Senior Penetration Tester Position Description CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 300 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and Many more. At CGI you will get the opportunity to work … range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, PenetrationTesting and much more. We take clients through a journey to improve their overall security posture and maturity to ensure they feel reassured in the Security control, measures … go. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance. Your future duties and responsibilities An opportunity for an experienced penetration testers has become available due to growth, joining the CGI Cyber Security business unit, one of the largest groups of cyber security specialists in the UK. CGI has a More ❯
Remote working (anywhere in the UK) Hybrid / WFH Options
Government Digital & Data
and promote a culture of continuous improvement.??? We are looking for an enthusiastic? Senior Test Engineer? (Non-Functional Security)?with great technical skills, able to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will also offer guidance to other testers on security testing best practices.?? You will be part of our non … functional testing specialist team, working collaboratively with your team and overseeing the testing journey.?? This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services.??? This is a rewarding role within the Test Team and provides an opportunity to … more information. Job description As a Senior Test Engineer focusing on security you will;???? Working within a delivery team, you'll contribute to the coordination and execution of security testing across the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, testing security related issues.?? Support the wider test More ❯
Remote working (anywhere in the UK) Hybrid / WFH Options
Government Digital & Data
of continuous improvement. We are looking for an enthusiastic Lead Test Engineer (Security) with great technical skills able to coach and mentor other testers and lead the non-functional testing workstream focused on Security testing. You will be part of our lead tester group, working collaboratively with your team and overseeing the testing journey with management responsibilities. This … . Please see 'Things you need to know' section below for more information. Job description As a Lead Test Engineer focusing on security, you will: Take ownership of security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, and testing security-related issues. As a manager … you will provide advice, coaching and mentoring to testers on non-functional testing subjects such as security testing. Attend meetings and provide stakeholders with updates. Design and execute manual and automated security test cases using standard testing techniques. Design and implement pipeline solutions to support automated security testing and reporting. For more information on the Test Engineering More ❯
Almondsbury, Gloucestershire, United Kingdom Hybrid / WFH Options
Frontier Resourcing
/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration … management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetrationtesting). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting More ❯
Central London, London, United Kingdom Hybrid / WFH Options
Marlin Selection
Manage and optimise enterprise-grade security tools: WAF, DDoS, email and web security gateways, SIEM, SOAR, EDR, MFA, SSO, IDS/IPS, PAM and more. Perform vulnerability assessments and penetration test remediation. Deliver Cyber Security Awareness Training across the business. Lead ad-hoc security initiatives and projects. Mentor junior security staff and collaborate across IT and business units to … SC-100/200/900, OSCP or equivalent. Strong interpersonal and communication skills. Ability to lead, prioritise, and deliver across multiple concurrent tasks. Previous experience in financial services, penetrationtesting, or a SOC environment is a strong advantage. Working Pattern & Location Hybrid working model: 3 days in the office (High Holborn), 2 days from home. Shift coverage More ❯
role across various IT and transformation projects: Conduct thorough security risk assessments and translate them into actionable requirements Contribute to and validate secure-by-design architecture Define and coordinate penetrationtesting and security validation activities Actively participate in governance processes (e.g. baseline re-certifications, exception boards, dashboards) Document and implement security standards, processes, and best practices Act as More ❯
Operator to join our adversary simulation team, delivering high-impact operations against some of the most complex enterprise environments in the UK and beyond. This isn't a typical penetrationtesting role. You'll be leading tailored campaigns that emulate real-world threat actors - from phishing initial access through to cloud-native post-exploitation and domain-level compromise … and encourages new ideas and perspectives High-autonomy environment with supportive, skilled peers. Annual training & research budget - use it for conferences, courses, or tooling. Access to red team labs, testing infrastructure, CTI, and sandbox environments. Opportunities to contribute to public research, tools, and community initiatives. Flexible work, sensible management, and zero micromanagement. How to apply If you are interested More ❯
Enfield, Middlesex, England, United Kingdom Hybrid / WFH Options
Eden Brown Synergy
mitigate, and respond to risks and potential threats. * Utilise Microsoft Sentinel and related tools to analyse security data, detect anomalies, and respond effectively to incidents. * Oversee vulnerability assessments and penetrationtesting to ensure robust security measures are maintained. * Contribute to the development and execution of incident response plans, ensuring prompt action to contain and remediate security incidents. * Maintain More ❯
containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities in OT systems and coordinate with relevant teams to remediate them. Security Assessment: Conducting security assessments and facilitate penetrationtesting of OT systems to identify weaknesses and recommend security improvements. Policy Development: Contributing to development and maintenance of cybersecurity policies and procedures specific to OT environments. Compliance More ❯
containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities in OT systems and coordinate with relevant teams to remediate them. Security Assessment: Conducting security assessments and facilitate penetrationtesting of OT systems to identify weaknesses and recommend security improvements. Policy Development: Contributing to development and maintenance of cybersecurity policies and procedures specific to OT environments. Compliance More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
Manchester Digital
cost effective controls. Technical depth: hands on knowledge of cloud security, IAM, container & API security, network segmentation, encryption and DevSecOps toolchains; capable of explaining exploitability of complex vulnerabilities. Pen testing & threat modelling: scoping, overseeing and translating results into enforceable patterns and backlog items. Influential communication: proven ability to engage C suite and delivery squads alike, adapting style to gain More ❯
are currently seeking a CHECK Team Lead to join us in a flexible capacity either as a permanent team member or a contractor leading the delivery of high-assurance penetrationtesting services in line with NCSC CHECK and CREST standards. Position Overview As a CHECK Team Lead, you will take responsibility for scoping, delivering, and reporting on complex … penetrationtesting engagements, while ensuring compliance with NCSC’s CHECK requirements. You will mentor and guide a high-performing team and act as a technical and client-facing authority. Key Responsibilities Lead and deliver penetrationtesting assignments under the CHECK scheme across infrastructure and application layers Define engagement scope, assess risk, and ensure full technical delivery … Ensure all activity complies with CHECK and CREST accreditation requirements Essential Requirements CHECK Team Leader (CTL) status with a UK Cyber Security Council (UK CSC) Professional Title in Security Testing at ‘Principal’ level or above Eligible to attain SC (Security Check) clearance Demonstrated track record of effective customer engagement on previous CHECK engagements Hands-on expertise with common testingMore ❯
Leeds, West Yorkshire, England, United Kingdom Hybrid / WFH Options
Eames Consulting
Job Title: Penetration Tester Location: Leeds/Hybrid Reports To: Head of Cyber Services Salary: £55,000 - £60,000 Travel: Occasional client site visits About Us We're a rapidly growing cybersecurity reseller and MSP delivering cutting-edge security solutions across network, endpoint, cloud, and offensive security testing. Our mission: empower clients to expose and eliminate critical vulnerabilities before … attackers do. We're expanding our offensive security team and need an experienced Penetration Tester to deliver high-impact, real-world security assessments that drive tangible improvements. The Role - What You'll Own You will simulate sophisticated cyberattacks across client environments - from networks and web apps to cloud and endpoints - exposing weaknesses before adversaries can exploit them. Your findings … will guide clients to stronger, more resilient security postures. Lead internal and external penetration tests , including infrastructure, web, wireless, cloud, and social engineering. Execute red team, purple team, and breach simulation exercises tailored to client maturity and objectives. Identify and safely exploit vulnerabilities to demonstrate real business impact . Deliver clear, actionable reports tailored to both technical teams and More ❯
Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetrationtesting and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive … environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. What You'll Do Lead penetrationtesting teams to conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. Lead on-site customer engagements. Lead on developing and providing … equivalent level. Experience : At least 5 years leading network, web, and internal penetrations tests as well as experience in leading customer engagements onsite. Leadership : Experience of supervising and mentoring penetration test teams. Training Experience : Ownership and leadership on developing and providing training courses. Tools : Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. Communication : Strong verbal and More ❯
Penetration Tester Position Description CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 300 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and Many more. At CGI you will get the opportunity to work across … range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, PenetrationTesting and much more. We take clients through a journey to improve their overall security posture and maturity to ensure they feel reassured in the Security control, measures … go. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance. Your future duties and responsibilities An opportunity for an experienced penetration testers has become available due to growth, joining the CGI Cyber Security business unit, one of the largest groups of cyber security specialists in the UK. CGI has a More ❯
Agile methodologies and promote a culture of continuous improvement. We are seeking an enthusiastic Senior Test Engineer (Non-Functional Security) with strong technical skills to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will guide other testers on security testing best practices. You will be part of our non-functional testing specialist team, collaborating closely with your team and overseeing the testing process. This role offers the chance to explore new tools and approaches to improve service delivery. Companies House offers a flexible, welcoming culture that promotes work-life balance and wellbeing. Benefits include flexible working with no core hours, 30 days annual leave, 8 bank holidays, 1 privilege … cannot offer Visa sponsorship. A Security Check (SC) is required, with at least 3 out of the last 5 years in the UK. Key responsibilities Coordinate and execute security testing within the software development lifecycle, including vulnerability scans using tools like Burp Suite, and testing security issues. Support the wider testing team by sharing knowledge on security More ❯
