26 to 50 of 81 Penetration Testing Jobs in the UK excluding London

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

Based Vulnerabilities are Understood & Mitigated meaning that Code Reading Skills are also desirable. Skills & Experience of the AppSec Engineer role: Hands-On Experience with Security Assessment Tools & Techniques including Penetration Testing & Code Review. Use of Planned, Structured Methodologies for Conducting & Reporting on Web Application Penetration Testing. Understanding & Demonstrable Experience of Automated, Dynamic & Static Application Security Testing Tools, as well as Manual Security Testing to find Vulnerabilities & Logical Issues. Broad Understanding of SDLC & Technology Functions and how they relate to Information Security. Understanding of Industry Standard Information Security Practices. Ideally Offensive Security Certified Professional (OSCP) Certification (or similar is Desirable but Not Essential). Strong Communication Skills & High Attention to Detail. Main Responsibilities of the … considered up front and throughout the Project Lifecycle. Taking Responsibility for the Security of Tested Products within Project Context. Conducting Manual & Automated Source Code Reviews. Contributing to & Utilising Security Testing Methodologies, Creating & Updating Technical Documentation as necessary. Liaising with Software Development Department to ensure Security is considered throughout SDLC. Identifying any Security Issues within the Businesss Software and Manage More ❯

SOC or NOC environment. Strong hands-on experience with SIEM tools, specifically QRadar Solid understanding of incident response methodologies and DFIR principles. Knowledge of network traffic analysis, vulnerability management, penetration testing, and malware reverse engineering. Familiarity with ITIL processes (Incident, Problem, Change). Strong written and verbal communication, with the ability to produce clear technical documentation and reports. More ❯

response for security risks and issues raised by SOC teams Manage implementation of logging and SIEM integration for comprehensive monitoring Prioritise and oversee vulnerability remediation across the platform Support penetration testing activities and security audits Collaboration & Leadership: Build strong relationships with central security teams and contribute to communities of practice Manage escalations of security-related issues, risks, and More ❯

Leading the cultural shift towards secure software development across product teams Defining and implementing the software security strategy in line with business goals Collaborating with developers to automate security testing and embed security requirements into the SDLC Supporting penetration testing, vulnerability management, and remediation efforts Acting as a software security SME, advising teams on secure design, risk More ❯

objectives. Draft, maintain, and implement information security policies and Standard Operating Procedures (SOPs). Configure and oversee mobile securityMDM (MAM/BYOD)to protect business continuity. Lead vulnerability assessments, penetration tests, firewall policy enforcement, and remediation efforts. Author compelling tender responses, clearly demonstrating technical capability and strategic value. Enhance Microsoft 365 securityleveraging Purview, Conditional Access, MFAto safeguard modern workplaces. … through closure. Strong understanding of ITIL, CAB, and structured change management. Skilled in crafting and updating security policies, SOPs, and managing tender documentation. Hands-on expertise with MDM tools, penetration testing, and policy-based firewalls. Experience designing and delivering compliance aligned services across GDPR, Cyber Essentials, ISO 27001. Proficient in using Microsoft 365 security stack: Purview, Defender, Conditional More ❯

Draft, maintain, and implement information security policies and Standard Operating Procedures (SOPs). Configure and oversee mobile security—MDM (MAM/BYOD)—to protect business continuity. Lead vulnerability assessments, penetration tests, firewall policy enforcement, and remediation efforts. Author compelling tender responses, clearly demonstrating technical capability and strategic value. Enhance Microsoft 365 security—leveraging Purview, Conditional Access, MFA—to safeguard … through closure. Strong understanding of ITIL, CAB, and structured change management. Skilled in crafting and updating security policies, SOPs, and managing tender documentation. Hands-on expertise with MDM tools, penetration testing, and policy-based firewalls. Experience designing and delivering compliance aligned services across GDPR, Cyber Essentials, ISO 27001. Proficient in using Microsoft 365 security stack: Purview, Defender, Conditional More ❯

native services and public APIs that underpin enterprise-scale AI systems. You’ll work in a fast-paced Scrum team alongside developers, architects, and data scientists to build automated testing frameworks, AI evaluation tools, and validation strategies. If you thrive on experimentation, problem-solving, and building robust systems that scale, this is the opportunity for you. Key Responsibilities Test … hooks in collaboration with engineering teams. Ensure compliance with AI regulations and standards such as NIST AI RMF and the EU AI Act . Conduct threat modelling and security testing for APIs and AI services. Provide early feedback to improve design and reduce defects. Mentor junior engineers and contribute to a culture of innovation and continuous improvement. Skills & Experience … 12+ years in software testing and validation for cloud-native applications using Microsoft and .NET . Expertise in automated testing frameworks such as Selenium , Postman , JMeter , or custom-built solutions. Hands-on experience with Azure DevOps , CI/CD pipelines , and containerized environments ( Docker , Kubernetes ). Strong knowledge of API testing , performance profiling, and security practices including More ❯

and reporting to enable informed, risk-based decisions. What you'll bring: Strong knowledge of networking, cloud security (AWS/Azure), and modern security concepts. Familiarity with vulnerability management, penetration testing, and security frameworks. Experience with security standards (ISO 27001/27002/27017/27018). Minimum 5 years in cybersecurity, with certifications like CISSP, CISM, CCSP More ❯

