The job you are looking for has been deleted or has expired. CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 1700 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and many more. At CGI you will get the opportunity to work across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. This is a good opportunity for a junior penetration tester to work alongside and learn from experienced penetration testers (CHECK Team Members and CHECK Team Leaders) at CGI, joining the Cyber Security business unit, one of the largest groups of cyber security specialists in the UK. CGI has a long-established reputation in this area, undertaking rigorous testing for a variety of commercial and public sector clients for over 30 years. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Start date: As soon as possible Location: United Kingdom
25/06/2026
Full time
The job you are looking for has been deleted or has expired. CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 1700 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and many more. At CGI you will get the opportunity to work across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. This is a good opportunity for a junior penetration tester to work alongside and learn from experienced penetration testers (CHECK Team Members and CHECK Team Leaders) at CGI, joining the Cyber Security business unit, one of the largest groups of cyber security specialists in the UK. CGI has a long-established reputation in this area, undertaking rigorous testing for a variety of commercial and public sector clients for over 30 years. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Start date: As soon as possible Location: United Kingdom
The job you are looking for has been deleted or has expired. CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 1700 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and many more. At CGI you will get the opportunity to work across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. This is a good opportunity for a junior penetration tester to work alongside and learn from experienced penetration testers (CHECK Team Members and CHECK Team Leaders) at CGI, joining the Cyber Security business unit, one of the largest groups of cyber security specialists in the UK. CGI has a long-established reputation in this area, undertaking rigorous testing for a variety of commercial and public sector clients for over 30 years. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Start date: As soon as possible Location: United Kingdom
25/06/2026
Full time
The job you are looking for has been deleted or has expired. CGI Cyber Security Team in the UK is one of the largest Cyber consultancies in the UK with around 1700 members. The UK Cyber team works across a variety of domains including: Government, Defence, Critical Infrastructure, Healthcare, Utilities, Banking and Financial Services and many more. At CGI you will get the opportunity to work across a number of domains and work in all areas of Cyber Security allowing you to grow and develop your career. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. This is a good opportunity for a junior penetration tester to work alongside and learn from experienced penetration testers (CHECK Team Members and CHECK Team Leaders) at CGI, joining the Cyber Security business unit, one of the largest groups of cyber security specialists in the UK. CGI has a long-established reputation in this area, undertaking rigorous testing for a variety of commercial and public sector clients for over 30 years. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Start date: As soon as possible Location: United Kingdom
We're looking for a highly skilled Principal Penetration Tester with CHECK Team Lead (CTL) status to join our dynamic security team. This is a senior, hands on role where you'll lead and deliver complex penetration testing engagements across infrastructure, cloud, web, and mobile applications for a diverse range of clients, including software, fintech, manufacturing, engineering, legal, and public sector organisations. You'll play a pivotal role in shaping our offensive security services-coordinating end to end testing, mentoring junior testers, and contributing to the evolution of our methodologies. If you thrive on tackling challenging security problems, enjoy working in a collaborative environment, and want to keep pushing your technical boundaries, we'd love to hear from you. What You'll Do Lead and execute penetration tests across infrastructure, cloud, web, and mobile applications. Manage end to end engagements: from scoping and kick off sessions to delivery and client debriefs. Produce detailed, actionable reports outlining vulnerabilities and tailored remediation steps. Stay ahead of emerging threats by researching new offensive techniques and integrating them into our methodology. Automate repetitive tasks and streamline testing processes through scripting. Mentor and coach junior testers, supporting their technical growth and career development. Enhance tools and methodologies, ensuring our services remain cutting edge. Support pre sales efforts as a subject matter expert in penetration testing. Communicate findings effectively to both technical and non technical stakeholders. Contribute to thought leadership through blogs, white papers, or speaking engagements. Essential Skills CHECK Team Lead (CTL) status - Infrastructure preferred; Applications also considered. Current UK SC Clearance. Minimum 5 years' penetration testing experience, with a proven track record of complex engagements. Proven experience in cloud security reviews (AWS, Azure, GCP). Deep expertise in web, mobile, and network penetration testing methodologies. Advanced knowledge of operating systems (Linux, Windows, Active Directory). Familiarity with cloud environments and ability to perform cloud security reviews. Proficiency with tools such as BurpSuite Pro, Nmap, Nessus, Metasploit, and Kali Linux. Strong scripting skills (Python, Shell, etc.). Excellent communication and technical report writing skills. Nice to Have Additional certifications: OSCP, CSTL/CCT, Cyber Scheme, CREST. UK Cyber Security Council Chartership (Principal or above). Experience with Hack The Box or Capture the Flag simulations. Exposure to advanced testing techniques and red team engagements. Why Join Instil? At Instil, we believe great work starts with happy, motivated people. That's why we've built a benefits package that supports your wellbeing, growth, and life outside of work, because when you thrive, so do we. Recognition That Matters: A discretionary annual performance bonus that rewards your impact and contribution to our success. Flexibility Built In: Flexible working arrangements and summer hours, because life isn't 9 to 5, and balance matters. Financial Security: A highly competitive pension scheme with generous employer contributions, private healthcare, and life assurance for peace of mind. Health & Wellbeing: Employee Assistance Programme, mental health support, cycle to work scheme, and regular social events to keep our culture vibrant. Time to Recharge: 35 days holiday, enhanced maternity pay, and family first policies so you can focus on what matters most. Learning Never Stops: From courses to certifications, we'll invest in your development so you can keep growing and shaping what's next. Community & Culture: Opportunities to volunteer, give back, and be part of initiatives that make Instil a truly inclusive and connected workplace. And that's just the start, drop us a note to find out more. Company Description Instil has been delivering world class software engineering and technology solutions for over 20 years, trusted by global brands to solve complex challenges and drive innovation. From modernising legacy systems to building cutting edge applications, we help our clients navigate an ever changing digital landscape with confidence and agility. We're proud to be an award winning employer, reflecting how our people are at the heart of everything we do: Recognised as a Great Place to Work for three consecutive years, and in 2024 ranked in the Top 20 Best Workplaces in the UK for medium size companies. Winner of Company of the Year at the Digital DNA Awards 2022, celebrating excellence in Northern Ireland's tech sector. Driven by a love for technology and a commitment to excellence, we bring together people who want to make a difference. We'll support your journey, because your success is part of ours.