for you to cut your teeth on and a friendly, passionate team to develop and grow. The KPMG’s Cyber Defence (CDS) Team conducts client facing technical assurance and penetrationtesting and has a long and successful history in KPMG. Our clients are diverse and we cover many sectors with particular specialisms in Financial Services, High-end Defence … Assurance and Telecommunications. We work closely with the NCSC developing new schemes such as Cross Domain Solutions Testing ( and are members of all current NCSC and CREST testing schemes - as a result we conduct interesting and challenging work that isn’t on offer elsewhere. Our team is made up of skilled individuals at different stages in their careers … location, as well as embracing remote working. What will you be doing? As the Pen Test Manager, you'll be responsible for leading and mentoring a team of talented penetration testers, ensuring the successful delivery of critical security assessments for our diverse clientele. You'll wear multiple hats, acting as a technical expert, project manager, and strategic leader, driving More ❯
also have the opportunity to shape and grow a team underneath them. Key Responsibilities Proactively identify application-level vulnerabilities across authentication, payment flows, and core transactional systems Perform manual penetrationtesting, code reviews, and threat modelling across a modern FinTech platform Collaborate with engineering teams to remediate risks and implement secure development practices Take ownership of the company … Support and improve the existing Secure SDLC and DevSecOps environment Provide guidance on security in design, development, and implementation phases Required Experience Demonstrable hands-on experience in application security, penetrationtesting, or ethical hacking Proven background in card payment systems, payment processing, or credit card platforms Strong technical understanding of web applications, APIs, authentication, and data security Ability More ❯
East London, London, United Kingdom Hybrid / WFH Options
Anson Mccade
specialised government and commercial contracts that will allow you develop and grow your skills within the industry. As a Cyber Defence Assistant Manager you will; Be responsible for the testing and oversight of junior testers under your leadership Completing peer reviews of your deliverables (QA) Developing a rapport with clients both inside and outside our client company along with … years' experience within the field Have SC clearance or the ability to go through SC clearance Any SecOps related certification (including security vendor certificates) A understanding and demonstration of penetrationtesting and red-tanning (NCSC and CREST accredited schemes) Strong technical background in computing, networks and programming Excellent communication skills A genuine interest to work for multi-national … essentials for this role; A CISSP,CISM,CCSP,GIAC certification or any equivalent Knowledge of working in secure environments and accredited labs R&D experience Threat intelligence experience Application testing experience Reference: AMC/DRI/CBAM Postcode: E14 #dari More ❯
security engineer. The successful candidate will have experience gained in a broad, hands-on security engineering position. Relevant certifications such as CISM and/or Microsoft certifications are desirable. Penetrationtesting experience or certifications would be beneficial. Hybrid working is available (3 days in central London). The salary is £75,000 base plus benefits and bonus. More ❯
Basingstoke, Hampshire, South East, United Kingdom Hybrid / WFH Options
Corriculo Ltd
security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation actions. Outside of … Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetrationtesting/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet More ❯
Basingstoke, Hampshire, South East, United Kingdom Hybrid / WFH Options
Corriculo Ltd
security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation actions. Outside of … Firewalls, VPN, EDR/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetrationtesting/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet More ❯
received reports. Proactively identify and solve issues, and respond quickly to delegated work. Communicate, document, and share your findings. Stay updated on the latest malware and security threats. Perform penetration tests and security validation on computer systems, networks, and applications. Create new testing methods to identify vulnerabilities. What you'll bring Knowledge/skills/experience: Outstanding interpersonal … abilities, and strong written and verbal communication skills. Fluent in English, both written and spoken. At least 2 years of experience in pen testing, security testing, or vulnerability assessments. Stress resistant & able to maintain focus during incidents. A strong understanding of the (Ethical) Hacker culture. Attention to detail, analytical, and problem-solving skills. Able to independently find solutions More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
FSP Retail Team
Best Companies as Best Company To Work For in the UK, Tech, and the South East in 2023. We are ISO27001 and ISO9001 certified by UKAS, a CREST approved penetrationtesting and SOC company, and hold IASME Cyber Essentials Certification and Cyber Essentials Plus certification. Learn more about our awards here . Why work for FSP? We offer More ❯
lifecycle. You'll help establish a robust security culture as we unlock Granola for the next 100x users. In this role, you will: Conduct security assessments, code reviews, and penetrationtesting to identify vulnerabilities in our applications Design and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure More ❯