Senior Penetration Tester 12 Month Initial Contract £750 - £850 per day (Inside IR35) Cheltenham or London 1 day per week on-site SC Clearance Eligibility Required MERITUS Talent are working with a boutique Defence consultancy supporting a UK Central Government department in their Cyber Security function click apply for full job details
Jun 29, 2025
Contractor
Senior Penetration Tester 12 Month Initial Contract £750 - £850 per day (Inside IR35) Cheltenham or London 1 day per week on-site SC Clearance Eligibility Required MERITUS Talent are working with a boutique Defence consultancy supporting a UK Central Government department in their Cyber Security function click apply for full job details
Senior Penetration Tester 12 Month Initial Contract 750 - 850 per day (Inside IR35) Cheltenham or London 1 day per week on-site SC Clearance Eligibility Required MERITUS Talent are working with a boutique Defence consultancy supporting a UK Central Government department in their Cyber Security function. We're looking for an experienced Senior Penetration Tester with a strong background in adversary simulation and technical quality assurance to join a high-impact project within the UK cyber security space. This role is ideal for someone who's not only delivered high-end red team engagements but has also overseen the work of others and provided expert-level guidance. You may have worked as a CHECK Team Leader, led adversary simulation teams, or assessed others for recognised exam bodies such as CREST or OSCP. This is a contract position working remotely, with occasional meetings or workshops as required. The role is a 12 month initial contract (inside IR35) & can be mostly remote with 1 day a week on-site in either Cheltenham or London. Main Responsibilities: Reviewing and sampling technical reports to ensure they meet internal and external quality standards. Coaching and mentoring team leads, particularly those working independently without peer support. Advising the wider project team on best practices in red teaming and adversary simulation. Skills Required: Solid hands-on experience in penetration testing and red teaming, particularly in operational environments. A background in technical QA - reviewing, validating, and improving the output of other testers. Experience as an assessor or contributor to recognised exam bodies (e.g. CREST, OSCP, GIAC) is highly desirable. Got your attention? If you believe that you have the skills and experience for the role - then please get in touch. We also offer a referral scheme for any candidates whose details are passed to us that we successfully place. If you have any further questions then please contact Ryan Harris at MERITUS Talent.
Jun 27, 2025
Contractor
Senior Penetration Tester 12 Month Initial Contract 750 - 850 per day (Inside IR35) Cheltenham or London 1 day per week on-site SC Clearance Eligibility Required MERITUS Talent are working with a boutique Defence consultancy supporting a UK Central Government department in their Cyber Security function. We're looking for an experienced Senior Penetration Tester with a strong background in adversary simulation and technical quality assurance to join a high-impact project within the UK cyber security space. This role is ideal for someone who's not only delivered high-end red team engagements but has also overseen the work of others and provided expert-level guidance. You may have worked as a CHECK Team Leader, led adversary simulation teams, or assessed others for recognised exam bodies such as CREST or OSCP. This is a contract position working remotely, with occasional meetings or workshops as required. The role is a 12 month initial contract (inside IR35) & can be mostly remote with 1 day a week on-site in either Cheltenham or London. Main Responsibilities: Reviewing and sampling technical reports to ensure they meet internal and external quality standards. Coaching and mentoring team leads, particularly those working independently without peer support. Advising the wider project team on best practices in red teaming and adversary simulation. Skills Required: Solid hands-on experience in penetration testing and red teaming, particularly in operational environments. A background in technical QA - reviewing, validating, and improving the output of other testers. Experience as an assessor or contributor to recognised exam bodies (e.g. CREST, OSCP, GIAC) is highly desirable. Got your attention? If you believe that you have the skills and experience for the role - then please get in touch. We also offer a referral scheme for any candidates whose details are passed to us that we successfully place. If you have any further questions then please contact Ryan Harris at MERITUS Talent.