17/06/2026
Full time
We're looking for a highly skilled Principal Penetration Tester with CHECK Team Lead (CTL) status to join our dynamic security team. This is a senior, hands on role where you'll lead and deliver complex penetration testing engagements across infrastructure, cloud, web, and mobile applications for a diverse range of clients, including software, fintech, manufacturing, engineering, legal, and public sector organisations. You'll play a pivotal role in shaping our offensive security services-coordinating end to end testing, mentoring junior testers, and contributing to the evolution of our methodologies. If you thrive on tackling challenging security problems, enjoy working in a collaborative environment, and want to keep pushing your technical boundaries, we'd love to hear from you. What You'll Do Lead and execute penetration tests across infrastructure, cloud, web, and mobile applications. Manage end to end engagements: from scoping and kick off sessions to delivery and client debriefs. Produce detailed, actionable reports outlining vulnerabilities and tailored remediation steps. Stay ahead of emerging threats by researching new offensive techniques and integrating them into our methodology. Automate repetitive tasks and streamline testing processes through scripting. Mentor and coach junior testers, supporting their technical growth and career development. Enhance tools and methodologies, ensuring our services remain cutting edge. Support pre sales efforts as a subject matter expert in penetration testing. Communicate findings effectively to both technical and non technical stakeholders. Contribute to thought leadership through blogs, white papers, or speaking engagements. Essential Skills CHECK Team Lead (CTL) status - Infrastructure preferred; Applications also considered. Current UK SC Clearance. Minimum 5 years' penetration testing experience, with a proven track record of complex engagements. Proven experience in cloud security reviews (AWS, Azure, GCP). Deep expertise in web, mobile, and network penetration testing methodologies. Advanced knowledge of operating systems (Linux, Windows, Active Directory). Familiarity with cloud environments and ability to perform cloud security reviews. Proficiency with tools such as BurpSuite Pro, Nmap, Nessus, Metasploit, and Kali Linux. Strong scripting skills (Python, Shell, etc.). Excellent communication and technical report writing skills. Nice to Have Additional certifications: OSCP, CSTL/CCT, Cyber Scheme, CREST. UK Cyber Security Council Chartership (Principal or above). Experience with Hack The Box or Capture the Flag simulations. Exposure to advanced testing techniques and red team engagements. Why Join Instil? At Instil, we believe great work starts with happy, motivated people. That's why we've built a benefits package that supports your wellbeing, growth, and life outside of work, because when you thrive, so do we. Recognition That Matters: A discretionary annual performance bonus that rewards your impact and contribution to our success. Flexibility Built In: Flexible working arrangements and summer hours, because life isn't 9 to 5, and balance matters. Financial Security: A highly competitive pension scheme with generous employer contributions, private healthcare, and life assurance for peace of mind. Health & Wellbeing: Employee Assistance Programme, mental health support, cycle to work scheme, and regular social events to keep our culture vibrant. Time to Recharge: 35 days holiday, enhanced maternity pay, and family first policies so you can focus on what matters most. Learning Never Stops: From courses to certifications, we'll invest in your development so you can keep growing and shaping what's next. Community & Culture: Opportunities to volunteer, give back, and be part of initiatives that make Instil a truly inclusive and connected workplace. And that's just the start, drop us a note to find out more. Company Description Instil has been delivering world class software engineering and technology solutions for over 20 years, trusted by global brands to solve complex challenges and drive innovation. From modernising legacy systems to building cutting edge applications, we help our clients navigate an ever changing digital landscape with confidence and agility. We're proud to be an award winning employer, reflecting how our people are at the heart of everything we do: Recognised as a Great Place to Work for three consecutive years, and in 2024 ranked in the Top 20 Best Workplaces in the UK for medium size companies. Winner of Company of the Year at the Digital DNA Awards 2022, celebrating excellence in Northern Ireland's tech sector. Driven by a love for technology and a commitment to excellence, we bring together people who want to make a difference. We'll support your journey, because your success is part of ours.
Junior Security Testing Analyst Location: London SE1 (Hybrid Working available following successful training and onboarding) Salary: £30,000 - £35,000 Depending on Experience + Excellent Benefits & Career Progression Full Time / Permanent Remarkable Jobs are recruiting on behalf of a growing Cyber Security Consultancy. We are seeking a motivated and technically curious Junior Security Testing Analyst to join a growing Cyber Security team based in London. This is an excellent opportunity for someone with around 1-2 years of Cyber Security experience who is looking to develop their career within Vulnerability Assessment, Penetration Testing, and Security Testing. The successful Junior Security Testing Analyst will work alongside experienced Penetration Testers and Security Consultants, supporting the delivery of vulnerability assessments, attack surface reviews, security testing activities, and remediation programmes across a diverse portfolio of clients. This role offers a clear progression path towards becoming a Penetration Tester, supported by mentoring, practical client work, and funded certifications. Please note: Unfortunately, this role is not able to offer visa sponsorship or visa transfer support. Applicants must already have the unrestricted right to work in the UK. Junior Security Testing Analyst Role: As a Junior Security Testing Analyst , you will play a key role in supporting the delivery of Vulnerability Assessment and Security Testing services. You will investigate vulnerabilities, validate findings, perform reconnaissance and enumeration activities, and assist with client-facing reporting and remediation support. Junior Security Testing Analyst Key Responsibilities: Support the delivery of Vulnerability Assessments, Penetration Testing, Attack Surface Management, and Security Testing services. Perform reconnaissance, enumeration, service analysis, and vulnerability identification activities. Configure, schedule, and monitor vulnerability scans using approved security testing tools. Review scan results, validate findings, and help reduce false positives. Investigate exposed services, insecure configurations, and common infrastructure weaknesses. Assist with penetration testing activities under the guidance of experienced Security Consultants. Support vulnerability research, evidence gathering, and technical reporting. Coordinate remediation follow-up and retesting activities. Maintain accurate documentation, testing records, and asset inventories. Follow recognised security frameworks and testing methodologies, including OWASP and CREST-aligned practices. What They Are Looking For: Essential: Approximately 1-2 years of Cyber Security experience. Exposure to Vulnerability Assessment, Security Testing, Vulnerability Management, or Junior Penetration Testing. Good understanding of networking fundamentals including TCP/IP, DNS, HTTP/S, ports, and services. Working knowledge of Linux and Windows environments. Familiarity with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, Qualys, or similar. Exposure to security testing tools such as Nmap, Burp Suite, Kali Linux, Metasploit, Nikto, or Gobuster. Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and remediation processes. Awareness of the OWASP Top 10 and common web application vulnerabilities. Strong written communication and report-writing skills. Desirable: CREST CPSA, CompTIA Security+, CompTIA PenTest+, eJPT, PNPT, or similar Cyber Security certifications. Experience using platforms such as Hack The Box, TryHackMe, PortSwigger Academy, or Offensive Security Labs. Scripting experience in Python, Bash, PowerShell, or similar. Exposure to AWS, Azure, or GCP security concepts. Bug bounty or responsible disclosure experience. Junior Security Testing Analyst Key Attributes: Passionate about Cyber Security and ethical hacking. Naturally curious with a strong desire to learn and develop. Methodical and detail-oriented. Strong analytical and problem-solving skills. Comfortable investigating and validating technical findings. Collaborative team player with excellent communication skills. Committed to continuous professional development. What's on Offer: Excellent benefits package. Clear career progression pathway into Penetration Testing and Security Consulting. Direct mentoring from experienced Cyber Security professionals. Funded training and industry-recognised certifications. Exposure to real-world client environments and security testing engagements. Hybrid working available following successful training and onboarding. Opportunity to join a collaborative and growing Cyber Security team. Long-term career development within a respected and expanding Cyber Security consultancy. If you're looking to build a long-term career within Cyber Security and want to develop your technical skills within a supportive and professional environment, we'd love to hear from you. Apply now!
