799 Security Testing jobs in the United Kingdom

1st Line Security Controls Testing Manager

Greater London, London Mastercard

Posted 19 days ago

Job Viewed

Tap Again To Close

Job Description

**Our Purpose**
_Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._
**Title and Summary**
1st Line Security Controls Testing Manager
Main Purpose of role:
The newly created Vocalink Control Office function is seeking Manager within the 1st Line Control Testing team to support the delivery of control testing activities across Security control domains, within Vocalink Limited (VLL). VLL is a Bank of England regulated, Critical National Infrastructure (CNI) company that enables the payments of 90% of salaries, 70% of utility bills, most ATM transactions and every cheque cleared in the UK.
This role plays a key part in embedding a strong control environment by executing control testing, identifying control gaps, and supporting continuous improvement in risk management practices.
Key Responsibilities:
- Control Testing Execution
 Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology.
Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations.
repare and review control testing documentation, including test procedures, results, and identified gaps.
nsure timely escalation of control deficiencies and support remediation tracking.
- Team Leadership, Collaboration & Stakeholder Engagement
upervise and mentor junior team members (Senior Analysts), providing guidance on testing execution and quality assurance.
upport the Director of Control Testing in delivering the annual testing plan and contributing to team development.
ngage with 1st Line teams while coordinating closely with 2nd Line Security partners and maintaining effective liaison with Internal Audit.
ontribute to reporting for governance forums, including dashboards, thematic reviews, and trend analysis.
artner with control owners, providing guidance on control effectiveness and remediation.
- Governance & Continuous Improvement
upport the development and refinement of control testing standards, tools, and methodologies.
ontribute to the maturity of the 3 Lines of Defence model and promote a culture of proactive risk management.
tay informed on emerging risks, regulatory changes, and industry best practices with a focus on cybersecurity risks.
Experience & Qualifications:
- Experience in control testing, or assurance, and risk management within security in a regulated environment.
- Strong investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills.
- Strong understanding of control frameworks and standards (e.g., NIST, CRI, ISO and PCI-DSS).
- Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities.
- Excellent communication and stakeholder engagement skills.
- Professional certifications such as CISA, CISM, CISSP, CRISC, ISO 27001 or equivalent is desirable.
Preferred Skills & Attributes:
- Bachelor's degree in Computer Science, Cyber Security, Information Technology, or related field.
- Good Knowledge of security controls and IT general controls across platforms such as UNIX, HP Nonstop, and Windows.
- Understanding of software development lifecycle (SDLC), DevOps, and cloud technologies.
- Proficiency in data analytics tools such as ACL or similar control testing tools.
- Proficiency in Microsoft Office Suite (MS Word, MS Excel, MS Access and MS PowerPoint)
- Strong organisational skills with the ability to prioritise and manage multiple tasks.
- Self-starter with a continuous improvement mindset and a collaborative approach.
**Corporate Security Responsibility**
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
+ Abide by Mastercard's security policies and practices;
+ Ensure the confidentiality and integrity of the information being accessed;
+ Report any suspected information security violation or breach, and
+ Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst (Penetration Testing)

SO14 0AA Southampton, South East £70000 Annually WhatJobs

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a dynamic cybersecurity firm, is seeking a highly skilled Senior Information Security Analyst specializing in penetration testing. This role is essential for identifying and mitigating security vulnerabilities across various client systems and networks. This position is fully remote, offering the flexibility to conduct comprehensive security assessments from anywhere.

The ideal candidate will have a deep understanding of offensive security techniques, vulnerability assessment tools, and the ability to simulate real-world attack scenarios. You will be responsible for conducting thorough penetration tests, analyzing findings, and providing actionable recommendations to clients to enhance their security posture. A passion for cybersecurity and a commitment to ethical hacking are paramount.

Key Responsibilities:
  • Plan, execute, and document penetration tests on web applications, networks, cloud environments, and mobile applications.
  • Identify and exploit security vulnerabilities, assessing their potential impact and risk.
  • Utilize a variety of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite, Nmap).
  • Conduct thorough vulnerability assessments and security audits.
  • Develop detailed reports outlining identified vulnerabilities, their severity, and remediation recommendations.
  • Collaborate with clients to understand their security needs and provide expert advice.
  • Stay abreast of the latest threats, vulnerabilities, and security trends.
  • Assist in the development and refinement of penetration testing methodologies and procedures.
  • Mentor junior security analysts and contribute to team knowledge sharing.
  • Ensure all testing activities comply with ethical standards and client agreements.

