18 Penetration Testing jobs in the United Kingdom

• Lead red team and penetration testing activities across the organisation.
• Plan and execute network, application, and social engineering assessments.
• Collaborate with SOC and vendors on purple team exercises.
• Identify and report on security risks, supporting remediation efforts.
• Manage red team tooling and test platforms.
• Work with tech teams to improve cyber defences and detection capabilities.
• Deliver clear, executive-level reporting from technical findings.
• Stay ahead of evolving cyber threats and attack methods.

• 3+ years in penetration testing or red team operations.
• Strong understanding of APT tactics, evasion techniques, and system architecture.
• Experience with red/purple team tools and automated testing platforms.
• Solid grasp of blue team strategies, SIEM tools, and incident response.
• Skilled in writing concise reports for both technical and non-technical audiences.
• Knowledge of cyber risk frameworks, regulations, and best practices.

• Circa 75,000 + Excellent Package
• Excellent benefits package
• London / Hybrid x3 days onsite

• Lead red team and penetration testing activities across the organisation.
• Plan and execute network, application, and social engineering assessments.
• Collaborate with SOC and vendors on purple team exercises.
• Identify and report on security risks, supporting remediation efforts.
• Manage red team tooling and test platforms.
• Work with tech teams to improve cyber defences and detection capabilities.
• Deliver clear, executive-level reporting from technical findings.
• Stay ahead of evolving cyber threats and attack methods.

• 3+ years in penetration testing or red team operations.
• Strong understanding of APT tactics, evasion techniques, and system architecture.
• Experience with red/purple team tools and automated testing platforms.
• Solid grasp of blue team strategies, SIEM tools, and incident response.
• Skilled in writing concise reports for both technical and non-technical audiences.
• Knowledge of cyber risk frameworks, regulations, and best practices.

• Circa 75,000 + Excellent Package
• Excellent benefits package
• London / Hybrid x3 days onsite

Penetration Testing Program Manager

PMO Pen Manager
3 months
Wokingham - 50% on site
450
MUST HAVE ACTIVE SC

Summary
A dynamic and detail-oriented PMO to oversee and coordinate a Penetration Testing (PEN Testing) program. This role is pivotal in ensuring that testing activities are well-managed, results are clearly communicated, and remediation efforts are tracked across the organisation. While deep technical expertise in cybersecurity is not required, the ideal candidate will possess a strong understanding of PEN Testing concepts and be able to translate technical findings into actionable insights for senior stakeholders.

Key Responsibilities

• Manage the end-to-end lifecycle of PEN Testing engagements across multiple teams and vendors
• Coordinate scheduling, resource allocation, and reporting timelines for all PEN Testing activities
• Review and consolidate PEN Test results, ensuring clarity and consistency in reporting
• Communicate findings, risks, and remediation progress to senior leadership and relevant business units
• Track and escalate unresolved issues or critical vulnerabilities
• Maintain documentation, dashboards, and audit trails for compliance and governance
• Collaborate with cybersecurity teams to ensure alignment with broader security strategy
• Facilitate post-test reviews and lessons learned sessions
  
  Required Skills & Experience
• Proven experience in a PMO, project management, or program coordination role
• Familiarity with cybersecurity principles, especially around PEN Testing and vulnerability management
• Strong communication skills with the ability to translate technical content for non-technical audiences
• Excellent organisational and stakeholder management abilities
• Experience working in regulated environments or with compliance frameworks (e.g. ISO 27001, NIST, etc.) is a plus

Proficiency in project management tools (e.g. Jira, Confluence, MS Project, or similar)

Additional Skills
- Certifications like PMP, Prince2, or CISM/CISSP
- Experience working with external PEN Testing vendors or consultancies
- Ability to influence and drive remediation efforts across diverse team

• Conduct comprehensive penetration tests on web applications, networks, APIs, and cloud environments.
• Identify, analyze, and document security vulnerabilities and weaknesses.
• Utilize a variety of security tools and techniques (e.g., Nessus, Burp Suite, Metasploit) to perform assessments.
• Develop detailed reports outlining findings, risks, and actionable recommendations for remediation.
• Collaborate with development and IT teams to guide the implementation of security fixes.
• Perform vulnerability assessments and provide ongoing security posture monitoring.
• Stay current with the latest threats, vulnerabilities, and hacking techniques.
• Contribute to the development and improvement of security testing methodologies and processes.
• Participate in security awareness training and incident response activities as needed.
• Maintain strict confidentiality and handle sensitive information appropriately.
• Support compliance initiatives by ensuring security controls meet regulatory requirements.

