23 jobs found

CHECK Team Leader - Up to £80,000 (Remote with occasional travel to client sites) We're seeking a certified CHECK Team Leader to lead high-impact security testing across enterprise and cloud environments. This is a key role for an experienced professional ready to take ownership of critical engagements and mentor junior testers. Key Responsibilities: * Lead infrastructure and cloud penetration tests (AWS, Azure, AD, Kubernetes). * Mentor and support junior team members. * Deliver clear, risk-focused technical reports. * Support red teaming, adversary emulation, and R&D activities. * Contribute to tooling and service development. Required Skills & Experience: * CHECK Team Leader certification (CTL-INF - Cyber Scheme or Crest). * 2+ years as a CTL and 3+ years of penetration testing experience. * Strong knowledge of Active Directory, infrastructure, and cloud security. * Proficiency with tools like Burp Suite, Nmap, Metasploit, and Impacket. * Excellent written and verbal communication skills. Desirable: * Certifications: OSCP, OSEP, CRTO. * Scripting with Python, Bash, or PowerShell. * Experience in red or purple teaming. Other Requirements: * UK residency for the past 5 years. * Must be Eligible for SC/DV clearance. * Full UK driving licence. * Willingness to travel for client engagements within the UK. A fantastic opportunity for a skilled penetration tester to step into a senior leadership role. Apply now to help defend the UK's critical systems.

Internal Pen Tester Location: London (Hybrid - 2/3 days in office) Contract Length: 6 months Rate: £420 per day - Inside IR35 The Role We are seeking an Internal Penetration Tester to join on a 6-month contract. You will carry out advanced penetration testing across applications, APIs, internal infrastructure, networks, and cloud environments. The role involves simulating real-world attacks, identifying vulnerabilities, and providing clear remediation guidance to improve overall security posture. Key Responsibilities Conduct full-scope penetration tests of applications, APIs, networks, cloud, and internal infrastructure. Perform network testing, Active Directory enumeration/abuse, and privilege escalation. Identify weaknesses in authentication, authorization, input validation, and cloud/AD configurations. Simulate attacker techniques to test system resilience. Produce clear reports for both technical and executive audiences, including remediation advice. Collaborate with development, cloud, and infrastructure teams to close vulnerabilities. Candidate Profile Essential Skills & Experience 3-7+ years in penetration testing, red teaming, or offensive security. Strong application security knowledge (OWASP Top 10, API security). Hands-on experience in end-to-end pentests (internal, external, cloud, AD, web app, API). Strong Scripting skills (Python, Shell, Bash). Comfortable with Windows, Linux, Active Directory, Azure AD/Entra ID. Cloud platforms: AWS, Azure, GCP. Practical knowledge of tools such as Nmap, Nessus, Metasploit, Burp Suite, SQLmap, ScoutSuite, Pacu. Desirable Excellent client communication and reporting skills. Security certifications (eg OSCP, OSEP, GPEN, eCPPT, AWS/Azure Security). Strong analytical and problem-solving skills.

