2,867 Offensive Security jobs in the United Kingdom
Offensive Security Tester
Posted 26 days ago
Job Viewed
Job Description
Offensive Security Tester | UK-Based (Remote Options)
NTT DATA, a global leader in security services, is seeking a CREST-certified Offensive Security Tester to join its UK Security Practice. This role involves conducting advanced penetration testing engagements, identifying vulnerabilities across diverse IT environments, and providing actionable remediation guidance to enhance client security postures. The ideal candidate will have a strong background in offensive security, a deep understanding of attack techniques, and excellent communication skills to deliver impactful results.
**What you'll be doing:**
Key Responsibilities:
+ Conduct comprehensive penetration tests across web applications, network infrastructure, and mobile applications.
+ Perform external and internal network penetration testing using industry-standard methodologies.
+ Execute wireless security assessments, social engineering engagements, and red team exercises.
+ Conduct application security testing, including API and web service assessments.
Vulnerability Assessment and Analysis
+ Identify, validate, and prioritize security vulnerabilities discovered during testing.
+ Analyze attack paths and assess the business impact of identified vulnerabilities.
+ Develop proof-of-concept exploits to demonstrate security risks.
Technical Reporting and Communication
+ Produce detailed technical reports documenting findings, risks, and remediation recommendations.
+ Create executive summaries highlighting business impact and strategic risk concerns.
+ Present findings to technical teams and management stakeholders.
Testing Methodology and Tool Management
+ Follow industry-standard penetration testing methodologies (e.g., OWASP, PTES, NIST).
+ Maintain and update penetration testing tools and exploitation frameworks.
+ Stay current with the latest attack techniques, vulnerabilities, and security research.
Client Engagement and Support
+ Communicate effectively with clients throughout testing engagements.
+ Coordinate testing activities to minimize business disruption.
+ Support scoping discussions and provide security awareness briefings to client teams.
**What experience you'll bring:**
Certifications
+ CREST Registered Penetration Tester (CRT) certification required.
+ Must meet UK SC Clearance eligibility guidelines.
+ Additional certifications preferred (e.g., OSCP, GPEN, CEH).
Professional Skills
+ Strong technical writing and verbal communication skills.
+ Ability to explain complex technical issues to non-technical audiences.
+ Excellent time management and attention to detail
Education and Experience
+ Bachelor's degree in computer science, Cybersecurity, or related field.
+ Direct experience working in government, military, or intelligence organizations advantageous.
+ 3-5 years of experience in penetration testing or offensive security roles.
Preferred Qualifications
+ Experience conducting red team exercises and adversarial attack simulations.
+ Familiarity with threat modeling and risk assessment methodologies.
+ Background in information security or IT security operations.
Success Metrics (6-12 Months)
+ Complete a minimum of 10 penetration testing engagements per quarter.
+ Achieve client satisfaction ratings of 90% or higher for testing services.
+ Deliver high-quality technical reports with zero critical errors.
+ Stay within defined scope and timelines for all engagements.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now
Offensive Security Senior Manager
Posted 7 days ago
Job Viewed
Job Description
Job Title: Offensive Security Senior Manager
Business Function: Cyber Security
Location: Kingston Head Office / Bangalore
Unilever is one of the world's leading suppliers of Food, Home, and Personal Care products with sales in over 190 countries and reaching 3.4 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Persil, Dove, Knorr, Domestos, Hellmann's, Wall's, Ben & Jerry's, Marmite, Magnum, and Lynx. Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That's why our purpose as Unilever is 'to make sustainable living commonplace'.
At Unilever, we're determined to achieve a culture where everyone can thrive, a culture where all individuals are treated fairly and respectfully, and where their uniqueness is celebrated. We're taking a holistic approach that focuses on how we can use the scale and reach of our business to have the greatest impact in our own workplace and beyond. We've set clear goals to eliminate any bias and discrimination in our policies and practices, accelerate diverse representation in our leadership, and remove barriers for people with disabilities. At the same time, we're setting out to spend more with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website ( .
Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security enables secure innovation and resilience across our global business. Our structure is built around product families and risk-based priorities, with teams embedded across regions and business units.
JOB PURPOSE
We are looking for a technically exceptional and visionary Senior Manager to lead our Offensive Security function. This role is both strategic and hands-on, responsible for delivering high-impact penetration testing, attack surface management, and a mature bug bounty program. The ideal candidate will be a transformation leader with deep technical expertise in offensive security and a passion for building purple team capabilities that proactively identify and close control gaps across the enterprise.
The Senior Manager - Offensive Security will serve as both a strategic leader and hands-on technical expert, driving the evolution of our offensive security capabilities. This role is accountable for delivering high-impact penetration testing, managing our attack surface, and overseeing a global bug bounty program. With a strong focus on identifying control gaps and advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment.
RESPONSIBILITIES
Technical Leadership & Execution
- Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers.- Identify and exploit vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps.- Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models.- Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows.
Program Ownership
- Own and evolve the offensive security roadmap, including internal testing services, external bug bounty operations, and attack surface management.- Establish and lead a Purple Team Steering Committee with cross-functional stakeholders from Cyber, OT, R&D, and Business Units.- Drive quarterly purple team exercises and ensure findings are embedded into the broader Cyber Transformation roadmap.
Team Building & Transformation
- Build and mentor a high-performing global team of offensive security engineers and red teamers.- Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security.- Foster a culture of innovation, experimentation, and continuous learning.
Collaboration & Influence
- Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation.- Communicate technical findings clearly to both technical and executive audiences.- Influence security architecture and product design through early engagement and threat modeling.
Requirements
+ Advanced Penetration Testing : Deep experience conducting and leading penetration tests across web applications, APIs, cloud environments (Azure, AWS, GCP), and enterprise infrastructure.
+ Red and Purple Teaming : Expertise in adversary emulation, threat-informed defense, and purple team exercises that validate detection and response capabilities.
+ Attack Surface Management : Familiarity with ASM platforms and methodologies to continuously identify, assess, and reduce external exposure.
+ Bug Bounty Program Management : Experience managing or collaborating with external bug bounty platforms (e.g., HackerOne, Bugcrowd), including triage and remediation workflows.
+ Exploit Development & Vulnerability Research : Ability to identify and exploit zero-day and known vulnerabilities, and develop custom proof-of-concept exploits.
+ Tool Proficiency :
+ Offensive tools: Cobalt Strike, Metasploit, Burp Suite, Nmap, BloodHound, Covenant, Sliver
+ Scripting: Python, PowerShell, Bash
+ Automation: CI/CD integration for security testing, custom tooling for red team automation
+ Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response.
+ Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain.
+ Cloud Security Testing : Hands-on experience with offensive techniques in cloud-native environments, including IAM misconfigurations, container escape, and serverless exploitation.
+ Security Control Validation : Experience assessing the effectiveness of EDR, WAF, IAM, and other security controls through offensive testing.
Experience
- 15+ years in cybersecurity, with 5+ years in offensive security and team leadership.- Deep hands-on experience with red/purple teaming, adversary emulation, and vulnerability exploitation.- Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting.- Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense.- Experience integrating offensive security into CI/CD pipelines and cloud-native environments.- Relevant certifications (e.g., OSCP, OSCE, CRTO, GXPN) strongly preferred.
Behaviours
Candidates would be required to demonstrate the Unilever Standards of Leadership & live the Values through showing the following behaviors:
+ Agility - Flexes leadership style and plans to meet changing situations with urgency. Learns from the past, envisions the future, has a healthy dissatisfaction with the status quo.
+ Personal Mastery - Actively builds wellbeing and resilience in themselves and their team. Has emotional intelligence to take feedback, manage mood and motivations, and build empathy for others. Sets high standards for themselves and always brings their best self.