15/06/2026
Full time
Junior Security Testing Analyst Location: London SE1 (Hybrid Working available following successful training and onboarding) Salary: £30,000 - £35,000 Depending on Experience + Excellent Benefits & Career Progression Full Time / Permanent Remarkable Jobs are recruiting on behalf of a growing Cyber Security Consultancy. We are seeking a motivated and technically curious Junior Security Testing Analyst to join a growing Cyber Security team based in London. This is an excellent opportunity for someone with around 1-2 years of Cyber Security experience who is looking to develop their career within Vulnerability Assessment, Penetration Testing, and Security Testing. The successful Junior Security Testing Analyst will work alongside experienced Penetration Testers and Security Consultants, supporting the delivery of vulnerability assessments, attack surface reviews, security testing activities, and remediation programmes across a diverse portfolio of clients. This role offers a clear progression path towards becoming a Penetration Tester, supported by mentoring, practical client work, and funded certifications. Please note: Unfortunately, this role is not able to offer visa sponsorship or visa transfer support. Applicants must already have the unrestricted right to work in the UK. Junior Security Testing Analyst Role: As a Junior Security Testing Analyst , you will play a key role in supporting the delivery of Vulnerability Assessment and Security Testing services. You will investigate vulnerabilities, validate findings, perform reconnaissance and enumeration activities, and assist with client-facing reporting and remediation support. Junior Security Testing Analyst Key Responsibilities: Support the delivery of Vulnerability Assessments, Penetration Testing, Attack Surface Management, and Security Testing services. Perform reconnaissance, enumeration, service analysis, and vulnerability identification activities. Configure, schedule, and monitor vulnerability scans using approved security testing tools. Review scan results, validate findings, and help reduce false positives. Investigate exposed services, insecure configurations, and common infrastructure weaknesses. Assist with penetration testing activities under the guidance of experienced Security Consultants. Support vulnerability research, evidence gathering, and technical reporting. Coordinate remediation follow-up and retesting activities. Maintain accurate documentation, testing records, and asset inventories. Follow recognised security frameworks and testing methodologies, including OWASP and CREST-aligned practices. What They Are Looking For: Essential: Approximately 1-2 years of Cyber Security experience. Exposure to Vulnerability Assessment, Security Testing, Vulnerability Management, or Junior Penetration Testing. Good understanding of networking fundamentals including TCP/IP, DNS, HTTP/S, ports, and services. Working knowledge of Linux and Windows environments. Familiarity with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, Qualys, or similar. Exposure to security testing tools such as Nmap, Burp Suite, Kali Linux, Metasploit, Nikto, or Gobuster. Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and remediation processes. Awareness of the OWASP Top 10 and common web application vulnerabilities. Strong written communication and report-writing skills. Desirable: CREST CPSA, CompTIA Security+, CompTIA PenTest+, eJPT, PNPT, or similar Cyber Security certifications. Experience using platforms such as Hack The Box, TryHackMe, PortSwigger Academy, or Offensive Security Labs. Scripting experience in Python, Bash, PowerShell, or similar. Exposure to AWS, Azure, or GCP security concepts. Bug bounty or responsible disclosure experience. Junior Security Testing Analyst Key Attributes: Passionate about Cyber Security and ethical hacking. Naturally curious with a strong desire to learn and develop. Methodical and detail-oriented. Strong analytical and problem-solving skills. Comfortable investigating and validating technical findings. Collaborative team player with excellent communication skills. Committed to continuous professional development. What's on Offer: Excellent benefits package. Clear career progression pathway into Penetration Testing and Security Consulting. Direct mentoring from experienced Cyber Security professionals. Funded training and industry-recognised certifications. Exposure to real-world client environments and security testing engagements. Hybrid working available following successful training and onboarding. Opportunity to join a collaborative and growing Cyber Security team. Long-term career development within a respected and expanding Cyber Security consultancy. If you're looking to build a long-term career within Cyber Security and want to develop your technical skills within a supportive and professional environment, we'd love to hear from you. Apply now!
National Physical Laboratory
Solihull, West Midlands
Dive Deep. Make an Impact. Build Secure Systems. You're driven by curiosity and a desire to understand how things really work - and how they can be made more secure. Whether dissecting telecoms protocols, exploring enterprise systems, or analysing hardware, you take a hands on, analytical approach to solving complex challenges. In this role, you'll join a collaborative and inclusive team where your expertise is valued, your ideas are heard, and your work directly contributes to strengthening real world systems. You'll have the freedom to explore, experiment, and grow - while helping shape the security of next generation networks. As a senior member of the team, you'll also play an important role in supporting and mentoring others, helping to develop the next generation of security testing specialists. What You'll Be Doing Lead and deliver security assessments across complex hardware, software, and telecoms systems. Conduct hands on penetration testing within a dedicated in house lab environment, ensuring safe and controlled testing. Apply advanced testing techniques - including both positive and negative approaches (e.g. fuzzing) - to rigorously assess network functions and protocols. Identify, investigate, and clearly articulate vulnerabilities and security risks to both technical and non technical audiences. Develop scripts and automate testing processes to improve efficiency, consistency, and scalability. Produce high quality, insightful technical reports that support remediation and strengthen security posture. Mentor and support junior team members through hands on guidance and knowledge sharing. Contribute to the development of test strategies and help shape the direction of security assessments. Requirements Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week. We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to hold an SC clearance with no restrictions. You are welcome to apply without already holding SC clearance; however, you will not be able to start in post until the clearance has been successfully granted. What You'll Thrive In Strong experience in penetration testing, with a solid understanding of exploitation techniques and how they apply in real world environments. Enjoy deep technical problem solving and working across complex, evolving systems. Bring a collaborative mindset - sharing knowledge, supporting others, and contributing fresh ideas. Are passionate about security testing and committed to continuous learning and staying ahead of emerging threats. Have a background in areas such as networking, infrastructure, software development, or telecoms (preferred but not essential). What You'll Learn You'll bring solid experience - and we'll help you take it even further. Whether you already have knowledge of telecoms protocols such as Diameter, HTTP/2, SCTP, and NGAP, or demonstrate a strong ability to learn them quickly, we'll support your growth every step of the way. You'll gain access to leading training platforms and work towards industry recognised certifications, helping you continuously develop your expertise. Benefits We strive to offer a great work life balance. Whether you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in.