About the role A White Hat hacker tests systems and networks by trying to break into them. They are hackers, but their talents are being used to improve Cyber Security. Being hackers, they are familiar with the tactics that malicious hackers use to compromise systems; White Hat hackers try to find the vulnerabilities before the bad guys do. Will act as Ethical white hat attacker (red teamer) to simulate cyber-attacks, and/or Defensive cybersecurity personnel (blue teamer) to harden against simulated attacks. Develops and prepares penetration testing Rules of Engagement, test plans, and reports. Provides recommended remediation actions to lower overall risk exposure, as required. Provides technical expertise on penetration testing tools and simulation environment. Knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design, and functionalities with an interest in performing penetration testing of diverse and challenging IT systems and applications. Key responsibilities Researching the intended application or system target via both open-source and dark-web channels Scanning target networks and systems with commercial, open-source, or custom vulnerability scanners Identify potential vulnerabilities that can be exploited Based on the vulnerabilities designing a plan of attack that can includes: Exploiting software vulnerabilities, systemic vulnerabilities, Input / output manipulation, or any combination of those factors Testing business logic vulnerabilities Bypassing existing security controls such as one-time passwords, tokens etc. Able to develop scripts (e.g Python, Shell, PowerShell, Ruby, Perl etc) to be used a payload and exploiting vulnerabilities Drive remediation by outlining a defence-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures. Technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience. What you'll bring Deep knowledge of network protocols (IPV6, DNS, HTTP, etc) and accompanying tools (Wireshark, TCPDump, etc) Understanding of network administration of Routers and Switching technology (CCNA a plus) Understanding of and the ability to perform penetration testing Understanding of penetration testing tools and techniques (Kali, Backtrack, Metasploit) Understanding of how malicious software works (malware, trojans, rootkits, etc) Certifications Canididates should possess any one of the following industry certifications CISSP - ISC2 Offensive Security Certified Professional Certified Ethical Hacker Certified Pentester Web Application Penetration Tester (GWAPT) Exploit Researcher and Advanced Penetration Tester (GXPN) What we'll offer you We strongly believe that everybody's career path is different. We will proactively support your professional development and accelerated career progression - including opportunities to grow your capability and deliver. We work in an environment that encourages entrepreneurial spirit, and although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you. Why we're different At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-ground-breaking technical solutions to complex problems are the norm. But so, too, is a culture that's as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too. Capgemini is proud to represent nearly 130 nationalities and the cultural diversity that brings. Our holistic definition of diversity extends beyond gender, gender identity, sexual orientation, disability, ethnicity, race, age and religion. Capgemini views diversity as everything that makes us who we are as an organization, including our social background, our experiences in life and work, our communication styles and even our personality. These dimensions contribute to the type of diversity we value the most: diversity of thought. About us A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients' opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion. People matter, results count.

Job Title: Senior Penetration Tester Day Rate: Excellent Day Rate IR35 Status: Inside IR35 Contract Length: 6-months (Initial) Hybrid Location: 2 days per week in Central London, 3 days remote. About the Client and the Role: My client, a prestigious and globally renowned name in financial services is seeking an experienced Penetration Tester to apply their expertise on an initial 6-month basis, with a key focus on end-to-end delivery of penetration testing of applications and ensuring compliance standards are met. Main Responsibilities: Penetration Testing and ensuring compliance of a wide array of software and applications Managing Test Requirements Helping functions such as Threat Intel, Python Scripting, Automation Candidate Requirements: Strong background in Penetration Testing in major environments Experience with Python Scripting Knowledge and experience of Threat Intel and Automation To be considered, please ensure you complete your application on the Computappoint website. Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy.

Network Security Penetration Tester - Remote - 6 months+/RATE: £325 per day (Tester, Test, Testing, Test Analyst, Test Consultant, Test Engineer, Test Specialist, Security Consultant, Security Engineer, Network, Networking) One of our Blue Chip Clients is urgently looking for a Network Security Penetration Tester. Please find some details below: Assignment Description Resource should have PSC (Personal Security Clearance). Strong knowledge of the OWASP, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click jacking, buffer overflows, etc. Experience in manual Application/Network penetration testing. Should have experience in Network Pen testing (DNS, DHCP, Linux, Windows, Firewall, Router, Switch, VLAN, etc.) tools and techniques. Thorough understanding of common web technologies like .NET, PHP, Java, XML, SAML, SOA, SOAP, web services etc and protocols including HTTP(S), DNS, FTP, SSH etc. Should have knowledge on Risk Rating Standards like DREAD, CVSS etc. Expert in web security testing tools like Proxy Editors, Network Sniffing tools, Web-Vulnerability scanners. Experience in tools like Kali Linux GDB, Hopper, IDA Pro Cycript, class-dump-¬z Nmap, Nessus, Msf, Dex2jar, apktool, introspy, IDB, genymotion, Appscan/Burp suite Hands on Vulnerability Management experience (Application Security and VAPT). Threat Modelling & Security Architecture Reviews Preparing audit reports and tracker sheets for each application/server/network equipment's. Please send CV for full details and immediate interviews. We are a preferred supplier to the client.

