Senior Security Penetration Tester

Pertemps
Reading
2 weeks ago
Create job alert

As aSenior Security Penetration Tester, you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate.

This role requires an understanding of TVM concepts, technologies, and best practices, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication and will be committed to ensuring the highest level of security, compliance, and user experience.

What you’ll be doing as a Senior Security Penetration Tester 

Help support and develop an internal penetration testing function. Conduct network, application penetration testing, code and security reviews. Identify and exploit vulnerabilities through proof-of-concept testing. Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained. Responsible for supporting the creation of the operating model for vulnerability management, that it is shared, agreed and operates effectively across the business. Develop and maintain penetration testing documentation, policies, and procedures. Integrate cyber security solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure. Evaluate and recommend technologies, tools, and vendors to meet business needs. Investigate newly identified cyber security vulnerabilities and provide appropriate mitigation actions. Liaise and coordinate with technology and business stakeholders in relation to cyber security patching and vulnerability management issues/actions. Maintain a cyber threat assessment methodology, align to evolving industry standards and integrate into BAU and project-based business processes. Support with proactive threat hunting for new and emerging cyber threats. Develop and maintain dashboards with cyber security threat and vulnerability metrics. Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001.

Base location – Hybrid – Clearwater Court Reading.
Working pattern – 36 hours Monday to Friday.

What you should bring to the roleStrong knowledge of manual penetration testing techniques and confident with operating systems and tools such as Tenable, Burp Suite, Kalli Linux. Exposure to remediating vulnerabilities and patch management in a complex business environment. Experience in remediating cyber risks in the ever-changing digital estate. 3 years of experience in a penetration testing enterprise environment. Prepare detailed reports and the ability to present findings to key stakeholders. Cyber security industry certification(s) such as CSTM/ CRT/ OSCP/CTL. Understanding of different patching management techniques and approaches for different technology stacks (e.g. SaaS, IaaS, End-User Computing, Server Estate, etc.). Knowledge of TVM concepts, technologies, and best practices, including OSINT tools, vulnerability assessment, threat modelling, etc.What’s in it for you?Competitive salary of up to £62,800 per annum, depending on experience.Annual Leave- 26 days holiday per year increasing to 30 with the length of service (plus bank holidays). Generous Pension Scheme through AON. Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling to Cycle to Work schemes, shopping vouchers and life assurance. Find out more about our benefits and perks

Who are we?
We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.

Learn more about ourpurpose and values

Working at Thames Water
Thames Water is a unique, rewarding and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy fast-tracked career opportunities, flexible working arrangements and excellent benefits.
Whether you’re interested in a role in one of our call centres or science labs, we’re looking for people like you with real passion and a burning desire to make things better.

So, if you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region and our planet.

Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.

Our overarching aim is to ensure that Thames Water is a great, diverse and inclusive place to work. We welcome applications from everyone and offer extra support for those who need it throughout the recruitment process. Our aim is to remove any real or perceived barriers to success, so if you need assistance, we’re here to help and support.

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business, meet colleagues and earn some extra money along the way.

Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.

Related Jobs

View all jobs

Senior Security Penetration Tester

Senior Security Penetration Tester

Senior Cyber Security Consultant

Senior Penetration Tester

Senior Penetration Tester

Senior Penetration Tester – £75k – Remote – 4-Day Week (Full Pay)

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market. If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats. To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd. If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

Negotiating Your Cybersecurity Job Offer: Equity, Bonuses & Perks Explained

How to Secure Compensation That Reflects Your Value in the UK’s High-Stakes Cybersecurity Sector Introduction As cyber threats grow more sophisticated and frequent, cybersecurity professionals have never been more in demand. From thwarting ransomware attacks to architecting secure cloud infrastructures, mid‑senior cybersecurity experts play a critical role in safeguarding a company’s data and reputation. Thanks to this growing reliance on cybersecurity, employers in the UK are going above and beyond simple salary offers to attract the top echelon of talent. Although base salary remains a key component of any job offer, the broader package—encompassing equity, bonuses, and perks—can often surpass what you’d gain from a small bump in monthly pay. For cybersecurity specialists working in areas such as threat intelligence, incident response, penetration testing, or compliance, the complexity and risk mitigation you bring to the table is massive. Knowing how to negotiate the entire package ensures you are duly rewarded for keeping an organisation’s data, assets, and operations safe. In this guide, we’ll delve into every aspect of negotiating a cybersecurity job offer. Whether you’re pivoting to a mid‑senior role or cementing your expertise at an established security consultancy, understanding the full range of compensation elements will help you secure an offer that acknowledges the criticality of what you do. Let’s explore equity options, performance bonuses, and the perks that matter most, so you can come out of your next job negotiation confident that you’re getting more than just a salary.