Qualifications:
  • Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent practical experience.
  • Minimum of 5 years of experience in penetration testing and vulnerability assessment.
  • In-depth knowledge of common attack vectors, exploitation techniques, and security countermeasures.
  • Proficiency with a wide range of penetration testing tools and frameworks.
  • Experience in scripting languages (e.g., Python, Bash) for security automation is a plus.
  • Strong understanding of networking protocols, operating systems, and web application security.
  • Excellent analytical, problem-solving, and critical thinking skills.
  • Exceptional written and verbal communication skills, with the ability to clearly articulate technical findings to both technical and non-technical audiences.
  • Relevant security certifications such as OSCP, CEH, CISSP are highly desirable.
  • Ability to work independently and manage multiple projects effectively in a remote environment.

This is an excellent opportunity for an experienced security professional to contribute their expertise to a leading cybersecurity firm. If you are based in or able to serve clients in Southampton, Hampshire, UK remotely, we encourage you to apply.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst (Penetration Testing)

S1 2AA Sheffield, Yorkshire and the Humber £60000 Annually WhatJobs

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a leading financial services organization, is seeking a highly skilled Senior Information Security Analyst specializing in Penetration Testing to join their dynamic security team, based in Sheffield, South Yorkshire, UK . This critical role involves proactively identifying and mitigating security vulnerabilities across the organization's network infrastructure, applications, and systems. The Senior Analyst will plan, execute, and report on penetration tests, vulnerability assessments, and security audits using a variety of industry-standard tools and methodologies. You will be responsible for simulating attacks, analyzing their potential impact, and providing detailed, actionable recommendations for remediation to technical teams and management. The ideal candidate will possess deep technical expertise in cybersecurity, a strong understanding of ethical hacking principles, and a proven ability to think like an attacker. This position requires excellent analytical, problem-solving, and communication skills, with the ability to clearly articulate complex security findings to both technical and non-technical audiences. While the primary work location is Sheffield, this role offers a degree of flexibility, allowing for some remote work to support work-life balance.

Key Responsibilities:
  • Plan, conduct, and report on network, application, and system penetration tests.
  • Perform vulnerability assessments and security audits to identify weaknesses.
  • Simulate real-world attack scenarios to evaluate the effectiveness of security controls.
  • Analyze test results and provide detailed, actionable recommendations for remediation.
  • Develop and maintain security testing methodologies and playbooks.
  • Stay current with the latest threats, vulnerabilities, and attack techniques.
  • Collaborate with IT and development teams to ensure security vulnerabilities are addressed promptly.
  • Assist in the development and implementation of security policies and procedures.
  • Mentor junior security analysts and contribute to team knowledge sharing.
  • Participate in incident response activities when necessary.

Qualifications:
  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
  • Minimum of 5 years of experience in information security, with a strong focus on penetration testing and vulnerability assessment.
  • In-depth knowledge of network protocols, operating systems (Windows, Linux), and common attack vectors.
  • Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Wireshark, etc.
  • Experience with scripting languages (e.g., Python, Bash) for automation is highly desirable.
  • Relevant security certifications such as OSCP, CISSP, CEH, GIAC (GPEN, GWAPT) are a plus.
  • Excellent analytical, problem-solving, and critical-thinking skills.
  • Strong written and verbal communication skills, with the ability to produce clear and concise reports.
  • Ability to work independently and manage multiple projects simultaneously.
This is a challenging and rewarding opportunity to play a vital role in protecting the organization's digital assets and contributing to its overall security posture.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst - Penetration Testing

PL1 2AB Plymouth, South West £60000 Annually WhatJobs

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a leader in providing secure digital solutions, is seeking a highly skilled Senior Information Security Analyst specializing in Penetration Testing to join their team in **Plymouth, Devon, UK**. This hybrid role is critical for identifying and mitigating security vulnerabilities across the organisation's IT infrastructure and applications.