15/06/2026
Full time
Dive Deep. Make an Impact. Build Secure Systems. You're driven by curiosity and a desire to understand how things really work - and how they can be made more secure. Whether dissecting telecoms protocols, exploring enterprise systems, or analysing hardware, you take a hands on, analytical approach to solving complex challenges. In this role, you'll join a collaborative and inclusive team where your expertise is valued, your ideas are heard, and your work directly contributes to strengthening real world systems. You'll have the freedom to explore, experiment, and grow - while helping shape the security of next generation networks. As a senior member of the team, you'll also play an important role in supporting and mentoring others, helping to develop the next generation of security testing specialists. What You'll Be Doing Lead and deliver security assessments across complex hardware, software, and telecoms systems. Conduct hands on penetration testing within a dedicated in house lab environment, ensuring safe and controlled testing. Apply advanced testing techniques - including both positive and negative approaches (e.g. fuzzing) - to rigorously assess network functions and protocols. Identify, investigate, and clearly articulate vulnerabilities and security risks to both technical and non technical audiences. Develop scripts and automate testing processes to improve efficiency, consistency, and scalability. Produce high quality, insightful technical reports that support remediation and strengthen security posture. Mentor and support junior team members through hands on guidance and knowledge sharing. Contribute to the development of test strategies and help shape the direction of security assessments. Requirements Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week. We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to hold an SC clearance with no restrictions. You are welcome to apply without already holding SC clearance; however, you will not be able to start in post until the clearance has been successfully granted. What You'll Thrive In Strong experience in penetration testing, with a solid understanding of exploitation techniques and how they apply in real world environments. Enjoy deep technical problem solving and working across complex, evolving systems. Bring a collaborative mindset - sharing knowledge, supporting others, and contributing fresh ideas. Are passionate about security testing and committed to continuous learning and staying ahead of emerging threats. Have a background in areas such as networking, infrastructure, software development, or telecoms (preferred but not essential). What You'll Learn You'll bring solid experience - and we'll help you take it even further. Whether you already have knowledge of telecoms protocols such as Diameter, HTTP/2, SCTP, and NGAP, or demonstrate a strong ability to learn them quickly, we'll support your growth every step of the way. You'll gain access to leading training platforms and work towards industry recognised certifications, helping you continuously develop your expertise. Benefits We strive to offer a great work life balance. Whether you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in.
National Physical Laboratory
Birmingham, Staffordshire
National Physical Laboratory in Birmingham is seeking a skilled security specialist to lead penetration testing and security assessments across complex systems. You will mentor junior team members while contributing to remediation strategies and improving security posture. The ideal candidate has solid experience in penetration testing and is comfortable in a collaborative environment. The position offers flexible working arrangements depending on business needs.
15/06/2026
Full time
National Physical Laboratory in Birmingham is seeking a skilled security specialist to lead penetration testing and security assessments across complex systems. You will mentor junior team members while contributing to remediation strategies and improving security posture. The ideal candidate has solid experience in penetration testing and is comfortable in a collaborative environment. The position offers flexible working arrangements depending on business needs.
National Physical Laboratory
Birmingham, Staffordshire
Dive Deep. Make an Impact. Build Secure Systems. You're driven by curiosity and a desire to understand how things really work - and how they can be made more secure. Whether dissecting telecoms protocols, exploring enterprise systems, or analysing hardware, you take a hands on, analytical approach to solving complex challenges. In this role, you'll join a collaborative and inclusive team where your expertise is valued, your ideas are heard, and your work directly contributes to strengthening real world systems. You'll have the freedom to explore, experiment, and grow - while helping shape the security of next generation networks. As a senior member of the team, you'll also play an important role in supporting and mentoring others, helping to develop the next generation of security testing specialists. What You'll Be Doing Lead and deliver security assessments across complex hardware, software, and telecoms systems. Conduct hands on penetration testing within a dedicated in house lab environment, ensuring safe and controlled testing. Apply advanced testing techniques - including both positive and negative approaches (e.g. fuzzing) - to rigorously assess network functions and protocols. Identify, investigate, and clearly articulate vulnerabilities and security risks to both technical and non technical audiences. Develop scripts and automate testing processes to improve efficiency, consistency, and scalability. Produce high quality, insightful technical reports that support remediation and strengthen security posture. Mentor and support junior team members through hands on guidance and knowledge sharing. Contribute to the development of test strategies and help shape the direction of security assessments. Requirements Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week. We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to hold an SC clearance with no restrictions. You are welcome to apply without already holding SC clearance; however, you will not be able to start in post until the clearance has been successfully granted. What You'll Thrive In Strong experience in penetration testing, with a solid understanding of exploitation techniques and how they apply in real world environments. Enjoy deep technical problem solving and working across complex, evolving systems. Bring a collaborative mindset - sharing knowledge, supporting others, and contributing fresh ideas. Are passionate about security testing and committed to continuous learning and staying ahead of emerging threats. Have a background in areas such as networking, infrastructure, software development, or telecoms (preferred but not essential). What You'll Learn You'll bring solid experience - and we'll help you take it even further. Whether you already have knowledge of telecoms protocols such as Diameter, HTTP/2, SCTP, and NGAP, or demonstrate a strong ability to learn them quickly, we'll support your growth every step of the way. You'll gain access to leading training platforms and work towards industry recognised certifications, helping you continuously develop your expertise. Benefits We strive to offer a great work life balance. Whether you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in.
15/06/2026
Full time
Dive Deep. Make an Impact. Build Secure Systems. You're driven by curiosity and a desire to understand how things really work - and how they can be made more secure. Whether dissecting telecoms protocols, exploring enterprise systems, or analysing hardware, you take a hands on, analytical approach to solving complex challenges. In this role, you'll join a collaborative and inclusive team where your expertise is valued, your ideas are heard, and your work directly contributes to strengthening real world systems. You'll have the freedom to explore, experiment, and grow - while helping shape the security of next generation networks. As a senior member of the team, you'll also play an important role in supporting and mentoring others, helping to develop the next generation of security testing specialists. What You'll Be Doing Lead and deliver security assessments across complex hardware, software, and telecoms systems. Conduct hands on penetration testing within a dedicated in house lab environment, ensuring safe and controlled testing. Apply advanced testing techniques - including both positive and negative approaches (e.g. fuzzing) - to rigorously assess network functions and protocols. Identify, investigate, and clearly articulate vulnerabilities and security risks to both technical and non technical audiences. Develop scripts and automate testing processes to improve efficiency, consistency, and scalability. Produce high quality, insightful technical reports that support remediation and strengthen security posture. Mentor and support junior team members through hands on guidance and knowledge sharing. Contribute to the development of test strategies and help shape the direction of security assessments. Requirements Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week. We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to hold an SC clearance with no restrictions. You are welcome to apply without already holding SC clearance; however, you will not be able to start in post until the clearance has been successfully granted. What You'll Thrive In Strong experience in penetration testing, with a solid understanding of exploitation techniques and how they apply in real world environments. Enjoy deep technical problem solving and working across complex, evolving systems. Bring a collaborative mindset - sharing knowledge, supporting others, and contributing fresh ideas. Are passionate about security testing and committed to continuous learning and staying ahead of emerging threats. Have a background in areas such as networking, infrastructure, software development, or telecoms (preferred but not essential). What You'll Learn You'll bring solid experience - and we'll help you take it even further. Whether you already have knowledge of telecoms protocols such as Diameter, HTTP/2, SCTP, and NGAP, or demonstrate a strong ability to learn them quickly, we'll support your growth every step of the way. You'll gain access to leading training platforms and work towards industry recognised certifications, helping you continuously develop your expertise. Benefits We strive to offer a great work life balance. Whether you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in.
National Physical Laboratory
Solihull, West Midlands
National Physical Laboratory in Birmingham is seeking a skilled security specialist to lead penetration testing and security assessments across complex systems. You will mentor junior team members while contributing to remediation strategies and improving security posture. The ideal candidate has solid experience in penetration testing and is comfortable in a collaborative environment. The position offers flexible working arrangements depending on business needs.