Senior Penetration Tester 12 Month Initial Contract 750 - 850 per day (Inside IR35) Cheltenham or London 1 day per week on-site SC Clearance Eligibility Required MERITUS Talent are working with a boutique Defence consultancy supporting a UK Central Government department in their Cyber Security function. We're looking for an experienced Senior Penetration Tester with a strong background in adversary simulation and technical quality assurance to join a high-impact project within the UK cyber security space. This role is ideal for someone who's not only delivered high-end red team engagements but has also overseen the work of others and provided expert-level guidance. You may have worked as a CHECK Team Leader, led adversary simulation teams, or assessed others for recognised exam bodies such as CREST or OSCP. This is a contract position working remotely, with occasional meetings or workshops as required. The role is a 12 month initial contract (inside IR35) & can be mostly remote with 1 day a week on-site in either Cheltenham or London. Main Responsibilities: Reviewing and sampling technical reports to ensure they meet internal and external quality standards. Coaching and mentoring team leads, particularly those working independently without peer support. Advising the wider project team on best practices in red teaming and adversary simulation. Skills Required: Solid hands-on experience in penetration testing and red teaming, particularly in operational environments. A background in technical QA - reviewing, validating, and improving the output of other testers. Experience as an assessor or contributor to recognised exam bodies (e.g. CREST, OSCP, GIAC) is highly desirable. Got your attention? If you believe that you have the skills and experience for the role - then please get in touch. We also offer a referral scheme for any candidates whose details are passed to us that we successfully place. If you have any further questions then please contact Ryan Harris at MERITUS Talent.
Jun 27, 2025
Contractor
Senior Penetration Tester 12 Month Initial Contract 750 - 850 per day (Inside IR35) Cheltenham or London 1 day per week on-site SC Clearance Eligibility Required MERITUS Talent are working with a boutique Defence consultancy supporting a UK Central Government department in their Cyber Security function. We're looking for an experienced Senior Penetration Tester with a strong background in adversary simulation and technical quality assurance to join a high-impact project within the UK cyber security space. This role is ideal for someone who's not only delivered high-end red team engagements but has also overseen the work of others and provided expert-level guidance. You may have worked as a CHECK Team Leader, led adversary simulation teams, or assessed others for recognised exam bodies such as CREST or OSCP. This is a contract position working remotely, with occasional meetings or workshops as required. The role is a 12 month initial contract (inside IR35) & can be mostly remote with 1 day a week on-site in either Cheltenham or London. Main Responsibilities: Reviewing and sampling technical reports to ensure they meet internal and external quality standards. Coaching and mentoring team leads, particularly those working independently without peer support. Advising the wider project team on best practices in red teaming and adversary simulation. Skills Required: Solid hands-on experience in penetration testing and red teaming, particularly in operational environments. A background in technical QA - reviewing, validating, and improving the output of other testers. Experience as an assessor or contributor to recognised exam bodies (e.g. CREST, OSCP, GIAC) is highly desirable. Got your attention? If you believe that you have the skills and experience for the role - then please get in touch. We also offer a referral scheme for any candidates whose details are passed to us that we successfully place. If you have any further questions then please contact Ryan Harris at MERITUS Talent.
Ocho are exclusively working on a number of Penetration Tester roles! If you're passionate about ethical hacking and want to work on real-world cybersecurity challenges, this is the role for you. This organisation is on a serious growth trajectory, having secured major clients and high-profile projects, offering you the chance to work on cutting-edge security challenges in a dynamic and ambitious environment. What You'll Be Doing: Perform penetration tests on networks, applications, and infrastructure. Identify and exploit vulnerabilities to strengthen security defences. Use tools like Burp Suite, Nessus, Metasploit, and Kali Linux. Provide detailed reports with clear, actionable recommendations. Experience required: Strong knowledge of OWASP, CVE, and security frameworks. Hands-on experience with ethical hacking & exploit techniques. Scripting & automation skills a plus. Ability to communicate findings to technical and non-technical teams. Proficiency in using penetration testing tools such as BurpSuite Pro, Nmap, Nessus, and Metaspolit. Experienced in using Kali Linux and the associated penetration testing tool suite Nice to Have: Relevant security certifications (e.g. OSCP, CREST, Cyber Scheme.) UK SC clearance Package: £50k-£80k salary D.O.E Bonus Hybrid working (2 days onsite - Belfast office) 25 + 11 stat - annual leave Private Health Enhanced Pension scheme Please apply now if you are meeting most of the above criteria, or reach out to Andrew Harrison directly for a further discussion. Unfortunately, sponsorship is not available , so candidates must have existing right to work in the UK.