You will be responsible for conducting comprehensive penetration tests, vulnerability assessments, and security audits using a variety of tools and methodologies. Your role will involve simulating cyber-attacks to uncover weaknesses in systems, networks, and applications, and providing detailed reports with actionable recommendations for remediation. You will collaborate closely with IT and development teams to implement security enhancements and ensure compliance with industry best practices and regulatory requirements. The successful candidate will have a deep understanding of common attack vectors, security frameworks (e.g., OWASP, NIST), and exploit development. Experience with scripting languages (e.g., Python, Bash) for automating security tasks is highly desirable. You will also be involved in developing security policies and procedures, and contributing to incident response planning.

The ideal candidate will possess a Bachelor's degree in Computer Science, Cybersecurity, or a related field, with a minimum of 5 years of experience in information security, specifically in penetration testing and vulnerability management. Professional certifications such as OSCP, CEH, CISSP, or equivalent are strongly preferred. You must have a strong ethical hacking mindset, excellent analytical and problem-solving skills, and the ability to clearly communicate complex technical findings to both technical and non-technical audiences. Experience with various operating systems, network protocols, and security tools is essential. This is an exciting opportunity to contribute to the security posture of a growing organisation in **Plymouth**, protecting critical digital assets and ensuring the integrity of sensitive data. Our client offers a dynamic work environment, opportunities for professional development, and competitive compensation.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst - Penetration Testing

S1 2AW Sheffield, Yorkshire and the Humber £55000 Annually WhatJobs

Posted 17 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly skilled and experienced Senior Information Security Analyst with a specialisation in Penetration Testing to join their dynamic security team in **Sheffield, South Yorkshire, UK**. This role is crucial for proactively identifying vulnerabilities and ensuring the security posture of our organisation's systems, networks, and applications. You will be responsible for conducting thorough penetration tests, analysing findings, and providing actionable recommendations to mitigate risks. The ideal candidate will possess a deep understanding of offensive security techniques and a passion for staying ahead of emerging threats.

Key Responsibilities:
  • Conduct comprehensive penetration tests on networks, web applications, mobile applications, and cloud environments.
  • Perform vulnerability assessments and analyse security weaknesses using a variety of tools and methodologies.
  • Develop and execute custom scripts and tools to aid in penetration testing activities.
  • Document test methodologies, findings, and recommendations clearly and concisely.
  • Present test results and remediation strategies to technical teams and management.
  • Stay up-to-date with the latest penetration testing techniques, tools, and security vulnerabilities.
  • Assist in the development and maintenance of security testing policies and procedures.
  • Collaborate with incident response teams to understand attack vectors and improve defences.
  • Mentor junior security analysts and provide technical guidance.
  • Participate in security architecture reviews and provide input on secure design principles.
  • Research and stay informed about emerging threats and attack vectors relevant to the industry.
  • Contribute to the continuous improvement of the security testing program.
  • Maintain an up-to-date understanding of regulatory compliance requirements impacting security testing.
  • Build and maintain lab environments for security testing.
Qualifications and Skills:
  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
  • 5+ years of experience in information security, with a strong focus on penetration testing and vulnerability assessment.
  • Demonstrated expertise in various penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap, Kali Linux).
  • Proficiency in at least one scripting or programming language (e.g., Python, Bash, PowerShell).
  • Strong understanding of network protocols, operating systems, and web application security.
  • Experience with cloud security testing (AWS, Azure, GCP) is a significant advantage.
  • Excellent analytical, problem-solving, and critical thinking skills.
  • Strong written and verbal communication skills, with the ability to explain complex technical issues to various audiences.
  • Relevant security certifications such as OSCP, CEH, CISSP, or GIAC certifications are highly desirable.
  • Ability to work effectively both independently and as part of a team.
This hybrid role requires regular presence at our **Sheffield, South Yorkshire, UK** office for collaborative tasks and team meetings, with the flexibility for remote work on other days. You will be part of a committed team dedicated to maintaining a secure digital environment.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst - Penetration Testing

BT1 1AB Belfast, Northern Ireland £65000 Annually WhatJobs

Posted 19 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly skilled Senior Information Security Analyst with a specialization in Penetration Testing. This role is fully remote, allowing you to contribute to a robust cybersecurity posture from anywhere in the UK. You will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and providing expert recommendations to mitigate risks across the organization's IT infrastructure. This includes performing penetration tests, vulnerability scans, and security audits to ensure the confidentiality, integrity, and availability of sensitive data. You will work closely with IT and development teams to implement security controls and enhance the overall security resilience.