15/06/2026
Full time
National Physical Laboratory in Birmingham is seeking a skilled security specialist to lead penetration testing and security assessments across complex systems. You will mentor junior team members while contributing to remediation strategies and improving security posture. The ideal candidate has solid experience in penetration testing and is comfortable in a collaborative environment. The position offers flexible working arrangements depending on business needs.
Academy Education Network Ltd
Manchester, Lancashire
Overview Cybersecurity Analysts protect organisations from cyber threats. Depending on the speciality, roles may involve monitoring live security events in a Security Operations Centre (SOC), researching threat intelligence, conducting penetration tests to uncover vulnerabilities, or managing Governance, Risk & Compliance (GRC) workstreams. All work aligns with recognised frameworks such as NIST CSF, ISO 27001, and CIS Controls. Responsibilities Monitor security events and respond to active threats in real time. Run vulnerability assessments, penetration tests, and incident response exercises. Specialise in SOC analysis, threat intelligence, penetration testing, GRC, or cloud security. Work for banks, telcos, defence contractors, government agencies, NHS and FTSE 100 corporates. Career Progression Typical career stages for a Cybersecurity Analyst: Years 0-2: SOC Analyst (Tier 1) - monitor events and respond to common incidents; progression via CompTIA Security+ and SANS GCIH or CEH. Years 2-5: Cybersecurity Analyst / Penetration Tester - specialise in penetration testing (CREST CRT, OSCP), threat intelligence or GRC (ISO 27001 Lead Auditor). Years 5-8: Senior Analyst / Security Engineer - lead complex incident response, run major risk assessments, or design enterprise security architecture; often required to hold CISSP. Years 8+: Lead / Head of Security / CISO - strategic leadership of an organisation's security function; requires technical depth and business/board level communication. Qualifications & Skills Required technical knowledge and professional traits include: Calm decision making under incident pressure. Clear written reporting for non technical executives. Ethical decision making and professional integrity. Continuous learning across rapidly evolving threats. Methodical, evidence based investigation. Teamwork across IT, business and law enforcement. Relevant certifications such as CompTIA Security+, CEH, SANS GCIH, OSCP/CREST CRT, CISM/CISSP, ISO 27001 Lead Auditor. Typical Salary Ranges (UK) Junior SOC analysts at major banks and managed service providers start at £35,000-£45,000. Penetration testers and threat intelligence analysts at top consultancies earn £45,000-£65,000 within 3 years. Senior engineers and CISO track leaders in FTSE 100 companies can reach £100,000+. Education and Entry Routes Common pathways include: MSc Cybersecurity - 1 year postgraduate specialist degree (many are NCSC certified). Cybersecurity Apprenticeship - 2-4 years, fully employer funded (Levels 4 & 6). CompTIA Security+ plus a Tier 1 SOC role - common entry for career changers. University undergraduate degree in Cybersecurity or Computer Science - 3 years; with student loans and progression into junior roles. FAQ - Becoming a Cybersecurity Analyst in the UK How long does it take to become a cyber analyst? Typically straight after a 3 year undergraduate degree, or via CompTIA Security+ and a Tier 1 SOC role. Do I need a cybersecurity degree to work in the UK? Not strictly, but a specialist degree and relevant certifications are the most reliable route. Is the role on the Skilled Worker visa shortage list? No; however, salaries often meet the threshold and most private sector employers sponsor international analysts. What's the difference between a SOC analyst and a penetration tester? SOC analysts monitor events; penetration testers actively find vulnerabilities. Which UK certifications matter most? CompTIA Security+, CEH, SANS GCIH, OSCP/CREST CRT, CISM/CISSP. Can I move into cybersecurity from another career? Yes - career changers can transition via Security+ and a Tier 1 SOC role within 6-12 months.
09/06/2026
Full time
Overview Cybersecurity Analysts protect organisations from cyber threats. Depending on the speciality, roles may involve monitoring live security events in a Security Operations Centre (SOC), researching threat intelligence, conducting penetration tests to uncover vulnerabilities, or managing Governance, Risk & Compliance (GRC) workstreams. All work aligns with recognised frameworks such as NIST CSF, ISO 27001, and CIS Controls. Responsibilities Monitor security events and respond to active threats in real time. Run vulnerability assessments, penetration tests, and incident response exercises. Specialise in SOC analysis, threat intelligence, penetration testing, GRC, or cloud security. Work for banks, telcos, defence contractors, government agencies, NHS and FTSE 100 corporates. Career Progression Typical career stages for a Cybersecurity Analyst: Years 0-2: SOC Analyst (Tier 1) - monitor events and respond to common incidents; progression via CompTIA Security+ and SANS GCIH or CEH. Years 2-5: Cybersecurity Analyst / Penetration Tester - specialise in penetration testing (CREST CRT, OSCP), threat intelligence or GRC (ISO 27001 Lead Auditor). Years 5-8: Senior Analyst / Security Engineer - lead complex incident response, run major risk assessments, or design enterprise security architecture; often required to hold CISSP. Years 8+: Lead / Head of Security / CISO - strategic leadership of an organisation's security function; requires technical depth and business/board level communication. Qualifications & Skills Required technical knowledge and professional traits include: Calm decision making under incident pressure. Clear written reporting for non technical executives. Ethical decision making and professional integrity. Continuous learning across rapidly evolving threats. Methodical, evidence based investigation. Teamwork across IT, business and law enforcement. Relevant certifications such as CompTIA Security+, CEH, SANS GCIH, OSCP/CREST CRT, CISM/CISSP, ISO 27001 Lead Auditor. Typical Salary Ranges (UK) Junior SOC analysts at major banks and managed service providers start at £35,000-£45,000. Penetration testers and threat intelligence analysts at top consultancies earn £45,000-£65,000 within 3 years. Senior engineers and CISO track leaders in FTSE 100 companies can reach £100,000+. Education and Entry Routes Common pathways include: MSc Cybersecurity - 1 year postgraduate specialist degree (many are NCSC certified). Cybersecurity Apprenticeship - 2-4 years, fully employer funded (Levels 4 & 6). CompTIA Security+ plus a Tier 1 SOC role - common entry for career changers. University undergraduate degree in Cybersecurity or Computer Science - 3 years; with student loans and progression into junior roles. FAQ - Becoming a Cybersecurity Analyst in the UK How long does it take to become a cyber analyst? Typically straight after a 3 year undergraduate degree, or via CompTIA Security+ and a Tier 1 SOC role. Do I need a cybersecurity degree to work in the UK? Not strictly, but a specialist degree and relevant certifications are the most reliable route. Is the role on the Skilled Worker visa shortage list? No; however, salaries often meet the threshold and most private sector employers sponsor international analysts. What's the difference between a SOC analyst and a penetration tester? SOC analysts monitor events; penetration testers actively find vulnerabilities. Which UK certifications matter most? CompTIA Security+, CEH, SANS GCIH, OSCP/CREST CRT, CISM/CISSP. Can I move into cybersecurity from another career? Yes - career changers can transition via Security+ and a Tier 1 SOC role within 6-12 months.