Jun 26, 2025
Full time
Ocho are exclusively working on a number of Penetration Tester roles! If you're passionate about ethical hacking and want to work on real-world cybersecurity challenges, this is the role for you. This organisation is on a serious growth trajectory, having secured major clients and high-profile projects, offering you the chance to work on cutting-edge security challenges in a dynamic and ambitious environment. What You'll Be Doing: Perform penetration tests on networks, applications, and infrastructure. Identify and exploit vulnerabilities to strengthen security defences. Use tools like Burp Suite, Nessus, Metasploit, and Kali Linux. Provide detailed reports with clear, actionable recommendations. Experience required: Strong knowledge of OWASP, CVE, and security frameworks. Hands-on experience with ethical hacking & exploit techniques. Scripting & automation skills a plus. Ability to communicate findings to technical and non-technical teams. Proficiency in using penetration testing tools such as BurpSuite Pro, Nmap, Nessus, and Metaspolit. Experienced in using Kali Linux and the associated penetration testing tool suite Nice to Have: Relevant security certifications (e.g. OSCP, CREST, Cyber Scheme.) UK SC clearance Package: £50k-£80k salary D.O.E Bonus Hybrid working (2 days onsite - Belfast office) 25 + 11 stat - annual leave Private Health Enhanced Pension scheme Please apply now if you are meeting most of the above criteria, or reach out to Andrew Harrison directly for a further discussion. Unfortunately, sponsorship is not available , so candidates must have existing right to work in the UK.
Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant / IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will also include the delivery of security training and content and supporting the promotion of a positive security culture. The role requires close collaboration with Security Architects, Testers, Engineers and senior stakeholders to achieve the balance between delivering security assured products and supporting speed of delivery. Reports to Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable) Key skills Compliance Security Architecture Security Assessment Security Audit Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Jun 10, 2025
Contractor
Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Overview As Cyber Security Assurance Consultant / IA Consultant is part of the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. The roles principally includes security manager on programmes of work collaborating across enterprises to produce end-to-end security solutions. Additional roles will also include the delivery of security training and content and supporting the promotion of a positive security culture. The role requires close collaboration with Security Architects, Testers, Engineers and senior stakeholders to achieve the balance between delivering security assured products and supporting speed of delivery. Reports to Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with Testers, Security Architects and Engineers to ensure smooth assurance process and timely delivery of contribution to assurance cases. Define Penetration Test and IT Health Check (ITHC) scope for relevant team Liaise with Joint Design Team on scope and submission of assurance case Keep Security Lead informed of progress within team and of any potential conflicts where Security Assurance issues may impede delivery Provide security approval for service support activities, including IMPEX to various systems Conduct daily checks (as part of rota) as required on nominated systems Support incident investigation and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Where delivery priorities permit, support the provision of Authority services when Authority is unable to provide such services Propose Risk Register entries to the Security Lead or Security Assurance Lead as required to agree areas of residual risk with the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe Agile methods (Desirable) Key skills Compliance Security Architecture Security Assessment Security Audit Cyber Security Assurance Consultant / IA Consultant - Nr Reading - Inside IR35 - 600 - 700 per day - 6 months + DV Cleared role, Candidates must hold a current DV level security clearance Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, CREST Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP networking (firewalls, routing, etc.). Coding/scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today! JBRP1_UKTJ
Feb 21, 2025
Full time
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, CREST Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP networking (firewalls, routing, etc.). Coding/scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today! JBRP1_UKTJ
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, Crest Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP Networking (Firewalls, routing, etc.). Coding/Scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T). Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today!