CI/CD pipelines and infrastructure-as-code (IaC) deployments across Azure. Lead container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage audit-related actions. What You More ❯

background in incident response, SOC operations, and security investigations. Hands-on expertise with SIEM tools (Splunk, QRadar, Microsoft Sentinel). Deep understanding of network traffic analysis, vulnerability management, and penetration testing. Knowledge of DFIR principles, malware reverse engineering, and digital forensics. Familiarity with ITIL processes (Incident, Problem, Change). Experience with cloud platforms (AWS and/or Azure). More ❯

stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure IT architecture and access control policies. What you'll need to succeed Extensive experience administering the Azure platform and Microsoft More ❯

to proactively enhance the organization's network security posture Ensure compliance with relevant security regulations and standards and assist in audit processes as needed Conduct regular security assessments including penetration testing and vulnerability assessments to identify and remediate potential security risks ESSENTIAL EXPERIENCE 12 years of Proven experience in network security with a strong understanding of network security More ❯

company IT security, and stability of all IT systems and services. Key Responsibilities: Implement and enforce cybersecurity best practices (ISO 27001,CE+, CIS benchmarks), including endpoint protection, vulnerability scanning, penetration testing, and incident response planning. Ensure compliance with regulatory standards such as GDPR Ensure best security practice for Office 365, Exchange Online, and SharePoint administration. Administer firewalls, VPNs More ❯

guidance. Review technical documentation (e.g., designs, network diagrams, data flows) to ensure alignment with security policies and architecture. Conduct Information Security Impact Assessments and Data Protection Impact Assessments. Support penetration testing and vulnerability assessments, tracking remediation to closure or handover to BAU. Translate technical risks into business language for stakeholders. Maintain alignment with ISO27001 and other frameworks (e.g. More ❯

firewalls, intrusion detection systems, endpoint protection, log monitoring, and vulnerability scanning. Investigates and documents security breaches and cyber incidents, including assessment of impact and coordination of remediation efforts. Coordinates penetration testing with internal or external parties as appropriate. Drives business-wide understanding of secure development practices and general information security awareness. Represents the company during audits and performs More ❯

to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information More ❯

measures in line with best practices to ensure that the client is protected against the latest cyber security threats • Work with third parties and internal teams to schedule proactive penetration tests, ensuring that vulnerabilities are resolved or mitigated • Support the delivery of security training to all end users • Regular monitoring of potential security risks externally and internally, provide clear … to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation • Experience in testing and reviewing new security solutions • A strong commitment More ❯

and management process Conduct vulnerability assessments, ensure the remediation and recommend improvements to mitigate risks. Develop security playbooks Work with engineering team to implement security tools and controls Scope penetration testing and review related reports from external service providers Collaborate with the technology department to integrate security protocols into system designs. Ensure and develop security posture to newly More ❯

and management process Conduct vulnerability assessments, ensure the remediation and recommend improvements to mitigate risks. Develop security playbooks Work with engineering team to implement security tools and controls Scope penetration testing and review related reports from external service providers Collaborate with the technology department to integrate security protocols into system designs. Ensure and develop security posture to newly More ❯

firewalls, intrusion detection systems, endpoint protection, log monitoring, and vulnerability scanning. Investigates and documents security breaches and cyber incidents, including assessment of impact and coordination of remediation efforts. Coordinates penetration testing with internal or external parties as appropriate. Drives business-wide understanding of secure development practices and general information security awareness. Represents the company during audits and performs More ❯

occasional evenings/weekends for planned exercises (not a 24/7 role) Desirable: Degree or equivalent experience Previous consulting or technical client-facing experience Background in SOC, Pen Testing, InfoSec, or Systems Admin Knowledge of BGP, WAF, CDN, or cloud platforms (AWS, Azure, GCP) Basic scripting (e.g. Python, Bash) for automation or analysis Please note that at times More ❯

security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation actions. Outside of … Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet More ❯

considered suitable you will need the following skills and experience: - Experience in either a Cyber Analyst or Cyber Engineer role - SC Cleared/Clearance - Experience in network audits and penetration testing - Previous experience of delivering Cyber Essentials Plus - Knowledge of security frameworks - Generalist IT security background - Strong communication skills More ❯

AWS security controls, policies, and automation- Role-based and attribute-based access controls- Cryptographic protocols and secure key lifecycle management- Securing microservices, APIs, and DevSecOps best practices Skilled in penetration testing and hands-on coding with JavaScript, Java, or Python Strong understanding of vulnerability scanning, remediation, and vendor management Collaborative mindset with the ability to partner across engineering More ❯