Penetration Tester

If you are looking for a permanent role as a pen tester, we are looking for a Penetration Tester to join our internal team.

Within the internal testing team, you will deliver a range of security assurance services such as web application penetration tests, network, and infrastructure penetration tests. You will be exposed to cutting edge Cloud technologies. You may also undertake social engineering engagements and physical security assessments and secure code reviews.

Your findings will be logged in our centralised vulnerability management system and feed into our ongoing vulnerability management process. This will have a significant impact and will create change across the business.

You will work alongside IT and development project teams to ensure that all our services – both to our customers and to our staff – are delivered in a secure manner. This will range from production systems, to projects in development cycles and could also include AI and LLM solutions. You will question information that others would take on face value and remain inquisitive to improve the quality of security tests carried out against our infrastructure and applications.

We provide a generous training budget. Members of the team have chosen to undertake numerous training courses and further certifications including SANS and CREST. We expect you to keep up to date on current security trends, techniques, and tools. We love gamifying security training, and staff are encouraged to take part in CTFs. You will also be encouraged to attend conferences, seminars, and industry briefings.

• Carry out detailed application, infrastructure, cloud and AI/LLM penetration test assignments either alone or in a small team.
• Produce high quality written findings.
• Work collaboratively with the wider Cyber Risk and Resilience teams.
• Assist with post incident reviews when required.

• Vulnerability writing skills.
• Familiarity with ‘standard’ penetration testing tools.

• Experience in penetration testing of Applications and Infrastructure
• Familiarity with at least one cloud platform such as Microsoft Azure, Amazon AWS or Google GCP.
• Familiarity with testing AI and LLM solutions.
• Understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
• Programming or scripting skills in at least one modern computer language.
• Experience with BurpSuite, Kali and similar common manual penetration testing tools.

We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.

Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.

We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.

Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here.

As a Disability Confident Leader, for candidates with a disability or long-term health condition, that opt into the Disability Confident scheme, we’ll invite a fair and proportionate number of applicants that meet the essential requirements of the role to the first stage of our selection process.

If you need any adjustments or support with your application or during the recruitment process, just let us know. Please do email us or contact us on . This number is dedicated to supporting candidates that require reasonable adjustments or support during the application process.