Security Penetration Tester

Berkshire
Permanent
Pen tester
Reference: SPT_1781529747

As a Security Penetration Tester, you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate.

This role requires an understanding of TVM concepts, technologies, and best practices, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication and will be committed to ensuring the highest level of security, compliance, and user experience.

Security Clearance: CTC (Counter Terrorist Check) clearance is essential. You must currently hold or be able to attain CTC clearance for this role.

What you'll be doing as a Security Penetration Tester

  • Help support and develop an internal penetration testing function.
  • Conduct network, application penetration testing, code and security reviews.
  • Identify and exploit vulnerabilities through proof-of-concept testing.
  • Support vulnerability management across the enterprise, ensuring that a framework for identification, categorisation and mitigation exists and is implemented and maintained.
  • Responsible for supporting the creation of the operating model for vulnerability management, that it is shared, agreed and operates effectively across the business.
  • Develop and maintain penetration testing documentation, policies, and procedures.
  • Integrate cyber security solutions (e.g. vulnerability scanning tools) with existing systems, applications, and infrastructure.
  • Evaluate and recommend technologies, tools, and vendors to meet business needs.
  • Investigate newly identified cyber security vulnerabilities and provide appropriate mitigation actions.
  • Liaise and coordinate with technology and business stakeholders in relation to cyber security patching and vulnerability management issues/actions.
  • Maintain a cyber threat assessment methodology, align to evolving industry standards and integrate into BAU and project-based business processes.
  • Support with proactive threat hunting for new and emerging cyber threats.
  • Develop and maintain dashboards with cyber security threat and vulnerability metrics.
  • Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001.

What you should bring to the role

  • Strong knowledge of manual penetration testing techniques and confident with operating systems and tools such as Tenable, Burp Suite, Kalli Linux.
  • Exposure to remediating vulnerabilities and patch management in a complex business environment.
  • Experience in remediating cyber risks in the ever-changing digital estate.
  • Experience in a penetration testing enterprise environment.
  • Prepare detailed reports and the ability to present findings to key stakeholders.
  • Cyber security industry certification(s) such as CSTM/ CRT/ OSCP/CTL.
  • Understanding of different patching management techniques and approaches for different technology stacks (e.g. SaaS, IaaS, End-User Computing, Server Estate, etc.).
  • Knowledge of TVM concepts, technologies, and best practices, including OSINT tools, vulnerability assessment, threat modelling, etc

GCS is acting as an Employment Agency in relation to this vacancy.

£65,000.00 - £70,000.00
Per annum
GBP65000 - GBP70000 per annum

Berkshire

Permanent

Added 15/06/2026
Reference: SPT_1781529747

Security Penetration Tester

Berkshire
Permanent

Other similar jobs

Cyber Controls Tester

Added 07/05/2026

As a Control Tester, you will play a key role within the Information Security team supporting the Control Testing & Assurance Manager in delivering cybersecurity control testing activities across multiple security domains. Working closely with cybersecurity leadership, service owners, and control owners, you will help ensure security controls are effectively designed, implemented, and operating as intended across the organisation.This role contributes to the Cybersecurity Control Testing & Assurance programme by assessing control effectiveness, gathering evidence, and supporting the organisation's wider security and compliance objectives. You will collaborate with stakeholders across the business to ensure testing activities are executed efficiently while...

Learn more

Security Architect (AppSec and Network Security) - B2B

Added 06/04/2026

Role: Security Architect (AppSec and Network Security) - B2BDuration: 6-month rolling contractWorking Pattern: Krakow, Hybrid (handful of days per month)GCS Cyber are partnered with a global financial services organisation undergoing multiple large-scale transformation programmes across their Cyber Security division. They are now looking for a Security Architect who has extensive experience managing end-to-end solution designs within large-scale transformation programmes with a heavy focus on Network Security and Application Security Proven experience producing high-level solution designs in line with business requirements.Proven ability to conduct security assessments and threat modelling to inform design decisions.Strong background in cybersecurity, with deep expertise in network...