Feb 20, 2025
Full time
Job Title: Penetration Tester (Multiple Openings) Location: Bristol, UK (with frequent travel to client sites) Type: Permanent Salary: £55k - £80k We are seeking multiple Penetration Testers to join a leading technology company based in Bristol, UK. The company specialises in cybersecurity consultancy, software development, and bespoke research & development, operating across industries such as telecommunications, finance, defence, rail, and aerospace. Our team plays a key role in safeguarding critical infrastructure and supporting global organisations. As a Penetration Tester, you will be instrumental in evaluating and strengthening our clients' security frameworks. Your role will involve conducting advanced penetration testing, vulnerability assessments, and red teaming exercises to identify and mitigate security risks. Additionally, you will contribute to project management and client engagement. Key Responsibilities: Plan and execute penetration tests on networks, systems, and applications to identify security vulnerabilities. Perform in-depth vulnerability assessments, security audits, and risk analysis, providing clients with detailed reports and actionable recommendations. Collaborate with the red team to simulate real-world cyber threats and evaluate the effectiveness of security measures. Develop and utilise exploit tools to demonstrate potential vulnerabilities and assist clients in understanding associated risks. Required Skills & Qualifications: Bachelor's or master's degree in computer science, Cybersecurity, Information Security, or a related discipline. Relevant certifications: CHECK Team Member, Crest Registered Tester, or equivalent. Minimum of 2 years' experience in penetration testing and vulnerability assessment. Strong understanding of network protocols, operating systems, and security technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP/IP Networking (Firewalls, routing, etc.). Coding/Scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T). Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A dynamic and collaborative work environment. If you are an experienced Penetration Tester seeking to advance your career, apply today!
Senior Penetration Tester - Contract Role in London We are seeking a highly skilled and experienced Senior Penetration Tester for an exciting contract opportunity based in the vibrant city of London. This role offers a chance to work within dynamic environments, focusing on both web and mobile applications. The position is set for 3 months duration starting mid-March with negotiable rates. Key Details: Type: Contract (3-months) Rates: Negotiable Sector: Cybersecurity Testing / Information Security Main Responsibilities Include But Are Not Limited To : - Conducting detailed penetration tests on various web-based as well as mobile platforms. - Identifying vulnerabilities, providing recommendations & producing comprehensive reports. The ideal candidate will be working under hybrid conditions allowing flexibility between home and our office located centrally in London. The IR35 status remains TBC which we aim to clarify at the earliest possibility. If you have expertise in safeguarding digital infrastructure through ethical hacking techniques this could potentially be your next engagement! Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
Feb 08, 2025
Contractor
Senior Penetration Tester - Contract Role in London We are seeking a highly skilled and experienced Senior Penetration Tester for an exciting contract opportunity based in the vibrant city of London. This role offers a chance to work within dynamic environments, focusing on both web and mobile applications. The position is set for 3 months duration starting mid-March with negotiable rates. Key Details: Type: Contract (3-months) Rates: Negotiable Sector: Cybersecurity Testing / Information Security Main Responsibilities Include But Are Not Limited To : - Conducting detailed penetration tests on various web-based as well as mobile platforms. - Identifying vulnerabilities, providing recommendations & producing comprehensive reports. The ideal candidate will be working under hybrid conditions allowing flexibility between home and our office located centrally in London. The IR35 status remains TBC which we aim to clarify at the earliest possibility. If you have expertise in safeguarding digital infrastructure through ethical hacking techniques this could potentially be your next engagement! Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
Senior Security Test Consultant - Penetration Tester - OSCP Salary: Up to £72,000 + Private Health + Excellent Pension + Benefits + Flexi/Home Working + Full Travel Expenses Note: Sorry no sponsorship is available for this role. We are proud to collaborate with a leading Security Tech Company based in London, seeking experienced Senior Security Consultants to join their dedicated Cyber Testing Team click apply for full job details
Feb 01, 2024
Full time
Senior Security Test Consultant - Penetration Tester - OSCP Salary: Up to £72,000 + Private Health + Excellent Pension + Benefits + Flexi/Home Working + Full Travel Expenses Note: Sorry no sponsorship is available for this role. We are proud to collaborate with a leading Security Tech Company based in London, seeking experienced Senior Security Consultants to join their dedicated Cyber Testing Team click apply for full job details