About The Role The primary function of the Penetration Tester in the CST team is to continually review the customers' defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. The Penetration Tester is also responsible for pre-engagement activities including scoping, statements...... click apply for full job details

About The Role The Continuous Security Testing service is a consultant led vulnerability identification and verification service which makes use of automated vulnerability scanning along with significant manual testing against a broad scope in a continuing engagement. The purpose of the service is to continually monitor a customer's external attack surface for new vulnerabilities, changes in the sc...... click apply for full job details

PENETRATION TESTER (SECURITY ANALYST) - BRUSSELS (6 MONTHS +) My client, based in Brussels, is looking for a Security Analyst to join their Cyber Security Team. Role * Planning and coordination of Penetration Tests * Analysis of Tests * Explanation and communications of findings to IT team * Following up on findings and suggesting amendments/improvements Required * Solid background in IT Security (Infra or Application) * Experience with Penetration Testing and following up on findings * Experience Security best practices (IAM, app/infra/network security) * Ideally knowledge of ISO27002 * Background knowledge with Unix and mainframe systems would be an advantage DETAILS * LOCATION: Brussels * DURATION: 6 Months+ * START DATE: ASAP If you wish to be considered for the position available, please e-mail an up to date CV with a contact number to: or alternatively call on +32 (0)2 320 12 57. Please forward this advert on to anyone who might be interested in this position. Vivid Resourcing are committed to equality of opportunity for all applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships or any other characteristic protected by law

What do we do? We are an autonomous and independently audited cyber security evaluation centre, conducting security research into the safety and security of various products and services used inside of the UK such as smartphones to core networks in fibre broadband and 2G, 3G and 4G networks. Due to the secure nature of our client’s project, the successful candidate must either hold valid or be willing to undergo DV Clearance prior to the commencement of the project. We’re conducting world leading security capabilities as well as using deep dive investigative techniques and elite vulnerability research. We don’t just run Nessus, if there isn’t a tool for what we want to test, we build one. What do we need? Above all else we’d like to speak with passionate and proactive offensive security professionals with a strong low level, ground up knowledge. We’re not just running tick box exercises, that’s why you’ll need to know the fundamentals. You’ll be the sort of person that is fascinated by pulling things apart and breaking them; who comes across something a bit odd and can’t help but investigate it further. In terms of technical experience, you’ll need to be familiar with: * Reverse Engineering * Exploit Development * Using and/or creating bespoke tools * Embedded Systems * Networking * Internet Protocol * Static & Dynamic Analysis * Bonus points for… * Programming (Object oriented languages and/or assembly a bonus) * Degree in Computer Science, Electrical Engineering, Robotics or similar What’s in it for me? You’ll get to literally throw everything at projects and investigate in ways that are not common place in other security teams. You’ll be dealing with bugs that could potentially effect the nation so you’ll be doing innovative vulnerability research in a fun and collaborative environment, using cutting edge technologies. You’ll get to work with some of the most talented cyber security professionals in the country and benefit from their knowledge. You’ll be encouraged to cross skill and be free to take on personal research and personal development in the 20% of time we allocate. You’ll have access to an individual personal training budget and have plenty of opportunity to grow because we actively promote professional development. If you’d like to discuss the role in more detail you can contact our recruitment partner Outsource UK for more information. Contact Shirin Fahri on (Apply online only) or email (url removed). Alternatively, to skip this and meet us, contact us for details on our security event in Leamington on 25th October and receive our attendee challenge to get a ticket! Shirin Fahri (Apply online only) (url removed) Please visit our website (url removed)

Application Security Consultant - Coventry - £50k A global transportation company is currently seeking to add an application security consultant to their security division. This is an opportunity to work for a global transportation network that provides rapid, reliable, time-definite delivery of shipments worldwide. A state-of-the-art information technology network enables information-rich service offerings. With more than 2.5 million electronically connected customers through its web site or Customer automation systems and over 200 applications, this is a role with a lot of variety and one that will continually test and upskill you. This position will augment the EU Information Security team in its role of supporting multiple Information Security domains across the EU. You will be involved in the continuing day-to-day support activities around network connectivity and Security infrastructure and applications You will be key in the continuing support efforts around network connectivity, perimeter security, ensuring adherence to FedEx standards, PCI controls, Mergers/Acquisitions and Integrations. This position will help grow the footprint of Information Security in the EU region and support business expansion. The indeal candidate will need to have extensive experience in Security Principles and Products and in particular, application security and penetration testing. Location: Coventry Salary £50k - £55k Apply with your CV to be considered