Barclay Simpson is seeking an experienced Penetration Tester to join their team in Greater London. This internal role offers a variety of projects across WebApp, Infrastructure, and Cloud testing, along with involvement in Red and Purple Teaming. You will lead engagements, mentor junior staff, and communicate findings to senior stakeholders. The position offers a base salary of up to £85,000 plus benefits and bonus. Commuting from surrounding areas is feasible, with easy access to public transport.
09/06/2026
Full time
Barclay Simpson is seeking an experienced Penetration Tester to join their team in Greater London. This internal role offers a variety of projects across WebApp, Infrastructure, and Cloud testing, along with involvement in Red and Purple Teaming. You will lead engagements, mentor junior staff, and communicate findings to senior stakeholders. The position offers a base salary of up to £85,000 plus benefits and bonus. Commuting from surrounding areas is feasible, with easy access to public transport.
This is a fantastic opportunity for an experienced penetration tester to move into an internal role with a leading financial services firm. The role offers variety across Penetration Testing (WebApp, Infrastructure - internal and external, and Cloud) along with involvement in Purple Teaming and Red Teaming engagements. The role will see you leading, scoping and planning engagements, defining methodologies and working with third parties and the wider cyber defence team where required. You will undertake peer reviews of reports, and will communicate findings to senior stakeholders in the business. You will have the opportunity to mentor a junior PenTester and to work on a range of different projects. The successful candidate will be an experienced PenTester with WebApp, Cloud and Infra skills. You may be certified in OSCP, CREST or SANS (although certifications are not a prerequisite) and will have good verbal and written communication skills. Experience in red/purple teaming will be beneficial. You may have experience from either a consultancy or an internal team. The role is based 3 days a week in the office. If you live in Surrey, West/East Sussex, Hampshire, Croydon, Brighton, Portsmouth or West Kent, you will be within a commutable distance of their office. There is parking available, and the office is just a 5-minute walk from the station with regular direct trains from London Bridge, Victoria and Blackfriars. Base salary up to £85,000 + benefits + bonus. There is no visa sponsorship available at this time.
09/06/2026
Full time
This is a fantastic opportunity for an experienced penetration tester to move into an internal role with a leading financial services firm. The role offers variety across Penetration Testing (WebApp, Infrastructure - internal and external, and Cloud) along with involvement in Purple Teaming and Red Teaming engagements. The role will see you leading, scoping and planning engagements, defining methodologies and working with third parties and the wider cyber defence team where required. You will undertake peer reviews of reports, and will communicate findings to senior stakeholders in the business. You will have the opportunity to mentor a junior PenTester and to work on a range of different projects. The successful candidate will be an experienced PenTester with WebApp, Cloud and Infra skills. You may be certified in OSCP, CREST or SANS (although certifications are not a prerequisite) and will have good verbal and written communication skills. Experience in red/purple teaming will be beneficial. You may have experience from either a consultancy or an internal team. The role is based 3 days a week in the office. If you live in Surrey, West/East Sussex, Hampshire, Croydon, Brighton, Portsmouth or West Kent, you will be within a commutable distance of their office. There is parking available, and the office is just a 5-minute walk from the station with regular direct trains from London Bridge, Victoria and Blackfriars. Base salary up to £85,000 + benefits + bonus. There is no visa sponsorship available at this time.
Overview Lead Penetration Tester (Lead Cyber Analyst), Technical Vulnerability Management - Cyber Security Division Permanent Full time Location: Leeds We currently have a number of Penetration Tester opportunities across our Cyber team. If this role isn't the right fit, we encourage you to explore what else is available: Junior Penetration Tester (Cyber Analyst), Threat & Vulnerability Management - Cyber Security Division Job Description This is an opportunity to join the Bank of England's Pentest Team as a Lead Penetration Tester and play a senior role in strengthening the Bank's security. You'll lead and deliver penetration testing across a broad range of systems and services, assess complex vulnerabilities, and support red and purple team activity. Working with colleagues across Cyber and Technology, you'll help shape testing approaches, provide technical leadership, and drive effective remediation to reduce risk across the organisation. Flexible Working Options This role is open to flexible working patterns as follows: Flexible start and end time to each day Flexibility to adapt your calendar as needed, for example around the school run, the gym, or appointments A 50% in-office attendance requirement, which can be spread across the month to support different working patterns Working from abroad policy (subject to approval and policy within the team) Opportunities in Leeds We're excited to be growing our presence in Leeds, a city we've been connected to for nearly 200 years. Our modern, accessible office in the City Centre offers a supportive, flexible working environment. The majority of roles, including this one, are now available in Leeds, giving you the chance to build a meaningful career outside of London while contributing to our mission from a dynamic and growing location. You'll work collaboratively with London-based colleagues in a hybrid model, with regular opportunities to travel into the London office to meet and connect together in person. Want to learn more? Discover what makes our Leeds office such a dynamic place to work by visiting our Leeds page (link not shown in refined version). A day in the role No two days in this role are exactly the same. You might start the day aligning priorities with the team, then move into leading a penetration test, reviewing complex findings, or shaping the approach to a new assessment. You'll work closely with colleagues across Cyber and Technology, providing technical oversight, engaging with stakeholders, and helping to ensure that vulnerabilities are clearly understood and effectively remediated. As a senior member of the team, you'll also support the development of others, contribute to improving testing practices, and help drive high-quality delivery across a varied portfolio of systems and services. The role also offers flexibility in how you organise your day, with flexible start and finish times and hybrid working between the Leeds office and home. Role Requirements You will bring strong hands-on penetration testing experience and the ability to lead complex assessments across areas such as infrastructure, cloud, and web applications. You should be comfortable working with a high degree of autonomy, applying sound technical judgement, and engaging confidently with stakeholders to explain risk and influence remediation. As a senior member of the team, you will also be expected to provide technical leadership, support the development of others, and contribute to the continued evolution of the Bank's testing capability. Minimum Criteria To be successful in this role, you will need to demonstrate strong technical capability and credible hands-on experience across the core areas below. Significant hands-on penetration testing experience, including leading or delivering complex assessments in medium to large enterprise environments Equivalent work experience or two or more of the following certifications: OSCP, OSEP, OSWE, OSED, GXPN, GX-PT, CREST CTL (INF/APP), Cyber Scheme CSTL (INF/APP), CRTO, CRTP Strong practical experience in enterprise infrastructure, cloud, or complex web application pentesting Practical expertise using commercial and open-source offensive security tools A strong understanding of common operating systems and their security considerations A strong understanding of networking concepts, including IP addressing, TCP/IP and UDP A strong understanding of enterprise infrastructure services and protocols A strong understanding of security concepts and controls related to complex enterprise architecture and the ability to evaluate those controls for effectiveness and impact on operational risk A solid understanding of cloud technologies and their security implications Excellent written and verbal communication skills, including the ability to produce clear technical reporting and explain risk to a range of stakeholders A high level of integrity, organisation, self-motivation, and a commitment to continuous improvement and high-quality delivery Essential Criteria The experience below would further strengthen your ability to succeed in this role and contribute at a senior level across the team. Experience working in financial services or large government organisations Practical experience in source code review Strong scripting capability in Python, PowerShell, or