrastructure testing to social engineering and Red Team exercises. Key Responsibilities: Undertaking web application testing and infrastructure testing engagements Using the opportunities provided by the business to improve skills More ❯

IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security Manager/Lead … Software Security Engineer to shape and drive secure-by-design principles across new and evolving digital products. You'll be joining a business that genuinely values its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing … DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security More ❯

IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security Manager/Lead … Software Security Engineer to shape and drive secure-by-design principles across new and evolving digital products. You'll be joining a business that genuinely values its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing … DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security More ❯

Graduate Cyber Security Consultant - 5295 Job Type: Permanent Location: Guildford, Surrey Our client is seeking ambitious Bachelors, Masters, or Doctorate graduates interested in becoming consultants in Cyber Security for the UK public and Defence sectors. This is a hybrid role based in their Guildford office. We offer extensive training, including online, classroom, and in-house courses, leading to … nationally recognized qualifications in areas such as Project Management, Agile methodologies, Business Analysis, IT Service Management, Cyber Security, and Technology Procurement. Responsibilities Providing technical assurance that proposed solutions are fit for purpose. Developing new architectures to mitigate risks posed by emerging technologies and business practices. Advising clients on information assurance, architectural issues, and risks. Supporting the development of Risk … Management Accreditation Document Sets (RMADS). Scoping security testing activities, explaining findings, and recommending remedial actions to stakeholders. Investigating security incidents. Promoting security awareness within project teams and the organization. Candidate requirements: HMG Security Policy Framework (SPF) familiarity and NCSC Information Assurance Portfolio knowledge gained through studies. Masters degree in Information, Cyber, or Systems Security More ❯

Role overview: Working for a security vendor, you'll be responsible for supporting the Head of SecOps in overseeing the company's Security Operations activity, improving and challenging existing processes and procedures in a very agile and fast moving information security environment. Main tasks and responsibilities: Operate within a global team that takes responsibility for the security monitoring of key technologies and tools across the estate Lead and manage a team of Security Analysts & the Vulnerability management team Comfortable operating in a technical capacity performing hands-on incident response and supporting/managing SOC analysts Act as a SME in matters related threat and vulnerability management incl incident response Understand security incidents and the … likely impact these will have on the business Define and report on KPIs with recommendations for improvement Identify security risks, threats and vulnerabilities of the company's network, systems, applications and new technology initiatives Implement and maintain operating run books, operating processes and procedures Help to develop and configure use cases, and alerting rules within SIEM technologies Mange the More ❯

The Ellison Institute of Technology (EIT) tackles humanity's greatest challenges by turning science and technology into impactful global solutions. Focused on areas like health, food security, sustainable agriculture, climate change, clean energy, and robotics in an era of artificial intelligence. EIT blends groundbreaking research with practical applications to deliver lasting results. A cornerstone of EIT mission is its … pipelines and platform features, and support bioinformaticians in building and deploying their workflows. You'll be responsible for maintaining infrastructure, designing secure automation pipelines, managing cloud environments, and ensuring security and compliance. You'll collaborate with cross-functional teams, data engineers, backend, and full-stack developers, to build robust, automated deployment pipelines across our environments. Key Responsibilities Design, implement … Infrastructure (OCI). Develop and manage Infrastructure as Code (IaC) with tools like Terraform to enable secure, repeatable deployments. Implement and manage CI/CD pipelines, focusing on automated security testing, deployment, and monitoring. Ensure all aspects of the data platform OCI infrastructure, data ingest pipelines, tool deployments, access controls, and monitoring are developed, tested, and deployed using More ❯

ability to keep our clients data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the worlds large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of … the Board. Led by our new CISO, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with … you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will be responsible for maintaining the identity and access management (IAM) security of the firms assets. This role is critical in translating the organisations IAM vision into a workable, mature and optimized function and service. This role requires extensive experience across More ❯

Lead IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security Manager to … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯

Lead IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security Manager to … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯

a talented and detail - oriented QA Engineer to join our team. This role involves ensuring the quality and functionality of our products through a combination of manual and automated testing, with a strong emphasis on frontend and user interface (UI) testing. The ideal candidate will have experience in automation frameworks, programming languages like Python and JavaScript, and working in … cloud - based environments such as Google Cloud with T erraform for infrastructure management. Key Responsibilities: Perform manual and automated testing of user interfaces to ensure functionality, usability, and visual integrity. Validate user interactions and responsiveness to ensure seamless user experiences. Develop, implement, and maintain automated test suites using tools like Playwright, Cypress, or Selenium. Write and maintain test scripts … using Python and JavaScript, leveraging TypeScript when applicable. Integrate automated tests into CI/CD pipelines for continuous quality checks. Conduct exploratory, functional, and regression testing for various products. Validate bug fixes and ensure no regressions are introduced during development. Reproduce and document defects clearly for the development team. T est API endpoints for functionality, performance, and security More ❯

. Hybrid working - 2 days per week in the office and you must be eligible for SC clearance . Key Responsibilities: Develop and script your own tools for automated testing and security assessment Drive innovation by designing and implementing new testing techniques Conduct security testing across modern IT environments - including Web, APIs, and Hardware Modis More ❯

a Hybrid role working from our Dundee or Glasgow offices 2 days a week. Are you a highly experienced and influential Senior QA Engineer with a passion for mobile testing? Waracle, a world-class digital technology consultancy, is seeking a visionary QA leader to join our dynamic team. This isn't just about testing; it's about shaping … quality assurance, we want to hear from you. What you'll do: Lead QA Strategy: Define and execute comprehensive test strategies, ensuring robust coverage for functional, non-functional, and security aspects across both web and critical mobile platforms (iOS and Android). Drive Automation Excellence: Master and extend automation frameworks for web and mobile, focusing on code quality, reusability … defect triage, enforce traceability, and proactively anticipate/resolve blockers to ensure exceptional product quality. Mentor & Collaborate: Actively coach and mentor junior QA engineers in both web and mobile testing best practices, fostering a culture of continuous learning within multidisciplinary teams. Innovate & Influence: Proactively integrate new testing tools, keep a keen eye on emerging trends in mobile and More ❯