Key responsibilities include:
  • Planning, executing, and reporting on penetration tests of networks, applications, and systems.
  • Identifying and analyzing security vulnerabilities and weaknesses.
  • Developing detailed remediation plans and providing expert guidance to technical teams.
  • Conducting vulnerability assessments and security configuration reviews.
  • Researching and staying current with the latest security threats, vulnerabilities, and attack vectors.
  • Developing and maintaining security testing tools and methodologies.
  • Collaborating with IT and development teams to implement security best practices.
  • Participating in incident response activities as needed.
  • Contributing to the development and enhancement of the organization's security policies and procedures.
  • Mentoring junior security analysts and sharing knowledge within the team.

The ideal candidate will have extensive experience in penetration testing and ethical hacking, with a strong understanding of cybersecurity principles and frameworks. Proven expertise in various testing tools and techniques (e.g., Metasploit, Burp Suite, Nmap) is essential. Excellent analytical, problem-solving, and reporting skills are required. Professional certifications such as OSCP, CEH, CISSP, or equivalent are highly desirable. Strong communication and collaboration skills are necessary for effective interaction with technical and non-technical stakeholders. This is a remote-first position, requiring excellent self-management, autonomy, and the ability to work effectively within a distributed team. Your expertise will be crucial in safeguarding our client's digital assets.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst - Penetration Testing (Remote)

NG1 1HN Nottingham, East Midlands £75000 Annually WhatJobs

Posted 19 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a leading cybersecurity firm committed to protecting digital assets, is seeking a highly skilled Senior Information Security Analyst with a specialization in Penetration Testing to join their elite team on a fully remote basis. This role is critical in identifying vulnerabilities and strengthening the security posture of our diverse client base.

The successful candidate will conduct in-depth penetration tests, vulnerability assessments, and security audits across various networks, applications, and systems. You will be responsible for simulating real-world attacks to uncover weaknesses before malicious actors can exploit them. This position demands a proactive mindset, exceptional technical acumen, and a deep understanding of threat landscapes.

Key Responsibilities:
  • Plan, execute, and report on comprehensive penetration tests and vulnerability assessments for external and internal networks, web applications, mobile applications, and cloud environments.
  • Utilize a wide range of security tools and methodologies (e.g., Metasploit, Burp Suite, Nmap, Wireshark) to identify security flaws.
  • Perform manual testing to uncover complex vulnerabilities that automated tools may miss.
  • Analyze findings, provide detailed technical explanations, and develop practical, actionable remediation recommendations.
  • Develop clear, concise, and professional security assessment reports for technical and non-technical stakeholders.
  • Stay current with the latest security threats, vulnerabilities, attack vectors, and penetration testing techniques.
  • Mentor and guide junior security analysts, fostering their professional development.
  • Collaborate with client security teams to facilitate the remediation process.
  • Contribute to the development and refinement of the company's penetration testing methodologies and services.
  • Maintain ethical conduct and confidentiality throughout all engagements.

Essential Qualifications:
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
  • A minimum of 5 years of experience specifically in penetration testing and vulnerability assessment.
  • Proven experience with common security testing tools and frameworks.
  • Strong understanding of networking protocols, operating systems (Windows, Linux), web application security, and cloud security concepts.
  • Demonstrable experience in identifying and exploiting common vulnerabilities (e.g., OWASP Top 10).
  • Excellent analytical, problem-solving, and critical thinking skills.
  • Superb written and verbal communication skills, with the ability to effectively document and present technical findings.
  • Relevant industry certifications such as OSCP, CEH, CISSP, GPEN, or GWAPT are highly desirable.
  • Ability to work autonomously and manage time effectively in a remote work environment.

This is a remote opportunity offering the flexibility to work from anywhere while contributing to critical cybersecurity initiatives.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security testing Jobs in United Kingdom !