Bash A solid understanding of Governance, Risk and Compliance processes and how they support security decision-making Experience in delivering threat modelling reports that provide a detailed understanding of risks to related systems Red team operator experience Desirable Criteria Experience working in complex medium to large organisations How this role fits into the wider Bank As part of the Cyber Division, you'll join a penetration testing team that plays a key role in identifying vulnerabilities across the Bank's technology and infrastructure, assessing complex risk, and driving effective remediation. Working closely with colleagues across Cyber, Technology, and the wider organisation, you'll provide senior technical input, help shape testing approaches, and support the protection of the critical systems and information the Bank depends on. Our Approach to Inclusion The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve. At the Bank of England, we want all colleagues to feel valued and respected, so we're working hard to build an inclusive culture which supports people from all backgrounds and communities to be at their best at work. We celebrate all forms of diversity, including (but not limited to) age, disability, ethnicity, gender, gender identity, race, religion, sexual orientation and socioeconomic status. We believe that it's by drawing on different perspectives and experiences that we'll continue to make the best decisions for the public. We welcome applications from individuals who work flexibly, including job shares and part time working patterns. We've also partnered with external organisations to support us in making adjustments for candidates and employees in the recruitment process where they're needed. For most roles where work can be carried out at home, we aim for colleagues to spend half of their time in the office, with a minimum of 50% per month. Subject to that minimum requirement, individuals and managers should work together to find what works best for them, their team and stakeholders. Finally, we're proud to be a member of the Disability Confident Scheme. If you wish to apply under this scheme, you should check the box in the 'Candidate Personal Information' under the 'Disability Confident Scheme' section of the application. Salary and Benefits Information We offer a salary as follows: Leeds circa £72,320 - £81,360 In addition, we also offer a comprehensive benefits package as detailed below: A non-contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year. The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time. A discretionary performance award based on a current award pool. An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits. 26 days' annual leave with option to buy up to 12 additional days through flexible benefits. Private medical insurance and income protection. National Security Vetting Process Employment in this role will be subject to the National Security Vetting clearance process (and typically can take between 6 to 12 weeks post offer) and the passing of additional Bank security checks in accordance with the Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes, is set out in the Bank's Privacy Notice. The Bank of England welcomes applications from all candidates, but as a UK Visas and Immigration (UKVI) approved sponsor, we have a responsibility to comply with the Immigration Rules and guidance. As such . click apply for full job details
03/06/2026
Full time
Overview Lead Penetration Tester (Lead Cyber Analyst), Technical Vulnerability Management - Cyber Security Division Permanent Full time Location: Leeds We currently have a number of Penetration Tester opportunities across our Cyber team. If this role isn't the right fit, we encourage you to explore what else is available: Junior Penetration Tester (Cyber Analyst), Threat & Vulnerability Management - Cyber Security Division Job Description This is an opportunity to join the Bank of England's Pentest Team as a Lead Penetration Tester and play a senior role in strengthening the Bank's security. You'll lead and deliver penetration testing across a broad range of systems and services, assess complex vulnerabilities, and support red and purple team activity. Working with colleagues across Cyber and Technology, you'll help shape testing approaches, provide technical leadership, and drive effective remediation to reduce risk across the organisation. Flexible Working Options This role is open to flexible working patterns as follows: Flexible start and end time to each day Flexibility to adapt your calendar as needed, for example around the school run, the gym, or appointments A 50% in-office attendance requirement, which can be spread across the month to support different working patterns Working from abroad policy (subject to approval and policy within the team) Opportunities in Leeds We're excited to be growing our presence in Leeds, a city we've been connected to for nearly 200 years. Our modern, accessible office in the City Centre offers a supportive, flexible working environment. The majority of roles, including this one, are now available in Leeds, giving you the chance to build a meaningful career outside of London while contributing to our mission from a dynamic and growing location. You'll work collaboratively with London-based colleagues in a hybrid model, with regular opportunities to travel into the London office to meet and connect together in person. Want to learn more? Discover what makes our Leeds office such a dynamic place to work by visiting our Leeds page (link not shown in refined version). A day in the role No two days in this role are exactly the same. You might start the day aligning priorities with the team, then move into leading a penetration test, reviewing complex findings, or shaping the approach to a new assessment. You'll work closely with colleagues across Cyber and Technology, providing technical oversight, engaging with stakeholders, and helping to ensure that vulnerabilities are clearly understood and effectively remediated. As a senior member of the team, you'll also support the development of others, contribute to improving testing practices, and help drive high-quality delivery across a varied portfolio of systems and services. The role also offers flexibility in how you organise your day, with flexible start and finish times and hybrid working between the Leeds office and home. Role Requirements You will bring strong hands-on penetration testing experience and the ability to lead complex assessments across areas such as infrastructure, cloud, and web applications. You should be comfortable working with a high degree of autonomy, applying sound technical judgement, and engaging confidently with stakeholders to explain risk and influence remediation. As a senior member of the team, you will also be expected to provide technical leadership, support the development of others, and contribute to the continued evolution of the Bank's testing capability. Minimum Criteria To be successful in this role, you will need to demonstrate strong technical capability and credible hands-on experience across the core areas below. Significant hands-on penetration testing experience, including leading or delivering complex assessments in medium to large enterprise environments Equivalent work experience or two or more of the following certifications: OSCP, OSEP, OSWE, OSED, GXPN, GX-PT, CREST CTL (INF/APP), Cyber Scheme CSTL (INF/APP), CRTO, CRTP Strong practical experience in enterprise infrastructure, cloud, or complex web application pentesting Practical expertise using commercial and open-source offensive security tools A strong understanding of common operating systems and their security considerations A strong understanding of networking concepts, including IP addressing, TCP/IP and UDP A strong understanding of enterprise infrastructure services and protocols A strong understanding of security concepts and controls related to complex enterprise architecture and the ability to evaluate those controls for effectiveness and impact on operational risk A solid understanding of cloud technologies and their security implications Excellent written and verbal communication skills, including the ability to produce clear technical reporting and explain risk to a range of stakeholders A high level of integrity, organisation, self-motivation, and a commitment to continuous improvement and high-quality delivery Essential Criteria The experience below would further strengthen your ability to succeed in this role and contribute at a senior level across the team. Experience working in financial services or large government organisations Practical experience in source code review Strong scripting capability in Python, PowerShell, or Bash A solid understanding of Governance, Risk and Compliance processes and how they support security decision-making Experience in delivering threat modelling reports that provide a detailed understanding of risks to related systems Red team operator experience Desirable Criteria Experience working in complex medium to large organisations How this role fits into the wider Bank As part of the Cyber Division, you'll join a penetration testing team that plays a key role in identifying vulnerabilities across the Bank's technology and infrastructure, assessing complex risk, and driving effective remediation. Working closely