Security Architect - TOGAF - CISM - CISSP Security Architect - Remote Essential Job Duties and Responsibilities: Ensure customer security requirements and responses are developed with engineering and business development teams for customer bids Lead security response to customer variation requests and ensure customer understanding of the impact of their request against new and existing security risks. Lead the delivery of design and build/operations and maintenance budget requirements for customer bids and variation requests. Ensures financial requirements for cyber resilience controls and security labour estimates are presented in cost models presented to senior leadership. Lead assurance to ensure security requirements are developed by DevOps, system engineers and other project team staff and are implemented according to cyber resilience engineering policies and customer needs and ensure that these requirements are supportable and clearly documented. Leads all security risk assessment/business impact analysis/audit for new and existing business applications or IT infrastructure and leads advice and guidance on the application and operation of physical, procedural and technical security controls within all engineering and IT solutions. Lead information security assurance within design gateways and service transition/change boards. Champion best practices for application and infrastructure/architecture design principles for the use of existing and new information security technologies across customer systems. Assure appropriate security support processes are delivered by projects to support service transition. Some manual handling may occasionally be required May be required to work on other sites and datacentres Comply with values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures. In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them. Minimum Job Requirements: Qualifications Essential: Degree or equivalent qualifications/experience Certification as an Information Security professional (eg IISP/CISA/CISM/CISSP/CCSP/ISA) Current driving licence Desirable: A university degree in a numerate subject (eg computer science, maths, engineering, natural science) Information privacy/data protection - CIPPE/+ CIPM HMG IA qualifications/CLAS; Crest-registered penetration tester and/or security architect ITIL v3/Prince2 foundation level/TOGAF Security and IT infrastructure/networking vendors' certifications Skills/Experience/Knowledge Essential: Solid exposure of taking a leading role in the establishment and implementation of security architecture, policies and procedures. Experience of secure development life cycles (SDLC) Good understanding of enterprise-scale security management process and infrastructure Exposure to current IT Security standards and regulations such as PCI-DSS, ISO 27001, SOX, DPA Exposure to enterprise IT infrastructure and tools (eg MS Windows Server, Cisco, Oracle Solaris, Linux) Superior network infrastructure and protocol knowledge Desirable: Experience of transactional revenue, Embedded, Smartcards and mobile payment systems Knowledge/experience of security architecture of major public cloud services eg Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers eg Okta Knowledge of cryptographic services Knowledge of wider security, audit, risk and compliance standards eg PCI-P2PE, PCI-POI-PTS, ISO 27701, ISO27005, ISO31000, NIST, GDPR and governance/risk/compliance tools Requirements analysis and tracing tools such as DOORS and SD Elements; OneTrust privacy tool Understanding of security within DevOps and waterfall project methods, product development Experience of application security testing tools and devops frameworks, eg SonarQube, JIRA, static & dynamic code analysis/fuzzing Development tools/environments; Java, Visual Studio, C# In depth understanding of information security control tools, eg Splunk, Crowdstrike, Trend Micro DeepSecurity, Imperva WAF, Tenable.IO/Nessus, TripWire, Cisco IPS, F5, Centrify Experience of quality management systems and external audit standards eg ISO 9001, ISAE3402
Dec 17, 2022
Full time
Security Architect - TOGAF - CISM - CISSP Security Architect - Remote Essential Job Duties and Responsibilities: Ensure customer security requirements and responses are developed with engineering and business development teams for customer bids Lead security response to customer variation requests and ensure customer understanding of the impact of their request against new and existing security risks. Lead the delivery of design and build/operations and maintenance budget requirements for customer bids and variation requests. Ensures financial requirements for cyber resilience controls and security labour estimates are presented in cost models presented to senior leadership. Lead assurance to ensure security requirements are developed by DevOps, system engineers and other project team staff and are implemented according to cyber resilience engineering policies and customer needs and ensure that these requirements are supportable and clearly documented. Leads all security risk assessment/business impact analysis/audit for new and existing business applications or IT infrastructure and leads advice and guidance on the application and operation of physical, procedural and technical security controls within all engineering and IT solutions. Lead information security assurance within