Security Engineer

New
PE28 4DA Huntingdon, Eastern Leidos

Posted today

Job Viewed

Tap Again To Close

Job Description

Description Cyber Security Engineer (T4) Location: Huntingdon, Cambridgeshire UK Security Clearance Level: 'High' - DV Developed Vetting At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Are your ready for your next challenge? Leidos is seeking a Cyber Security Engineer with an extensive background as an infrastructure engineer, coupled with proven skills in coding. This role is designed for an individual who is keen on leveraging their technical expertise to fortify the security framework within a dynamic environment. The role will lead initiatives to integrate security at every phase of the development lifecycle, ensuring the robustness and compliance of our applications and infrastructure. In this role, you will be working across both infrastructure and security space reporting into the System Technical Lead and the Cyber Security Engineering Lead. Key Responsibilities: COTS Application Updates: Support the update process for Commercial Off-The-Shelf (COTS) applications, ensuring compatibility and security. Vulnerability Scanning: Conduct regular assessments of environments to identify vulnerabilities. Security Definition Updates: Manage and update security definitions across our platforms to protect against emerging threats. Vulnerability Analysis: Analyse vulnerability assessment reports and implement necessary changes. Security Daily Checks: Perform thorough daily checks of security components to ensure operational integrity. System Health Checks: Conduct daily system health checks to ensure servers are functioning optimally. Capacity Checks & Reporting: Monitor and report on local system capacity, suggesting improvements where necessary. Patching: Support application patching to resolve security issues and enhance system performance. Log Management: Oversee log archiving and deletion processes to maintain a streamlined log management system. Account Management: Update local admin account passwords and manage account policies to maintain security. Resource and System Monitoring: Implement and manage resource and system monitoring tools and practices. Backup Management: Ensure local server backups are conducted regularly and effectively. Documentation and SOPs: Review and update engineering and design documents and standard operating procedures periodically. Reboots and Preventative Maintenance: Schedule and execute server and application reboots as part of preventive maintenance. Platform Health Check: Perform full audits of all technologies for interoperability and patch compliance. PKI and Secrets Management: Oversee the daily checks of Public Key Infrastructure and manage the lifecycle of secrets securely. Vulnerability Assessment: Execute comprehensive vulnerability scanning on all applications and lead the analysis and triage of findings. Code Review: Review code for potential security issues prior to production releases. Your Skills & Experience Infrastructure hardening/maintenance/engineering Working experience in one or multiple of the following disciplines: Microsoft & Linux/Unix Virtualisation technologies (VMWare) Endpoint Security Products (e.g. Symantec, Trellix) Network Security (Firewalls) Vulnerability Scanning Code Analysis (Java, PowerShell etc) Desirable Experience Experience working in both delivery and proposal environments. Experience working in MOD or Home Office project environments. Proven track record as a 3rd line infrastructure engineer Solid experience in developing and automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present in security working groups Excellent verbal and written communication skills and works well in a team environment Capable of developing and communicating reports to meet defined objectives for intended audience A good level of commercial awareness and project disciplines Candidate Essentials British - non-dual national – many of our projects have nationality restrictions DV cleared or willing to go through DV Clearance What we do for you: At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes: • Contributory Pension Scheme • Private Medical Insurance • 33 days Annual Leave (including public and privilege holidays) • Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme) • Access to Flexi-time benefits Commitment to Diversity: We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs. Who We Are: Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science. Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation. What Makes Us Different: Purpose: you can use your passion and abilities at Leidos to keep the people you care about safe. We are at the forefront of machine learning, AI, cyber security and solutions. Using your skills in the technology frontline by helping to build a safer world. You can inspire change. Collaboration: having flexibility to do your job is one of our core benefits, enabling you to become part of our extraordinary team. We have been empowering our people to work flexibly for years. Whether you work from home, the office or on customer sites, we will give you the digital tools and the flexibility to work smarter and align your needs and ours. People: Leidos empowers people from every background to be themselves and gives you the tools to learn new skills by enabling growth whilst developing. We believe that extraordinary people need opportunities to grow, to be inspired and to inspire others. At Leidos, we invest in technical academies, career rotations and a career development plans that enhance your future. At Leidos, we don’t want someone who "fits the mold"—we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, “what’s next?” before the dust settles on “what’s now.” If you’re already scheming step 20 while everyone else is still debating step 2… good. You’ll fit right in. Original Posting: For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: £60,100.00-£77,000.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
This advertiser has chosen not to accept applicants from your region.

Security Engineer

New
GU14 6TQ Farnborough, South East Leidos

Posted today

Job Viewed

Tap Again To Close

Job Description

Description Cyber Security Engineer (T4) Location: F/T Onsite to Farnborough, UK Clearance Level: High - Developed Vetting (DV) At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Are your ready for your next challenge? Leidos is seeking a Cyber Security Engineer with an extensive background as an infrastructure engineer, coupled with proven skills in coding. This role is designed for an individual who is keen on leveraging their technical expertise to fortify the security framework within a dynamic environment. The role will lead initiatives to integrate security at every phase of the development lifecycle, ensuring the robustness and compliance of our applications and infrastructure. In this role, you will be working across both infrastructure and security space reporting into the System Technical Lead and the Cyber Security Engineering Lead. Key Responsibilities: COTS Application Updates: Support the update process for Commercial Off-The-Shelf (COTS) applications, ensuring compatibility and security. Vulnerability Scanning: Conduct regular assessments of environments to identify vulnerabilities. Security Definition Updates: Manage and update security definitions across our platforms to protect against emerging threats. Vulnerability Analysis: Analyse vulnerability assessment reports and implement necessary changes. Security Daily Checks: Perform thorough daily checks of security components to ensure operational integrity. System Health Checks: Conduct daily system health checks to ensure servers are functioning optimally. Capacity Checks & Reporting: Monitor and report on local system capacity, suggesting improvements where necessary. Patching: Support application patching to resolve security issues and enhance system performance. Log Management: Oversee log archiving and deletion processes to maintain a streamlined log management system. Account Management: Update local admin account passwords and manage account policies to maintain security. Resource and System Monitoring: Implement and manage resource and system monitoring tools and practices. Backup Management: Ensure local server backups are conducted regularly and effectively. Documentation and SOPs: Review and update engineering and design documents and standard operating procedures periodically. Reboots and Preventative Maintenance: Schedule and execute server and application reboots as part of preventive maintenance. Platform Health Check: Perform full audits of all technologies for interoperability and patch compliance. PKI and Secrets Management: Oversee the daily checks of Public Key Infrastructure and manage the lifecycle of secrets securely. Vulnerability Assessment: Execute comprehensive vulnerability scanning on all applications and lead the analysis and triage of findings. Code Review: Review code for potential security issues prior to production releases. Essential Process Skills/Experience Infrastructure hardening/maintenance/engineering Working experience in one or multiple of the following disciplines: Microsoft & Linux/Unix Virtualisation technologies (VMWare) Endpoint Security Products (e.g. Symantec, Trellix) Network Security (Firewalls) Vulnerability Scanning Code Analysis (Java, PowerShell etc) Desirable Experience Experience working in both delivery and proposal environments. Experience working in MOD or Home Office project environments. Proven track record as a 3rd line infrastructure engineer Solid experience in developing and automating processes. Working knowledge of SecDevOps tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and documentation abilities. Hands on experience with SIEM solutions i.e. Splunk, ArcSight, LogRhythm Communication and Soft Skills Experience speaking to and working with leadership as well as ability to write reports and present in security working groups Excellent verbal and written communication skills and works well in a team environment Capable of developing and communicating reports to meet defined objectives for intended audience A good level of commercial awareness and project disciplines Candidate Essentials British - Non-dual national – many of our projects have nationality restrictions DV cleared or willing to go through DV Clearance Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your CV with us today! Everything we do is built on our commitment to do the right thing for our customers, our employees, and our communities. Learn more about the values and culture that are the foundations of our business. Our work in the United Kingdom includes addressing some of the most complex problems in national security, defence, government, logistics and operations, transportation, and energy. What we do for you: At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes: • Contributory Pension Scheme • Private Medical Insurance • 33 days Annual Leave (including public and privilege holidays) • Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme) • Access to Flexi-time benefits Commitment to Diversity: We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs. Who We Are: Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science. Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation. What Makes Us Different: Purpose: you can use your passion and abilities at Leidos to keep the people you care about safe. We are at the forefront of machine learning, AI, cyber security and solutions. Using your skills in the technology frontline by helping to build a safer world. You can inspire change. Collaboration: having flexibility to do your job is one of our core benefits, enabling you to become part of our extraordinary team. We have been empowering our people to work flexibly for years. Whether you work from home, the office or on customer sites, we will give you the digital tools and the flexibility to work smarter and align your needs and ours. People: Leidos empowers people from every background to be themselves and gives you the tools to learn new skills by enabling growth whilst developing. We believe that extraordinary people need opportunities to grow, to be inspired and to inspire others. At Leidos, we invest in technical academies, career rotations and a career development plans that enhance your future. Come break things (in a good way). Then build them smarter. We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.” Original Posting: For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: £60,100.00-£77,000.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
This advertiser has chosen not to accept applicants from your region.