with colleagues across Cyber, Technology, and the wider organisation, you'll provide senior technical input, help shape testing approaches, and support the protection of the critical systems and information the Bank depends on. Our Approach to Inclusion The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve. At the Bank of England, we want all colleagues to feel valued and respected, so we're working hard to build an inclusive culture which supports people from all backgrounds and communities to be at their best at work. We celebrate all forms of diversity, including (but not limited to) age, disability, ethnicity, gender, gender identity, race, religion, sexual orientation and socioeconomic status. We believe that it's by drawing on different perspectives and experiences that we'll continue to make the best decisions for the public. We welcome applications from individuals who work flexibly, including job shares and part time working patterns. We've also partnered with external organisations to support us in making adjustments for candidates and employees in the recruitment process where they're needed. For most roles where work can be carried out at home, we aim for colleagues to spend half of their time in the office, with a minimum of 50% per month. Subject to that minimum requirement, individuals and managers should work together to find what works best for them, their team and stakeholders. Finally, we're proud to be a member of the Disability Confident Scheme. If you wish to apply under this scheme, you should check the box in the 'Candidate Personal Information' under the 'Disability Confident Scheme' section of the application. Salary and Benefits Information We offer a salary as follows: Leeds circa £72,320 - £81,360 In addition, we also offer a comprehensive benefits package as detailed below: A non-contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year. The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time. A discretionary performance award based on a current award pool. An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits. 26 days' annual leave with option to buy up to 12 additional days through flexible benefits. Private medical insurance and income protection. National Security Vetting Process Employment in this role will be subject to the National Security Vetting clearance process (and typically can take between 6 to 12 weeks post offer) and the passing of additional Bank security checks in accordance with the Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes, is set out in the Bank's Privacy Notice. The Bank of England welcomes applications from all candidates, but as a UK Visas and Immigration (UKVI) approved sponsor, we have a responsibility to comply with the Immigration Rules and guidance. As such . click apply for full job details
Senior Penetration Tester Location: Fully Remote (UK-Based) Salary Range: £50,000 - £85,000 (dependent on experience) Position: Permanent, Full-Time My client is a dynamic and growing cybersecurity consultancy dedicated to providing top-tier security services to a diverse range of clients. They believe in empowering the team with the flexibility of remote work while tackling challenging and engaging projects that make a real difference to their clients' security posture. The Role We are seeking a highly skilled and motivated Senior Penetration Tester to join our remote team. You will be responsible for leading and executing complex penetration tests against a variety of systems, networks, and applications. The ideal candidate is not just a proficient tester but a critical thinker who can articulate risks clearly and provide pragmatic remediation advice to clients. Key Responsibilities Plan, lead, and execute sophisticated penetration tests across infrastructure, web applications, APIs, and internal networks. Conduct advanced Red Team exercises to simulate real-world adversary attacks and test organisational defences. Produce high-quality, clear, and concise reports for both technical and executive audiences, detailing findings, risks, and actionable remediation strategies. Mentor and provide guidance to junior members of the team, promoting best practices and knowledge sharing. Collaborate with clients to scope engagements, present findings, and provide expert advice on mitigating identified vulnerabilities. Stay abreast of the latest security vulnerabilities, attack vectors, tools, and methodologies. Contribute to the continuous improvement of our testing methodologies and service offerings. Essential Skills & Qualifications Must hold active CREST Certified Tester (CRT) certification. (Non-negotiable) Proven commercial experience in a penetration testing role. Deep technical knowledge of networking protocols, operating systems (Windows, Linux), and common infrastructure vulnerabilities. Strong experience in web application penetration testing (OWASP Top 10). Proficiency with common penetration testing tools (e.g., Burp Suite Pro, Metasploit, Nmap, Cobalt Strike, etc.). Excellent written and verbal communication skills, with a proven ability to write detailed technical reports. A proactive and self-motivated attitude, capable of working effectively in a fully remote environment. Desirable Skills & Qualifications Experience with or knowledge of implementing Cyber Essentials and Cyber Essentials Plus schemes is highly desirable. Additional certifications such as: CREST Certified Simulated Attack Specialist (CCSAS) / Certified Simulated Attack Manager (CCSAM) Offensive Security Certified Professional (OSCP) Certified Information Systems Security Professional (CISSP) SANS GIAC Penetration Tester (GPEN) or Web Application Penetration Tester (GWAPT) Experience in mobile application (iOS/Android) testing, cloud security (AWS/Azure/GCP), or social engineering. Experience scripting in Python, PowerShell, or Bash to develop custom tools or exploits. What We Offer A competitive salary of £50,000 - £85,000 . Fully remote working - work from anywhere in the UK. A supportive and collaborative culture with a strong focus on professional development.
01/10/2025
Full time
Senior Penetration Tester Location: Fully Remote (UK-Based) Salary Range: £50,000 - £85,000 (dependent on experience) Position: Permanent, Full-Time My client is a dynamic and growing cybersecurity consultancy dedicated to providing top-tier security services to a diverse range of clients. They believe in empowering the team with the flexibility of remote work while tackling challenging and engaging projects that make a real difference to their clients' security posture. The Role We are seeking a highly skilled and motivated Senior Penetration Tester to join our remote team. You will be responsible for leading and executing complex penetration tests against a variety of systems, networks, and applications. The ideal candidate is not just a proficient tester but a critical thinker who can articulate risks clearly and provide pragmatic remediation advice to clients. Key Responsibilities Plan, lead, and execute sophisticated penetration tests across infrastructure, web applications, APIs, and internal networks. Conduct advanced Red Team exercises to simulate real-world adversary attacks and test organisational defences. Produce high-quality, clear, and concise reports for both technical and executive audiences, detailing findings, risks, and actionable remediation strategies. Mentor and provide guidance to junior members of the team, promoting best practices and knowledge sharing. Collaborate with clients to scope engagements, present findings, and provide expert advice on mitigating identified vulnerabilities. Stay abreast of the latest security vulnerabilities, attack vectors, tools, and methodologies. Contribute to the continuous improvement of our testing methodologies and service offerings. Essential Skills & Qualifications Must hold active CREST Certified Tester (CRT) certification. (Non-negotiable) Proven commercial experience in a penetration testing role. Deep technical knowledge of networking protocols, operating systems (Windows, Linux), and common infrastructure vulnerabilities. Strong experience in web application penetration testing (OWASP Top 10). Proficiency with common penetration testing tools (e.g., Burp Suite Pro, Metasploit, Nmap, Cobalt Strike, etc.). Excellent written and verbal communication skills, with a proven ability to write detailed technical reports. A proactive and self-motivated attitude, capable of working effectively in a fully remote environment. Desirable Skills & Qualifications Experience with or knowledge of implementing Cyber Essentials and Cyber Essentials Plus schemes is highly desirable. Additional certifications such as: CREST Certified Simulated Attack Specialist (CCSAS) / Certified Simulated Attack Manager (CCSAM) Offensive Security Certified Professional (OSCP) Certified Information Systems Security Professional (CISSP) SANS GIAC Penetration Tester (GPEN) or Web Application Penetration Tester (GWAPT) Experience in mobile application (iOS/Android) testing, cloud security (AWS/Azure/GCP), or social engineering. Experience scripting in Python, PowerShell, or Bash to develop custom tools or exploits. What We Offer A competitive salary of £50,000 - £85,000 . Fully remote working - work from anywhere in the UK. A supportive and collaborative culture with a strong focus on professional development.