Application Security Consultant - Coventry - £50k A global transportation company is currently seeking to add an application security consultant to their security division. This is an opportunity to work for a global transportation network that provides rapid, reliable, time-definite delivery of shipments worldwide. A state-of-the-art information technology network enables information-rich service offerings. With more than 2.5 million electronically connected customers through its web site or Customer automation systems and over 200 applications, this is a role with a lot of variety and one that will continually test and upskill you. This position will augment the EU Information Security team in its role of supporting multiple Information Security domains across the EU. You will be involved in the continuing day-to-day support activities around network connectivity and Security infrastructure and applications You will be key in the continuing support efforts around network connectivity, perimeter security, ensuring adherence to FedEx standards, PCI controls, Mergers/Acquisitions and Integrations. This position will help grow the footprint of Information Security in the EU region and support business expansion. The indeal candidate will need to have extensive experience in Security Principles and Products and in particular, application security and penetration testing. Location: Coventry Salary £50k - £55k Apply with your CV to be considered

Senior Penetration Tester - London A penetration Tester is required for a consultancy who have grown very rapidly over the past few years, and continues to do so. The team combines a wealth of deep industry knowledge with both business advisory experience and technical expertise. They provide their clients a full spectrum of services encompassing information security, corporate and physical security and business and technology resilience to help clients fix their issues and bring them real, long-lasting benefits. As part of the team, you'll be responsible for leading attack and penetration testing engagements to identify security weaknesses within client's IT environments, reporting on issues and making recommendations for their remediation. You will be involved in vulnerability management engagements which include: network and host layer vulnerability assessments, firewall and networking device reviews, web application assessments, source code reviews and targeting the physical security of the infrastructure or buildings. This company has a unique blend of large corporate with a boutique style security practise. In a relaxed environment, you'll be able make us of an industry leading digital hub in order to train and develop your skills. They foster a collaborative culture where talented individuals can produce their best work. They value innovative thinking, diverse insights and a genuinely distinctive level of customer service through expertise and professionalism. This position offers an approach which combines insight and innovation from multiple disciplines with global business and industry expertise to help clients excel anywhere in the world. As a consultant, you will deliver outstanding impact on the reputation and success of clients, in the UK and globally Qualifications Requirements Currently looking for Consultants through to Senior Consultants with specific expertise in the following: * Experience of working with applications that perform a wide range of business functions - ideally across multiple industries * Ability to understand and assess applications from both a technical and business function perspective * Prior experience of performing web application penetration tests, to identify weaknesses in security controls and the business risks associated with these * Preferred: * CISSP * Security Check (SC) national security clearance * CREST CRT, CCT or equivilant * Web development - .NET, Java, PHP * Reverse engineering * Salary is flexible as they are making multiple hires but can expesct between £50,000 - £100,000 per annum. Apply with your CV to be considered

Senior Penetration Tester - London A penetration Tester is required for a consultancy who have grown very rapidly over the past few years, and continues to do so. The team combines a wealth of deep industry knowledge with both business advisory experience and technical expertise. They provide their clients a full spectrum of services encompassing information security, corporate and physical security and business and technology resilience to help clients fix their issues and bring them real, long-lasting benefits. As part of the team, you'll be responsible for leading attack and penetration testing engagements to identify security weaknesses within client's IT environments, reporting on issues and making recommendations for their remediation. You will be involved in vulnerability management engagements which include: network and host layer vulnerability assessments, firewall and networking device reviews, web application assessments, source code reviews and targeting the physical security of the infrastructure or buildings. This company has a unique blend of large corporate with a boutique style security practise. In a relaxed environment, you'll be able make us of an industry leading digital hub in order to train and develop your skills. They foster a collaborative culture where talented individuals can produce their best work. They value innovative thinking, diverse insights and a genuinely distinctive level of customer service through expertise and professionalism. This position offers an approach which combines insight and innovation from multiple disciplines with global business and industry expertise to help clients excel anywhere in the world. As a consultant, you will deliver outstanding impact on the reputation and success of clients, in the UK and globally Qualifications Requirements Currently looking for Consultants through to Senior Consultants with specific expertise in the following: * Experience of working with applications that perform a wide range of business functions - ideally across multiple industries * Ability to understand and assess applications from both a technical and business function perspective * Prior experience of performing web application penetration tests, to identify weaknesses in security controls and the business risks associated with these * Preferred: * CISSP * Security Check (SC) national security clearance * CREST CRT, CCT or equivilant * Web development - .NET, Java, PHP * Reverse engineering * Salary is flexible as they are making multiple hires but can expesct between £50,000 - £100,000 per annum. Apply with your CV to be considered