+ Passion for High Performance - Inspires the energy needed to win, generating intensity and focus to motivate people to deliver results at speed.
NOTES
About Unilever
Unilever is one of the world's leading suppliers of Food, Home and Personal Care products with sales in over 190 countries and reaching 2 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Dove, Tresemme, Lynx, Lifebuoy, Shea Moisture, Persil, Domestos, Ben & Jerry's, Magnum, Marmite, The Vegetarian Butcher, Graze and Pot Noodle.
Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That's why our purpose is 'to make sustainable living commonplace'
What We Offer
Not only do we offer a competitive salary and pension scheme, we also offer an annual bonus, subsidised gym membership, a discounted staff shop and shares. You'll have the opportunity to work directly with our renowned and exciting brands in a flexible and hybrid working environment.
Whilst the role is advertised on a full-time basis, we would be happy to discuss possible flexible working options and what this may look like for you. We are a key advocate of wellbeing and offer a variety of support for our people including hubs, programmes and development opportunities. We strive to achieve a family-friendly and inclusive workplace and to, above all, create possibilities for all.
Diversity at Unilever is about inclusion, embracing differences, creating possibilities and growing together for better business performance. We embrace diversity in our workforce. This means giving full and fair consideration to all applicants and continuing development of all employees regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. We are also more than happy to provide reasonable adjustments during our application and interview process to enable you to be present your best self. To find out more, including about our Employee Resource Groups, please click here Equity, Diversity & Inclusion at Unilever | Unilever ( .
Recruitment Fraud
Cyber criminals advertise fake job adverts with prestigious employers as a way of stealing information or even defrauding individuals out of money. In the most sophisticated cases, they will set up fake websites, which have a similar address to companies like Unilever. They even conduct fake telephone interviews and then offer candidates a role with the proviso they pay a fee for background checks or to cover work visa costs. These types of attacks are becoming more common as more people are looking for employment in the economic climate.
How is Unilever tackling this?
Many of Unilever's recruitment sites publish a warning to candidates about recruitment fraud. The Cyber Security team also proactively scan for signs of people setting up fake Unilever sites and act to close them down.
What can I do?
If you become aware of potential recruitment fraud, spot fake Unilever recruitment adverts or fake LinkedIn profiles, report them via Una Live Chat.
Unilever does not accept responsibility or liability for any candidates who are financially impacted by recruitment fraud. Your vigilance is key!
Job Category: Uniops
Job Type: Full time
Industry:
Penetration Tester (Offensive Security Specialist)
Posted 3 days ago
Job Viewed
Job Description
As a Penetration Tester, you will conduct comprehensive security assessments of client systems, networks, and applications to uncover weaknesses that malicious actors could exploit. Your findings will be critical in helping clients improve their security posture and protect their valuable assets. This is a remote-first position, allowing you to work from anywhere while contributing to impactful security projects.
Key Responsibilities:
- Perform internal and external network penetration tests, identifying vulnerabilities and misconfigurations.
- Conduct web application penetration tests, including OWASP Top 10 vulnerability assessments.
- Perform API security testing and mobile application security assessments.
- Engage in social engineering exercises to test organisational awareness and controls.
- Utilise a variety of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite, Nmap, Nessus).
- Document findings clearly and concisely in detailed penetration test reports, including risk ratings and remediation recommendations.
- Present findings and remediation strategies to clients in a professional and understandable manner.
- Stay up-to-date with the latest penetration testing techniques, tools, and security threats.
- Collaborate with client security teams to facilitate remediation efforts.
- Contribute to the development of testing methodologies and internal tooling.
- Maintain ethical conduct and adhere to all client engagement agreements and company policies.
This is an exciting opportunity to join a growing cybersecurity firm, work on diverse and challenging engagements, and make a real difference in securing client systems, all within a flexible, remote working environment.
