Shape the Future of AIJoin one of the UK's fastest-growing companies and become a Professional Development Expert in Artificial Intelligence.

View Roles

Senior Security Penetration Tester

Idibu
Reading
1 week ago
Applications closed

Related Jobs

View all jobs

Senior Security Penetration Tester

Senior Security Penetration Tester

Senior Security Penetration Tester

Senior Security Penetration Tester

BDO Digital Senior Offensive Security Analyst

Penetration Tester (Mid/Senior)

As a Senior Security Penetration Tester, you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate.

This role requires an understanding of TVM concepts, technologies, and best practices, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication skills and will be committed to ensuring the highest level of security, compliance, and user experience.

What you’ll be doing as the Senior Security Penetration Tester

  • Help support and develop an internal penetration testing function.
  • Conduct network, application penetration testing, code and security reviews.
  • Identify and exploit vulnerabilities through proof-of-concept testing.
  • Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained.
  • Responsible for supporting the creation of the operating model for vulnerability management, which is shared, agreed and operates effectively across the business.
  • Develop and maintain penetration testing documentation, policies, and procedures.
  • Integrate cybersecurity solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure.
  • Evaluate and recommend technologies, tools, and vendors to meet business needs.
  • Investigate newly identified cybersecurity vulnerabilities and provide appropriate mitigation actions.
  • Liaise and coordinate with technology and business stakeholders in relation to cybersecurity patching and vulnerability management issues/actions.
  • Maintain a cyber threat assessment methodology, align with evolving industry standards and integrate into BAU and project-based business processes.
  • Support with proactive threat hunting for new and emerging cyber threats.
  • Develop and maintain dashboards with cybersecurity threat and vulnerability metrics.
  • Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001.

Base location – Hybrid – Clearwater Court, Reading.

Working pattern – 36 hours, Monday to Friday.

What you should bring to the role

  • Strong knowledge of manual penetration testing techniques and confident with operating systems and tools such as Tenable, Burp Suite, and Kalli Linux.
  • Exposure to remediating vulnerabilities and patch management in a complex business environment.
  • Experience in remediating cyber risks in the ever-changing digital estate.
  • 3 years of experience in a penetration testing enterprise environment.
  • Prepare detailed reports and have the ability to present findings to key stakeholders.
  • Cyber security industry certification(s) such as CSTM/ CRT/ OSCP/CTL.
  • Understanding of different patching management techniques and approaches for different technology stacks (e.g. SaaS, IaaS, End-User Computing, Server Estate, etc.).
  • Knowledge of TVM concepts, technologies, and best practices, including OSINT tools, vulnerability assessment, threat modelling, etc.

What’s in it for you?

  • Competitive salary of up to £68,000 per annum, depending on experience.
  • Annual Leave - 26 days holiday per year, increasing to 30 with the length of service (plus bank holidays).
  • Generous Pension Scheme through AON.
  • Access to lots of benefits to help you take care of yourself and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling to Cycle to Work schemes, shopping vouchers and life assurance.

Find out more about our benefits and perks

Who are we?
We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.

Learn more about our purpose and values

Working at Thames Water
Thames Water is a unique, rewarding, and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy fast-tracked career opportunities, flexible working arrangements and excellent benefits.

Whether you’re interested in a role in one of our call centres or science labs, we’re looking for people like you with real passion and a burning desire to make things better.

So, if you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region and our planet.

Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.

Our overarching aim is to ensure that Thames Water is great, diverse, and inclusive place to work. We welcome applications from everyone and offer extra support for those who need it throughout the recruitment process. Our aim is to remove any real or perceived barriers to success, so if you need assistance, we’re here to help and support.

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business and meet colleagues.

Disclaimer: Due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

Why Now Is the Perfect Time to Launch Your Career in Cyber Security: The UK's Digital Defence Revolution

The United Kingdom faces an unprecedented cyber security challenge that presents an extraordinary career opportunity. With cyber attacks increasing by 300% year-on-year and the average cost of a data breach reaching £4.24 million, Britain urgently needs skilled cyber security professionals to defend its digital infrastructure, protect citizens' data, and maintain national security in an increasingly connected world. If you've been considering a career change or seeking to future-proof your professional trajectory, cyber security represents one of the most secure, well-compensated, and socially impactful career choices available. The convergence of escalating threats, skills shortage, government investment, and regulatory requirements has created a perfect storm of opportunity that shows no signs of abating.

Jobs

Automate Your Cyber Security Jobs Search: Using ChatGPT, RSS & Alerts to Save Hours Each Week

Cyber roles drop across consultancies, MSSPs, hyperscalers, banks, gov & start-ups every day—often buried in ATS portals or duplicated across boards. The fix is simple: put discovery on autopilot with keyword-rich alerts, RSS feeds & a reusable ChatGPT workflow that triages listings, ranks fit, & tailors your CV in minutes. This copy-paste playbook is built for www.cybersecurityjobs.tech readers. It’s UK-centric, practical, & designed to save you hours each week. What You’ll Have Working In 30 Minutes A role & keyword map spanning SecOps/Detection, DFIR, AppSec, Cloud Security, GRC, Red Team, Threat Intel, IAM/PAM, OT/ICS & Vulnerability Management. Shareable Boolean search strings for Google & job boards to cut noise fast. Always-on alerts & RSS feeds delivering fresh roles to your inbox/reader. A ChatGPT “Cyber Job Scout” prompt that deduplicates, scores fit & outputs tailored actions. A simple pipeline tracker so deadlines & follow-ups never slip.

Careers Jobs

10 Cyber Security Recruitment Agencies in the UK You Should Know (2025 Job‑Seeker Guide)

UK cyber security hiring remains resilient in 2025, driven by nation-state threats, cloud security investments, and NCSC regulatory pressures. Lightcast reports +42 % YoY growth in UK roles mentioning “SOC”, “cyber risk”, “offensive security” or “GRC”. Yet despite 30,000 active cyber professionals, monthly live vacancies remain in the 2,500–2,900 range. The result: strong demand across public and private sector. We reviewed 50 + consultancies and included only those that: Are registered in the UK (Companies House) Operate a dedicated Cyber Security / InfoSec / Risk & Compliance desk Posted at least 5 UK cyber security roles between March and June 2025 This guide includes 2025 salary ranges, key skills, interview prep tips, and a verified recruiter directory.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.