Security Penetration Tester

Salary: £78,000 - 78,000 per year

• Strong knowledge of manual penetration testing techniques
• Confident with operating systems and tools such as Tenable, Burp Suite, Kali Linux
• Exposure to remediating vulnerabilities and patch management in a complex business environment
• Experience in remediating cyber risks in the digital estate
• Experience in a penetration testing enterprise environment
• Ability to prepare detailed reports and present findings to key stakeholders
• Cyber security industry certification(s) such as CSTM/CRT/OSCP/CTL
• Understanding of different patching management techniques and approaches for various technology stacks (e.g., SaaS, IaaS, End-User Computing, Server Estate)
• Knowledge of TVM concepts, technologies, and best practices, including OSINT tools, vulnerability assessment, and threat modelling

• Support and develop an internal penetration testing function
• Conduct network and application penetration testing, code, and security reviews
• Identify and exploit vulnerabilities through proof-of-concept testing
• Support vulnerability management across the enterprise with a framework for identification, categorisation, and mitigation
• Create and support the operating model for vulnerability management across the business
• Develop and maintain penetration testing documentation, policies, and procedures
• Integrate cyber security solutions, including vulnerability scanning tools, with existing systems
• Evaluate and recommend technologies, tools, and vendors to meet business needs
• Investigate newly identified cyber security vulnerabilities and provide appropriate mitigation actions
• Liaise with technology and business stakeholders regarding cyber security patching and vulnerability management
• Maintain a cyber threat assessment methodology aligning with industry standards
• Support proactive threat hunting for new and emerging cyber threats
• Develop and maintain dashboards with cyber security threat and vulnerability metrics
• Ensure compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS, and ISO 27001

• IaaS
• Support
• Linux
• Network
• Security

We are Thames Water, the UKs largest water and wastewater company, serving over 16 million customers daily. Our mission is to build a better future for all, helping our customers, communities, people, and the planet thrive. As a Security Penetration Tester, you will join our hybrid team based in Clearwater Court, Reading, and enjoy a competitive salary of up to £78,000 per annum, along with 26 days of annual leave increasing to 30 with service, a generous pension scheme, and various health and well being benefits. We are committed to creating a diverse and inclusive workplace, and we welcome applications from everyone. Together, we can make a daily difference for millions while protecting the world of water for future generations.