Senior Penetration Tester (Offensive Security)
Posted 13 days ago
Job Viewed
Job Description
As a Senior Penetration Tester, you will be responsible for planning, executing, and reporting on simulated cyberattacks against client systems, networks, and applications. Your primary goal will be to discover security weaknesses, assess their impact, and provide actionable recommendations for remediation. You will utilize a wide array of cutting-edge tools and methodologies to challenge security defenses and uncover potential threats.
Responsibilities:
- Plan, scope, and execute comprehensive penetration tests across various environments, including web applications, mobile applications, networks, and cloud infrastructures.
- Perform vulnerability assessments, identify security flaws, and exploit vulnerabilities to demonstrate potential impact.
- Develop detailed and accurate penetration testing reports, clearly articulating findings, risks, and remediation strategies.
- Provide expert-level recommendations to clients on how to improve their security posture and reduce risk.
- Stay up-to-date with the latest attack vectors, exploitation techniques, and security trends.
- Collaborate with clients to understand their security objectives and tailor testing approaches accordingly.
- Assist in the development of new testing methodologies and tools.
- Mentor and guide junior penetration testers, sharing knowledge and best practices.
- Contribute to the continuous improvement of the security testing services offered by the company.
- Present findings and recommendations to technical teams and executive management.
Qualifications:
- Minimum of 5 years of hands-on experience in penetration testing and offensive security.
- Proven experience in testing web applications, APIs, mobile applications, and network infrastructure.
- In-depth knowledge of common vulnerabilities (e.g., OWASP Top 10) and exploitation techniques.
- Proficiency with penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
- Strong understanding of network protocols, operating systems, and security architectures.
- Excellent report writing and communication skills, with the ability to explain complex technical findings clearly.
- Relevant industry certifications such as OSCP, CISSP, CEH, GPEN, or similar are highly desirable.
- Ability to work independently and manage multiple projects simultaneously in a remote setting.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
This is an exceptional opportunity for a seasoned security professional to work remotely, tackle challenging security puzzles, and make a significant impact on protecting client assets. Join a respected team where your expertise is valued and continuous learning is encouraged.
Offensive Security Tester Red Team
Posted 7 days ago
Job Viewed
Job Description
Offensive Security Tester (Red Team) London / WFH to £70k
Opportunity to progress your career as an Offensive Security Tester at a rapidly expanding scale-up software house that is developing a highly complex network cyber security platform; you'll be working on Greenfield projects, collaborating with and learning from a hugely talented team.
Your role:
As an Offensive Security Tester you will manage client engagements, perform security tests and report findings; you'll be using industry standard combined with in-house developed tools as well as carrying out manual reviews to discover any issues with customer infrastructure and web applications.
You'll be pro-active and will have the opportunity within Red Team testing to try anything and everything to outmanoeuvre the defenders and gain access to customer networks.
WFH Policy:
There's a remote interview / onboarding process and the ability to work from home for the majority of the time with only occasional visits to the London, City offices (i.e. once a quarter).
About you:
- You're degree educated, having achieved a 2.1 or above from a Russel Group or top tier world university - Computer Science, Engineering, Physics or Mathematics; MSc or PhD advantageous
- You're OSCP or CRT certified
- You have commercial experience with Offensive Security, Red Team testing or Penetration testing
- You have a keen interest in Cyber Security and understanding of key concepts and protocols
- You can code with any OO programming language (e.g. Python, C++, C#, Java)
- You have experience of using different operating systems and networking technologies
- You have a good understanding (and interest in) low level concepts including operating systems and networking
- You have excellent written and verbal communication skills
What's in for you:
As an Offensive Security Tester (Red Team) you will receive:
- Salary to £70k
- Remote working (once a month in London)
- Continuous training and career development including paid for certifications
Apply now to find out more about this Offensive Security Tester (Red Team) opportunity.
At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Senior Penetration Tester, Offensive Security Specialist
Posted 24 days ago
Job Viewed
Job Description
Responsibilities:
- Conduct comprehensive penetration tests, including network, web application, mobile application, cloud, and API security assessments.