Learn more

Senior Cyber Security Engineer

Added 15/06/2026

As a Senior Cyber Security Engineer, you will play a critical role in delivering cyber strategies, with responsibility for the design, implementation, and ongoing effectiveness of security capabilities across IT and OT environments.You will engineer and maintain the technical capabilities that enable early threat detection, rapid and consistent response, and sustained cyber risk reduction, while translating cyber risk, regulatory, and business demands into practical, measurable, and operationally sustainable security controls.This is a hands‑on engineering role for individuals who enjoy building resilient security capabilities, integrating platforms and telemetry, and turning strategy, risk, and incident learnings into practical engineering outcomes. The role...

Learn more

Cyber Security Manager

Added 11/06/2026

🔐 Cybersecurity Manager (Audit & Compliance) - Los Angeles, CA📍 Location: Los Angeles, CA 📄 Duration: 12+ Month Contract (C2H Possible) 🏢 Work Model: Hybrid🚀 About the RoleJoin as a Cybersecurity Manager leading large-scale security audit and compliance programs. You'll ensure audit readiness, drive remediation, and align enterprise systems with industry standards.🛠️ ResponsibilitiesLead enterprise audit and compliance initiativesOversee risk assessments and vulnerability remediationDrive adherence to ISO 27001, SOC2, NISTPartner with cross-functional teams and stakeholdersProvide executive-level reporting on audit progress✅ Requirements7-10+ years in cybersecurity or compliance rolesExperience with audit, risk, and governance programsStrong stakeholder communication skillsPreferred certifications: CISSP, CISM, CISA, PMP...

Learn more

Cyber Security Manager

Added 11/06/2026

🔐 Cybersecurity Manager (Audit & Compliance) - Irvine, CA📍 Location: Irvine, CA 📄 Duration: 12+ Month Contract (C2H Possible) 🏢 Work Model: Hybrid🚀 About the RoleWe are hiring a Cybersecurity Manager to lead enterprise audit and compliance initiatives, focusing on ISO 27001, SOC2, and NIST frameworks. You'll drive audit readiness, manage remediation efforts, and ensure security compliance across the organization.🛠️ ResponsibilitiesLead internal & external cybersecurity auditsManage audit findings, risk, and remediation effortsEnsure compliance with ISO, SOC2, NIST frameworksCollaborate with IT & Security teams to close gapsTrack and report audit status to leadership✅ Requirements7-10+ years in cybersecurity, audit, or complianceStrong knowledge...

Learn more

Senior Infrastructure Security Engineer

Added 10/06/2026

Senior Infrastructure Security Engineer12-Month Rolling Contract | Dublin or Cork | 1 Day Onsite Per WeekWe're supporting a large Irish enterprise seeking an experienced Infrastructure Security Engineer to join a team responsible for securing and enhancing a complex Microsoft environment.This role will suit a contractor with a strong infrastructure background who has developed expertise across identity, access management, endpoint security, and Microsoft security technologies.Key Areas of FocusActive Directory administration, optimisation, and securityMicrosoft Entra ID / Azure AD managementIdentity & Access Management initiativesPrivileged Access Management solutionsEndpoint security and Intune administrationConditional Access and access governanceSecurity remediation and hardening activitiesPowerShell scripting and automationRequired...

Learn more

Cloud Security Engineer - Contract

Added 03/06/2026

Cloud Security EngineerWe are looking for a Cloud Security Engineer to support the security of our clients cloud platforms and modern infrastructure environments. This role will work closely with technology and engineering teams to help identify, assess, and mitigate security risks while promoting security best practices across cloud-native and containerised environments.The successful candidate will bring a strong foundation in information security, a collaborative mindset, and a passion for continuous learning in cloud and infrastructure security. Key ResponsibilitiesSupport the implementation and maintenance of security controls across cloud environments.Collaborate with engineering and operational teams to enhance the security of cloud-based services and...

Learn more

Information Security Programme Manager

Added 03/06/2026

Information Security Programme Manager - Global Enterprise Environment Duration: Permanent, full time Type: Salaried role (competitive package, pension, bonus, healthcare, 26 days leave) Location: Dublin On‑site Requirement: 1 day a week onsite.Summary of RoleIn this role, you will:Lead a portfolio of information security transformation programmes within a large, complex global organisation.Drive the delivery of security change initiatives that strengthen governance, controls, and regulatory alignment across technology and business functions.Act as a senior programme lead, ensuring security initiatives are delivered efficiently, transparently, and in line with strategic priorities.Partner closely with senior stakeholders to embed security requirements into enterprise services and operating...