Penetration Testing Team Lead
Technology Banking
AVP Level
Hybrid (London (Moorgate) 3 days per week)
Salary & Package TBC

Opportunity for a skilled Cyber Security Professional with penetration testing and red team expertise to join a global financial services organisation. This is a hands-on role where you'll simulate advanced cyber attacks, test defences, and influence enterprise-level security strategy.

Key Responsibilities

• Lead red team operations , penetration testing, and ethical hacking engagements

• Plan and deliver cyber attack simulations, vulnerability assessments, and social engineering tests

• Work with SOC teams on purple team exercises to enhance detection and response

• Produce executive reporting on cyber threats, risks, and remediation progress

• Collaborate with security and infrastructure teams to strengthen overall cyber resilience

Skills & Experience

• 3+ years in penetration testing / ethical hacking / red teaming

• Strong understanding of cyber threats, APTs, threat actor tactics, and exploit development

• Familiar with SIEM, defensive security monitoring, incident response, and detection engineering

• Deep knowledge of network, web application, and enterprise architecture security

• Excellent communication skills to present cyber risk insights to stakeholders

Hybrid working model - 3 days in the London office. Competitive salary and benefits on offer.

Apply now to take on a high-impact role in cyber security, penetration testing, and ethical hacking at enterprise scale.

This role could suit individuals who have held the following role titles: Penetration Tester, Red Team Specialist, Lead Red Team Operator, Red Team Lead, Ethical Hacker, Security Tester, Vulnerability Analyst, Offensive Security Specialist, Threat Intelligence Analyst.

Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.

Penetration Testing Team Lead
Technology Banking
AVP Level
Hybrid (London (Moorgate) 3 days per week)
Salary & Package TBC

Opportunity for a skilled Cyber Security Professional with penetration testing and red team expertise to join a global financial services organisation. This is a hands-on role where you'll simulate advanced cyber attacks, test defences, and influence enterprise-level security strategy.

Key Responsibilities

• Lead red team operations , penetration testing, and ethical hacking engagements

• Plan and deliver cyber attack simulations, vulnerability assessments, and social engineering tests

• Work with SOC teams on purple team exercises to enhance detection and response

• Produce executive reporting on cyber threats, risks, and remediation progress

• Collaborate with security and infrastructure teams to strengthen overall cyber resilience

Skills & Experience

• 3+ years in penetration testing / ethical hacking / red teaming

• Strong understanding of cyber threats, APTs, threat actor tactics, and exploit development

• Familiar with SIEM, defensive security monitoring, incident response, and detection engineering

• Deep knowledge of network, web application, and enterprise architecture security

• Excellent communication skills to present cyber risk insights to stakeholders

Hybrid working model - 3 days in the London office. Competitive salary and benefits on offer.

Apply now to take on a high-impact role in cyber security, penetration testing, and ethical hacking at enterprise scale.

This role could suit individuals who have held the following role titles: Penetration Tester, Red Team Specialist, Lead Red Team Operator, Red Team Lead, Ethical Hacker, Security Tester, Vulnerability Analyst, Offensive Security Specialist, Threat Intelligence Analyst.

Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.

Penetration Testing Team Lead
Technology Banking
AVP Level
Hybrid (London (Moorgate) 3 days per week)
Salary & Package TBC

Opportunity for a skilled Cyber Security Professional with penetration testing and red team expertise to join a global financial services organisation. This is a hands-on role where you'll simulate advanced cyber attacks, test defences, and influence enterprise-level security st.

WHJS1_UKTJ

• Plan, execute, and document penetration tests against various systems, including web applications, network infrastructure, cloud environments, and mobile applications.
• Utilize a range of penetration testing tools and techniques to identify security weaknesses and vulnerabilities.
• Perform vulnerability assessments and analyze scan results to identify potential threats and risks.
• Develop detailed and accurate penetration testing reports, clearly articulating findings, their potential impact, and providing practical remediation strategies.
• Collaborate with internal IT and development teams to implement security fixes and improvements.
• Stay current with the latest security threats, vulnerabilities, and penetration testing methodologies.
• Assist in the development and maintenance of security policies and procedures.
• Participate in security awareness training and incident response activities as needed.
• Conduct code reviews from a security perspective for critical applications.
• Provide expert advice on security best practices and risk mitigation strategies to management and technical teams.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 3-5 years of professional experience in penetration testing and vulnerability assessment.
• Proven experience conducting black box, grey box, and white box penetration tests.
• In-depth knowledge of common vulnerabilities (e.g., OWASP Top 10) and exploitation techniques.
• Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and Kali Linux.
• Strong understanding of network protocols, operating systems (Windows, Linux), and web technologies.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Strong written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.
• Relevant certifications such as OSCP, CEH, CISSP, or GIAC is highly desirable.
• Experience in a Belfast, Northern Ireland, UK based company is a plus but not essential.