- Identify, exploit, and document security vulnerabilities using a variety of tools and manual techniques.
- Perform in-depth security reviews of systems and applications to identify weaknesses and provide actionable recommendations for remediation.
- Develop detailed penetration testing reports, clearly articulating findings, risks, and remediation steps for both technical and executive audiences.
- Stay current with the latest penetration testing methodologies, tools, and emerging threats.
- Assist in the development and maintenance of penetration testing tools and frameworks.
- Collaborate with client security and development teams to validate findings and provide guidance on security best practices.
- Mentor junior penetration testers and contribute to the continuous improvement of the offensive security practice.
- Participate in red teaming exercises and other advanced security assessments as needed.
- Research and develop new testing techniques and approaches to stay ahead of evolving threat landscapes.
- Contribute to internal knowledge sharing and training sessions.
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
- Minimum of 5 years of hands-on experience in penetration testing and offensive security engagements.
- Proven expertise in identifying and exploiting vulnerabilities across various platforms and technologies.
- Proficiency with a wide range of penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus, Wireshark).
- Strong understanding of network protocols, operating systems (Windows, Linux), web technologies, and common security vulnerabilities (e.g., OWASP Top 10).
- Experience with scripting or programming languages (e.g., Python, Bash, PowerShell) for security automation and tool development.
- Relevant industry certifications such as OSCP, OSCE, GPEN, GXPN, or CEH are highly desirable.
- Excellent analytical, problem-solving, and critical-thinking skills.
- Outstanding written and verbal communication skills, with the ability to produce clear, concise, and comprehensive reports.
- Ability to work independently, manage time effectively, and meet project deadlines in a remote setting.
Manual Ethical Hacker
Posted 1 day ago
Job Viewed
Job Description
Dublin, Ireland;Chester Business Park, Chester
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
**Job Title: Ethical Hacker**
**Corporate Title: AVP or VP**
**Location: Central Park, Leopardstown, Dublin**
**Location: Chester, UK**
**Company Overview:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
**Location Overview:**
Our Central Park office in Leopardstown, boasts modern facilities based in Dublin's premium business park. With an onsite gym and staff restaurant, all your daily needs are conveniently catered for. Travel options include the LUAS network and the Central Park shuttle service between Dublin City Centre and Central Park. We also provide tax saver tickets as part of our award-winning benefits package, which means getting to work has never been so easy.
**Location Overview:**
**Dublin:**
Our Central Park office in Leopardstown, boasts modern facilities based in Dublin's premium business park. With an onsite gym and staff restaurant, all your daily needs are conveniently catered for. Travel options include the LUAS network and the Central Park shuttle service between Dublin City Centre and Central Park. We also provide tax saver tickets as part of our award-winning benefits package, which means getting to work has never been so easy.
**Chester:**
Find us in the city of Chester, a destination renowned for its culture, history, and beauty. Working at Bank of America Chester offers a far-reaching global career for a world-renowned organisation, whilst being ideally situated against the backdrop of the rolling North Wales hills and the banks of the serene River Dee.
**Role Description**
As an Ethical Hacker: You'll Play a vital role in our Cybersecurity Assurance Program. Your mission? Safeguarding our applications from potential threats.
In this role you'll assess our application security by conducting penetration tests. Think of it as a digital detective work to uncover vulnerabilities. You'll evaluate both internal and external web, mobile, and web service applications. Your goal? To stay ahead of malicious hackers by collaborating with our team to strengthen our defence by identifying and reporting security weaknesses.
**Responsibilities:**
+ Understanding the requirements of our applications and why/how we use them.
+ Testing applications using a variety of tools to identify vulnerabilities that could expose the Bank to risk.
+ Monitoring existing and proposed security standard setting groups
+ Conducting meetings to communicate the findings and implications and set realistic timescales for remediation.