design gateways and service transition/change boards. Champion best practices for application and infrastructure/architecture design principles for the use of existing and new information security technologies across customer systems. Assure appropriate security support processes are delivered by projects to support service transition. Some manual handling may occasionally be required May be required to work on other sites and datacentres Comply with values and adherence to all company policy and procedures. In particular, comply with the code of conduct, quality, security and occupational health, safety and environmental policies and procedures. In addition to the duties and responsibilities listed, the job holder is required to perform other duties assigned by their manager from time-to-time, as may be reasonably required of them. Minimum Job Requirements: Qualifications Essential: Degree or equivalent qualifications/experience Certification as an Information Security professional (eg IISP/CISA/CISM/CISSP/CCSP/ISA) Current driving licence Desirable: A university degree in a numerate subject (eg computer science, maths, engineering, natural science) Information privacy/data protection - CIPPE/+ CIPM HMG IA qualifications/CLAS; Crest-registered penetration tester and/or security architect ITIL v3/Prince2 foundation level/TOGAF Security and IT infrastructure/networking vendors' certifications Skills/Experience/Knowledge Essential: Solid exposure of taking a leading role in the establishment and implementation of security architecture, policies and procedures. Experience of secure development life cycles (SDLC) Good understanding of enterprise-scale security management process and infrastructure Exposure to current IT Security standards and regulations such as PCI-DSS, ISO 27001, SOX, DPA Exposure to enterprise IT infrastructure and tools (eg MS Windows Server, Cisco, Oracle Solaris, Linux) Superior network infrastructure and protocol knowledge Desirable: Experience of transactional revenue, Embedded, Smartcards and mobile payment systems Knowledge/experience of security architecture of major public cloud services eg Microsoft Azure, Amazon Web Services, Google Cloud, Cloud Access Service Brokers eg Okta Knowledge of cryptographic services Knowledge of wider security, audit, risk and compliance standards eg PCI-P2PE, PCI-POI-PTS, ISO 27701, ISO27005, ISO31000, NIST, GDPR and governance/risk/compliance tools Requirements analysis and tracing tools such as DOORS and SD Elements; OneTrust privacy tool Understanding of security within DevOps and waterfall project methods, product development Experience of application security testing tools and devops frameworks, eg SonarQube, JIRA, static & dynamic code analysis/fuzzing Development tools/environments; Java, Visual Studio, C# In depth understanding of information security control tools, eg Splunk, Crowdstrike, Trend Micro DeepSecurity, Imperva WAF, Tenable.IO/Nessus, TripWire, Cisco IPS, F5, Centrify Experience of quality management systems and external audit standards eg ISO 9001, ISAE3402
AppCheck is a cyber security SaaS company based in the UK. We provide a cloud-based vulnerability scanning technology that allows companies to find security vulnerabilities in their web applications and hosted infrastructure, before hackers can find and exploit them (much like an automated penetration tester). We started in 2014 with 4 people, now with 70+ in total, and growing by at least 20 peopl click apply for full job details
Nov 30, 2022
Full time
AppCheck is a cyber security SaaS company based in the UK. We provide a cloud-based vulnerability scanning technology that allows companies to find security vulnerabilities in their web applications and hosted infrastructure, before hackers can find and exploit them (much like an automated penetration tester). We started in 2014 with 4 people, now with 70+ in total, and growing by at least 20 peopl click apply for full job details
Senior Consultant, Security Testing (United Kingdom) We're hiring! This is an exciting opportunity for candidates with substantial experience in Penetration Testing, looking to take the next step up to further develop their skills an become a subject matter expert in the field. You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development. Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open-source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere. In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We are also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. About the role As a Senior Consultant, you can expect to get involved in: Application penetration testing and application source code review. Secure Development Lifecycle consultancy and advisory. Vulnerability and penetration assessments on Internet exposed and internal systems. Applying and developing appropriate exploits to gain access and expand access to remote systems. Documenting technical issues identified during security assessments. Interface with clients when working on engagements on-site. Mentoring more junior colleagues and supporting managers whenever necessary. Perform peer review and quality checks on work product from other colleagues. Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications. About you The following qualifications are expected from potential applicants: At least 3 years of experience in performing application and/or infrastructure penetration testing independently. Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java. Familiarity with threat modelling and security design review methodologies. A good understanding of Unix, Windows and network security. Degree from an accredited University or equivalent. CREST Certified Tester (CCT) or equivalent. Excellent written and communication skills in English. Ability to work both independently and in a team environment. Passion for technology and a drive for self-learning, paired with good customer facing skills. Currently resident within the European Union, or not requiring work permit sponsorship. The following items are not required but would be considered a differentiator: Additional security and penetration testing certifications. Degree in Computer Science, Information Systems, Engineering or related major. Experience working as part of an enterprise development team. Experience developing custom scripts or tools used for vulnerability scanning and identification. Fluency in an additional Western European language, other than English. Salary and Benefits This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you can choose additional benefits, including healthcare, childcare vouchers, and additional holiday. About Cyber Solutions Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents. About Aon Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement, and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance
Sep 21, 2022
Full time
Senior Consultant, Security Testing (United Kingdom) We're hiring! This is an exciting opportunity for candidates with substantial experience in Penetration Testing, looking to take the next step up to further develop their skills an become a subject matter expert in the field. You will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, together with a significant investment in your learning and professional development. Our international Security Testing team specializes in application and network infrastructure security, read teaming and source code review, publishes books and security blogs, contributes to open-source software projects, and are engaged in a variety of continuous security research projects. This is an exciting opportunity for someone who enjoys performing deep technical work in a fun and casual atmosphere. In the United Kingdom, our Security Testing services are delivered through our subsidiary Gotham Digital Science Limited which is member of the UK industry body CREST (the Council of Registered Ethical Security Testers) as well as a member of the UK Government CHECK scheme, allowing us to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. We are also an accredited CBEST penetration testing provider, allowing us to provide intelligence-led penetration testing as part of the Bank of England CBEST scheme. About the role As a Senior Consultant, you can expect to get involved in: Application penetration testing and application source code review. Secure Development Lifecycle consultancy and advisory. Vulnerability and penetration assessments on Internet exposed and internal systems. Applying and developing appropriate exploits to gain access and expand access to remote systems. Documenting technical issues identified during security assessments. Interface with clients when working on engagements on-site. Mentoring more junior colleagues and supporting managers whenever necessary. Perform peer review and quality checks on work product from other colleagues. Instructor-led and self-guided training activities, including you working towards attaining company funded security certifications. About you The following qualifications are expected from potential applicants: At least 3 years of experience in performing application and/or infrastructure penetration testing independently. Development and/or source code review experience in one or more of these languages: C/C++, C#, VB.NET, ASP, PHP, Python or Java. Familiarity with threat modelling and security design review methodologies. A good understanding of Unix, Windows and network security. Degree from an accredited University or equivalent. CREST Certified Tester (CCT) or equivalent. Excellent written and communication skills in English. Ability to work both independently and in a team environment. Passion for technology and a drive for self-learning, paired with good customer facing skills. Currently resident within the European Union, or not requiring work permit sponsorship. The following items are not required but would be considered a differentiator: Additional security and penetration testing certifications. Degree in Computer Science, Information Systems, Engineering or related major. Experience working as part of an enterprise development team. Experience developing custom scripts or tools used for vulnerability scanning and identification. Fluency in an additional Western European language, other than English. Salary and Benefits This role offers a competitive salary and bonus, plus a comprehensive benefits package and 25 days holiday. Through our flexible benefits, you can choose additional benefits, including healthcare, childcare vouchers, and additional holiday. About Cyber Solutions Aon's Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents. About Aon Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement, and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance
