799 Security Testing jobs in the United Kingdom
1st Line Security Controls Testing Manager
Posted 19 days ago
Job Viewed
Job Description
_Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._
**Title and Summary**
1st Line Security Controls Testing Manager
Main Purpose of role:
The newly created Vocalink Control Office function is seeking Manager within the 1st Line Control Testing team to support the delivery of control testing activities across Security control domains, within Vocalink Limited (VLL). VLL is a Bank of England regulated, Critical National Infrastructure (CNI) company that enables the payments of 90% of salaries, 70% of utility bills, most ATM transactions and every cheque cleared in the UK.
This role plays a key part in embedding a strong control environment by executing control testing, identifying control gaps, and supporting continuous improvement in risk management practices.
Key Responsibilities:
- Control Testing Execution
Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology.
Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations.
repare and review control testing documentation, including test procedures, results, and identified gaps.
nsure timely escalation of control deficiencies and support remediation tracking.
- Team Leadership, Collaboration & Stakeholder Engagement
upervise and mentor junior team members (Senior Analysts), providing guidance on testing execution and quality assurance.
upport the Director of Control Testing in delivering the annual testing plan and contributing to team development.
ngage with 1st Line teams while coordinating closely with 2nd Line Security partners and maintaining effective liaison with Internal Audit.
ontribute to reporting for governance forums, including dashboards, thematic reviews, and trend analysis.
artner with control owners, providing guidance on control effectiveness and remediation.
- Governance & Continuous Improvement
upport the development and refinement of control testing standards, tools, and methodologies.
ontribute to the maturity of the 3 Lines of Defence model and promote a culture of proactive risk management.
tay informed on emerging risks, regulatory changes, and industry best practices with a focus on cybersecurity risks.
Experience & Qualifications:
- Experience in control testing, or assurance, and risk management within security in a regulated environment.
- Strong investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills.
- Strong understanding of control frameworks and standards (e.g., NIST, CRI, ISO and PCI-DSS).
- Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities.
- Excellent communication and stakeholder engagement skills.
- Professional certifications such as CISA, CISM, CISSP, CRISC, ISO 27001 or equivalent is desirable.
Preferred Skills & Attributes:
- Bachelor's degree in Computer Science, Cyber Security, Information Technology, or related field.
- Good Knowledge of security controls and IT general controls across platforms such as UNIX, HP Nonstop, and Windows.
- Understanding of software development lifecycle (SDLC), DevOps, and cloud technologies.
- Proficiency in data analytics tools such as ACL or similar control testing tools.
- Proficiency in Microsoft Office Suite (MS Word, MS Excel, MS Access and MS PowerPoint)
- Strong organisational skills with the ability to prioritise and manage multiple tasks.
- Self-starter with a continuous improvement mindset and a collaborative approach.
**Corporate Security Responsibility**
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
+ Abide by Mastercard's security policies and practices;
+ Ensure the confidentiality and integrity of the information being accessed;
+ Report any suspected information security violation or breach, and
+ Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Senior Information Security Analyst (Penetration Testing)
Posted 5 days ago
Job Viewed
Job Description
The ideal candidate will have a deep understanding of offensive security techniques, vulnerability assessment tools, and the ability to simulate real-world attack scenarios. You will be responsible for conducting thorough penetration tests, analyzing findings, and providing actionable recommendations to clients to enhance their security posture. A passion for cybersecurity and a commitment to ethical hacking are paramount.
Key Responsibilities:
- Plan, execute, and document penetration tests on web applications, networks, cloud environments, and mobile applications.
- Identify and exploit security vulnerabilities, assessing their potential impact and risk.
- Utilize a variety of penetration testing tools and methodologies (e.g., Metasploit, Burp Suite, Nmap).
- Conduct thorough vulnerability assessments and security audits.
- Develop detailed reports outlining identified vulnerabilities, their severity, and remediation recommendations.
- Collaborate with clients to understand their security needs and provide expert advice.
- Stay abreast of the latest threats, vulnerabilities, and security trends.
- Assist in the development and refinement of penetration testing methodologies and procedures.
- Mentor junior security analysts and contribute to team knowledge sharing.
- Ensure all testing activities comply with ethical standards and client agreements.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent practical experience.
- Minimum of 5 years of experience in penetration testing and vulnerability assessment.
- In-depth knowledge of common attack vectors, exploitation techniques, and security countermeasures.
- Proficiency with a wide range of penetration testing tools and frameworks.
- Experience in scripting languages (e.g., Python, Bash) for security automation is a plus.
- Strong understanding of networking protocols, operating systems, and web application security.
- Excellent analytical, problem-solving, and critical thinking skills.
- Exceptional written and verbal communication skills, with the ability to clearly articulate technical findings to both technical and non-technical audiences.
- Relevant security certifications such as OSCP, CEH, CISSP are highly desirable.
- Ability to work independently and manage multiple projects effectively in a remote environment.
This is an excellent opportunity for an experienced security professional to contribute their expertise to a leading cybersecurity firm. If you are based in or able to serve clients in Southampton, Hampshire, UK remotely, we encourage you to apply.
Senior Information Security Analyst (Penetration Testing)
Posted 6 days ago
Job Viewed
Job Description
Key Responsibilities:
- Plan, conduct, and report on network, application, and system penetration tests.
- Perform vulnerability assessments and security audits to identify weaknesses.
- Simulate real-world attack scenarios to evaluate the effectiveness of security controls.
- Analyze test results and provide detailed, actionable recommendations for remediation.
- Develop and maintain security testing methodologies and playbooks.
- Stay current with the latest threats, vulnerabilities, and attack techniques.
- Collaborate with IT and development teams to ensure security vulnerabilities are addressed promptly.
- Assist in the development and implementation of security policies and procedures.
- Mentor junior security analysts and contribute to team knowledge sharing.
- Participate in incident response activities when necessary.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- Minimum of 5 years of experience in information security, with a strong focus on penetration testing and vulnerability assessment.
- In-depth knowledge of network protocols, operating systems (Windows, Linux), and common attack vectors.
- Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Wireshark, etc.
- Experience with scripting languages (e.g., Python, Bash) for automation is highly desirable.
- Relevant security certifications such as OSCP, CISSP, CEH, GIAC (GPEN, GWAPT) are a plus.
- Excellent analytical, problem-solving, and critical-thinking skills.
- Strong written and verbal communication skills, with the ability to produce clear and concise reports.
- Ability to work independently and manage multiple projects simultaneously.
Senior Information Security Analyst - Penetration Testing
Posted 8 days ago
Job Viewed
Job Description
You will be responsible for conducting comprehensive penetration tests, vulnerability assessments, and security audits using a variety of tools and methodologies. Your role will involve simulating cyber-attacks to uncover weaknesses in systems, networks, and applications, and providing detailed reports with actionable recommendations for remediation. You will collaborate closely with IT and development teams to implement security enhancements and ensure compliance with industry best practices and regulatory requirements. The successful candidate will have a deep understanding of common attack vectors, security frameworks (e.g., OWASP, NIST), and exploit development. Experience with scripting languages (e.g., Python, Bash) for automating security tasks is highly desirable. You will also be involved in developing security policies and procedures, and contributing to incident response planning.
The ideal candidate will possess a Bachelor's degree in Computer Science, Cybersecurity, or a related field, with a minimum of 5 years of experience in information security, specifically in penetration testing and vulnerability management. Professional certifications such as OSCP, CEH, CISSP, or equivalent are strongly preferred. You must have a strong ethical hacking mindset, excellent analytical and problem-solving skills, and the ability to clearly communicate complex technical findings to both technical and non-technical audiences. Experience with various operating systems, network protocols, and security tools is essential. This is an exciting opportunity to contribute to the security posture of a growing organisation in **Plymouth**, protecting critical digital assets and ensuring the integrity of sensitive data. Our client offers a dynamic work environment, opportunities for professional development, and competitive compensation.
Senior Information Security Analyst - Penetration Testing
Posted 17 days ago
Job Viewed
Job Description
Key Responsibilities:
- Conduct comprehensive penetration tests on networks, web applications, mobile applications, and cloud environments.
- Perform vulnerability assessments and analyse security weaknesses using a variety of tools and methodologies.
- Develop and execute custom scripts and tools to aid in penetration testing activities.
- Document test methodologies, findings, and recommendations clearly and concisely.
- Present test results and remediation strategies to technical teams and management.
- Stay up-to-date with the latest penetration testing techniques, tools, and security vulnerabilities.
- Assist in the development and maintenance of security testing policies and procedures.
- Collaborate with incident response teams to understand attack vectors and improve defences.
- Mentor junior security analysts and provide technical guidance.
- Participate in security architecture reviews and provide input on secure design principles.
- Research and stay informed about emerging threats and attack vectors relevant to the industry.
- Contribute to the continuous improvement of the security testing program.
- Maintain an up-to-date understanding of regulatory compliance requirements impacting security testing.
- Build and maintain lab environments for security testing.
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
- 5+ years of experience in information security, with a strong focus on penetration testing and vulnerability assessment.
- Demonstrated expertise in various penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Nmap, Kali Linux).
- Proficiency in at least one scripting or programming language (e.g., Python, Bash, PowerShell).
- Strong understanding of network protocols, operating systems, and web application security.
- Experience with cloud security testing (AWS, Azure, GCP) is a significant advantage.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong written and verbal communication skills, with the ability to explain complex technical issues to various audiences.
- Relevant security certifications such as OSCP, CEH, CISSP, or GIAC certifications are highly desirable.
- Ability to work effectively both independently and as part of a team.
Senior Information Security Analyst - Penetration Testing
Posted 19 days ago
Job Viewed
Job Description
Key responsibilities include:
- Planning, executing, and reporting on penetration tests of networks, applications, and systems.
- Identifying and analyzing security vulnerabilities and weaknesses.
- Developing detailed remediation plans and providing expert guidance to technical teams.
- Conducting vulnerability assessments and security configuration reviews.
- Researching and staying current with the latest security threats, vulnerabilities, and attack vectors.
- Developing and maintaining security testing tools and methodologies.
- Collaborating with IT and development teams to implement security best practices.
- Participating in incident response activities as needed.
- Contributing to the development and enhancement of the organization's security policies and procedures.
- Mentoring junior security analysts and sharing knowledge within the team.
The ideal candidate will have extensive experience in penetration testing and ethical hacking, with a strong understanding of cybersecurity principles and frameworks. Proven expertise in various testing tools and techniques (e.g., Metasploit, Burp Suite, Nmap) is essential. Excellent analytical, problem-solving, and reporting skills are required. Professional certifications such as OSCP, CEH, CISSP, or equivalent are highly desirable. Strong communication and collaboration skills are necessary for effective interaction with technical and non-technical stakeholders. This is a remote-first position, requiring excellent self-management, autonomy, and the ability to work effectively within a distributed team. Your expertise will be crucial in safeguarding our client's digital assets.
Senior Information Security Analyst - Penetration Testing (Remote)
Posted 19 days ago
Job Viewed
Job Description
The successful candidate will conduct in-depth penetration tests, vulnerability assessments, and security audits across various networks, applications, and systems. You will be responsible for simulating real-world attacks to uncover weaknesses before malicious actors can exploit them. This position demands a proactive mindset, exceptional technical acumen, and a deep understanding of threat landscapes.
Key Responsibilities:
- Plan, execute, and report on comprehensive penetration tests and vulnerability assessments for external and internal networks, web applications, mobile applications, and cloud environments.
- Utilize a wide range of security tools and methodologies (e.g., Metasploit, Burp Suite, Nmap, Wireshark) to identify security flaws.
- Perform manual testing to uncover complex vulnerabilities that automated tools may miss.
- Analyze findings, provide detailed technical explanations, and develop practical, actionable remediation recommendations.
- Develop clear, concise, and professional security assessment reports for technical and non-technical stakeholders.
- Stay current with the latest security threats, vulnerabilities, attack vectors, and penetration testing techniques.
- Mentor and guide junior security analysts, fostering their professional development.
- Collaborate with client security teams to facilitate the remediation process.
- Contribute to the development and refinement of the company's penetration testing methodologies and services.
- Maintain ethical conduct and confidentiality throughout all engagements.
Essential Qualifications:
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
- A minimum of 5 years of experience specifically in penetration testing and vulnerability assessment.
- Proven experience with common security testing tools and frameworks.
- Strong understanding of networking protocols, operating systems (Windows, Linux), web application security, and cloud security concepts.
- Demonstrable experience in identifying and exploiting common vulnerabilities (e.g., OWASP Top 10).
- Excellent analytical, problem-solving, and critical thinking skills.
- Superb written and verbal communication skills, with the ability to effectively document and present technical findings.
- Relevant industry certifications such as OSCP, CEH, CISSP, GPEN, or GWAPT are highly desirable.
- Ability to work autonomously and manage time effectively in a remote work environment.
This is a remote opportunity offering the flexibility to work from anywhere while contributing to critical cybersecurity initiatives.
Be The First To Know
About the latest Security testing Jobs in United Kingdom !
Security Engineer
Posted today
Job Viewed
Job Description
Security Engineer
Posted today
Job Viewed
Job Description
Security Engineer
Posted today
Job Viewed