+ Providing technical support to clients, management and staff throughout risk assessments and the implementation of appropriate data security procedures and products
+ Acting as a SME, providing guidance and knowledge to reduce the vulnerabilities and risk when apps are being created.
+ Sharing knowledge with technical and non-technical colleagues through training sessionsJoin us in fortifying our digital realm and making a real impact in the world of security!
**What we are looking for:**
+ Proven professional experience in Ethical Hacking or Cyber Security.
+ Expert level experience and very detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; applications session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services.
+ Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, can use scripting/coding techniques, proficiently execute common penetration testing tools, triage and support incidents, and produce high-value findings
+ Experience in conducting web application ethical hacking assessments.
+ Ability to demonstrate manual web application testing experience i.e. must be able to simulate a SQL inject/Cross-site script attack without the use of tool.
+ Knowledge of network and Web related protocols/technologies (e.g. UNIX/LINUX, TCP/IP, Cookies).
+ Experience with vulnerability assessment tools and penetration testing techniques.
+ Solid programming/debugging skills.
+ Experience of using a variety of tools, included, but not limited to, Invicti, Burp and SQL Map.
+ Ability to learn and apply critical thinking in a variety of situations.
+ Effective written and oral communication skills.
+ Ability to multitask and handle multiple projects.
**Benefits of working at Bank of America:**
**Ireland**
+ Private healthcare for you and your family plus an annual health screen to help you manage your physical wellness with the option to purchase a screen for your partner.
+ Competitive pension plan, life assurance and group income protection cover if you become unable to work as a result of a disability or health reasons.
+ 20 days of back-up childcare and 20 days of back-up adult care per annum.
+ The ability to change your core benefits as well as the option of selecting a variety of flexible benefits to suit your personal circumstances including access to a wellbeing account, travel insurance, critical illness etc.
+ Access to an Employee Assistance Program for confidential support and help for everyday matters.
+ Access to free counselling through the Employee Assistance Program and virtual GP services through our private health care plan.
+ Ability to donate to charities of your choice and the bank will match your contribution.
+ Opportunity to access our Arts & Culture corporate membership program and receive discounted entry to some of Ireland's most iconic cultural institutions and exhibitions.
+ Opportunity to give back to your community, develop new skills and work with new groups of people by volunteering in your local community.
**Bank of America:**
Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.
We are an equal opportunities employer and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity or gender reassignment, marital or civil partner status, race, religion or belief, colour, nationality, ethnic or national origins, membership of the Traveller community, age, sexual orientation, pregnancy or maternity, civil status, socio-economic background, family status or physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.
We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
Be The First To Know
About the latest Offensive security Jobs in United Kingdom !
Senior Penetration Tester (Ethical Hacker)
Posted 12 days ago
Job Viewed
Job Description
Key Responsibilities:
- Perform in-depth penetration tests on web applications, network infrastructure, mobile applications, and cloud environments.
- Conduct vulnerability assessments and analyze results to identify potential security weaknesses.
- Develop and execute creative attack vectors to simulate real-world threats.
- Utilize a variety of penetration testing tools and techniques (e.g., Metasploit, Burp Suite, Nmap) effectively.
- Document all testing activities, methodologies, and findings in clear, concise, and comprehensive reports.
- Present detailed findings and actionable remediation recommendations to clients, both technical and non-technical audiences.
- Stay up-to-date with the latest security threats, vulnerabilities, and penetration testing methodologies.
- Assist in the development and maintenance of security testing tools and frameworks.
- Collaborate with client security teams to provide expert advice on vulnerability mitigation and security best practices.
- Contribute to the continuous improvement of the penetration testing service offering.
- Mentor junior penetration testers and share knowledge within the team.
Qualifications:
- Proven experience as a Penetration Tester or Ethical Hacker.
- Strong understanding of network protocols, operating systems, and common security vulnerabilities.
- Proficiency in using various penetration testing tools and frameworks.
- Experience in web application security testing, network penetration testing, and cloud security assessments.
- Excellent analytical and problem-solving skills.
- Ability to write clear, detailed, and accurate technical reports.
- Strong communication and interpersonal skills, with the ability to effectively communicate technical concepts to diverse audiences.
- Relevant certifications such as OSCP, CREST CRT/CCT, CEH, CISSP are highly desirable.
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- Willingness to undergo security clearance checks.
Senior Penetration Tester (Ethical Hacker)
Posted 13 days ago
Job Viewed
Job Description
Responsibilities:
- Conduct comprehensive penetration tests and security assessments across various environments, including web applications, networks, mobile applications, and cloud infrastructure.
- Identify, exploit, and document security vulnerabilities using a variety of manual and automated tools and techniques.
- Develop detailed and accurate penetration test reports, clearly articulating findings, risks, and remediation strategies to both technical and non-technical audiences.
- Perform in-depth vulnerability analysis and provide expert advice on security best practices.
- Stay up-to-date with the latest penetration testing methodologies, tools, and emerging threats.
- Collaborate with client security teams to understand their environments and testing objectives.
- Develop custom tools and scripts to automate testing processes and enhance efficiency.
- Contribute to the development and maintenance of the company's testing methodologies and frameworks.
- Mentor junior penetration testers and share knowledge within the security team.
- Present findings and recommendations to clients in a clear and professional manner.
- Maintain strict confidentiality and ethical conduct throughout all engagements.
- Participate in red teaming exercises and social engineering engagements as required.
- Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
- Minimum of 7 years of experience in penetration testing and offensive security.
- Deep understanding of networking protocols, operating systems (Windows, Linux), web technologies, and common application vulnerabilities (OWASP Top 10).
- Proficiency with a wide range of penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and Kali Linux.
- Proven experience in exploiting vulnerabilities in various environments.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong report writing and presentation skills.
- Relevant industry certifications are highly desirable, such as OSCP, CEH (Master), GPEN, GWAPT, CISSP.
- Ability to work independently and manage multiple projects simultaneously in a remote setting.
- Strong ethical compass and commitment to professional conduct.
Senior Penetration Tester (Ethical Hacker)
Posted 21 days ago
Job Viewed
Job Description
As a Senior Penetration Tester, you will play a critical role in identifying vulnerabilities and weaknesses in our client's systems and networks. You will conduct comprehensive security assessments, simulating real-world cyber-attacks to protect sensitive data and ensure the integrity of their digital infrastructure. Your expertise will be vital in helping clients maintain a robust security posture against evolving threats.
Key responsibilities include:
- Performing in-depth penetration tests on web applications, networks, mobile applications, and cloud environments.
- Identifying, analyzing, and documenting security vulnerabilities and their potential impact.
- Developing and executing exploitation strategies to demonstrate the real-world risk of identified vulnerabilities.
- Conducting social engineering assessments to evaluate human vulnerabilities.
- Utilizing a wide range of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
- Providing clear, concise, and actionable remediation recommendations to clients.
- Writing comprehensive penetration testing reports that articulate findings, risks, and proposed solutions.
- Collaborating with client IT and security teams to discuss findings and remediation plans.
- Keeping up-to-date with the latest threat landscapes, attack vectors, and security technologies.
- Contributing to the development and improvement of penetration testing methodologies and tools.
- Mentoring junior penetration testers and sharing knowledge within the team.
- Participating in security awareness training and client presentations.
- Proven experience as a Penetration Tester or similar cybersecurity role.
- Demonstrable expertise in network penetration testing, web application security, and wireless security.
- Strong understanding of common vulnerabilities (e.g., OWASP Top 10) and attack techniques.
- Proficiency with various penetration testing tools and frameworks.
- Excellent analytical and problem-solving skills, with a keen eye for detail.
- Strong report writing and communication skills, with the ability to effectively explain complex technical issues to both technical and non-technical audiences.
- Relevant certifications such as OSCP, CREST, CEH, CISSP are highly desirable.
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.