Security Engineer

New
PE28 4DA Huntingdon, Eastern Leidos

Posted today

Job Viewed

Tap Again To Close

Job Description

Description Security Engineer S ecurity Clearance Required - DV ('Developed Vetting') Location: 80% On-Site to Huntingdon, UK UNLEASH YOUR POTENTIAL At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Are your ready for your next challenge? We are in search for a number Cyber Security Engineers with a varied technical background - Required to work at our customer sites in Huntingdon and/or London with occasional travel to other UK sites. In this role, you will be working in a team of security engineers reporting into the cyber security engineering lead to ensure that the customer sites maintain a strong cyber security posture. You will have responsibility for ensuring that security enforcing functions and managed and maintained to a high standard whilst securely implementing new capabilities. You will ensure that Leidos can establish and maintain an effective and efficient security in service capability for a programme, and that the designs are implemented and managed will be able to adapt as customer requirements, legislation and accreditation standards change over a programme lifespan. These positions perform the following tasks: Work under the direct supervision of the Security Engineering Lead too: Implement and maintain the Security tooling and technical controls Work with the engineering teams to ensure systems remain at the required security posture against baseline requirements Develop and document system security baselines. Work with the Protective Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems, and test security products and systems to detect security weakness Process Skills/Experience Experience of a taking a defence in depth and multi layered approach to security architecture Experience of implementing detective and preventative security controls to reduce risk to an acceptable level Understanding of the controlling processes for, and experience of a significant portion of, the systems engineering lifecycle (e.g. requirements management, configuration management) Understanding of different lifecycles/methodologies (waterfall, incremental, SAFE agile, DevOps) Experience in performing design trade off working with architects and other engineers to deliver an integrated and coherent solution Understanding of service operations and security operational management planning Experience working in both delivery and proposal environments Experience of Defence Digital and relevant solutions and approaches across MOD Technology skills/Experience Excellent understanding of Confidentiality, Integrity and Availability (CIA) and practical experience in applying that. Endpoint Protection products Malware App Control DLP Experience in implementing security requirements for a system: Microsoft OS Linux OS Virtualisation technologies Networking Endpoint Security Products Working knowledge of the accreditation process for secure/sensitive systems Experience in producing/updating Design artefacts Understanding of the implementation, operation and maintenance of SIEM products Understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus) Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc) Understanding of security infrastructure in Public and Private cloud, e.g. virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions Communication and Soft Skills Excellent verbal and written communication skills and works well in a team environment Capable of developing and communicating a vision to meet the System Requirements Ability to communicate complex technical ideas across a wide range of different audiences A good level of commercial awareness that will support the bid and delivery environments Desirable Experience Experience working in both delivery and proposal environments Experience working in MOD or Home Office project environments Working within an AGILE environment What we do for you: At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes: • Contributory Pension Scheme • Private Medical Insurance • 33 days Annual Leave (including public and privilege holidays) • Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme) • Access to Flexi-time benefits Commitment to Diversity: We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs. Who We Are: Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science. Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in frontline services, our work in the United Kingdom includes addressing some of the most complex problems in defence, healthcare, government, safety and security, and transportation. What Makes Us Different: Purpose: you can use your passion and abilities at Leidos to keep the people you care about safe. We are at the forefront of machine learning, AI, cyber security and solutions. Using your skills in the technology frontline by helping to build a safer world. You can inspire change. Collaboration: having flexibility to do your job is one of our core benefits, enabling you to become part of our extraordinary team. We have been empowering our people to work flexibly for years. Whether you work from home, the office or on customer sites, we will give you the digital tools and the flexibility to work smarter and align your needs and ours. People: Leidos empowers people from every background to be themselves and gives you the tools to learn new skills by enabling growth whilst developing. We believe that extraordinary people need opportunities to grow, to be inspired and to inspire others. At Leidos, we invest in technical academies, career rotations and a career development plans that enhance your future. Original Posting: For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: Pay Range £47,500.00 - £71,557.50 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. Remote
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Testing Jobs