Learn more

OT Cyber Security Delivery Manager

Added 01/06/2026

Role: OT Cyber Security Delivery ManagerDuration: 6 month rollingRate: Up to £650 Inside IR35Location: London (2 days onsite)I'm supporting an urgent requirement for an experienced OT Cyber Security Delivery Manager to drive the delivery of security improvements across a complex OT environment.This role is very much delivery-led, so we need someone who has hands-on experience implementing OT security controls, owning execution across initiatives like IT/OT segmentation, NIS2, and secure access.What we're looking for:Proven experience leading and delivering OT cyber programmes/projects end-to-end (IEC62443 / NIST aligned)Strong experience across ICS/SCADA and OT environmentsAbility to drive delivery across engineering, cyber, and operations teamsTo...

Learn more

Network Security Consultant

Added 27/05/2026

Senior Network Security Consultant (DORA Programme) - ContractLocation: Fully Remote (Europe)Preferred Location: PolandContract Duration: 12 months initial (strong likelihood of extension)Start Date: ASAP OverviewWe are supporting a major European financial services organisation on a large-scale DORA compliance programme and are looking to onboard multiple Senior Network Security Consultants on a contract basis.This is a high-impact engagement focused on delivering third-party infrastructure and security assessments at scale. You will join an established Cloud & Network Security function, contributing to critical regulatory compliance activities. The RoleAs a Senior Consultant, you will operate at a strategic and advisory level, focusing on assessment, architecture...

Learn more

Senior Full Stack Developer - Security

Added 19/05/2026

Senior Full Stack Developer - Identity & Access ManagementPosition SummaryWe are seeking an experienced Senior Full Stack Developer to join a high-performing engineering team supporting enterprise Identity & Access Management (IAM) applications within a large-scale security organization. This role will focus on the design, development, integration, and modernization of secure enterprise applications used internally across the organization.The ideal candidate will possess strong expertise across both frontend and backend development, with deep experience in Angular, Java, Spring Boot, REST API development, cloud-native AWS services, and secure application development practices. This individual will play a key technical leadership role within the team,...

Learn more

Application Security Engineer

Added 12/05/2026

Application Security Engineer ZZP / Freelance Industry: AAA Gaming Studio Location: Fully Remote (Netherlands) Contract Length: 12-18 monthsAbout the RoleA fast‑growing gaming studio is looking for an Application Security Engineer to embed secure development practices into their high‑velocity game and platform engineering teams. You'll help secure game engines, back‑end services, and player‑facing APIs used by millions worldwide.Key ResponsibilitiesConduct secure code reviews and help dev teams fix vulnerabilities.Integrate SAST, SCA, and DAST tools into build pipelines.Perform threat modelling on gameplay features and backend microservices.Respond to application‑level vulnerabilities and guide remediation efforts.Promote a developer‑friendly security culture within the studio.Skills & ExperienceStrong experience...

Learn more

Cloud Security Architect

Added 12/05/2026

Cloud Security ArchitectContractIndustry: Global FinTech Platform Location: Hybrid (Amsterdam) Contract Length: 6-12 monthsAbout the RoleA leading FinTech provider is modernising its global cloud footprint and requires a Cloud Security Architect to design, implement, and govern cloud security standards across multi‑cloud estates. You will be the senior technical authority shaping how secure‑by‑design cloud services are built.Key ResponsibilitiesDesign secure architectures across AWS and Azure for high‑volume financial services.Define IaC security standards, encryption baselines, and identity patterns.Lead threat modelling, architectural risk assessments, and cloud posture reviews.Support engineering teams with secure build patterns, guardrails, and security automation.Act as a technical SME for cloud security...

Learn more

Network Security Engineer

Added 12/05/2026

Network Security EngineerContractLocation: Remote / Hybrid (Amsterdam)Contract Length: 6-12 months Start Date: ASAP Rate: CompetitiveAbout the RoleOur client, a leading gaming company, is seeking an experienced Network Security Engineer Contractor to support a large-scale merger and acquisition integration. The organisation has recently acquired a studio with a significantly different technology estate, and now requires a specialist to help consolidate, secure, and stabilise the combined network infrastructure.This role is critical in ensuring the security, interoperability, and reliability of both legacy and acquired networks during the integration phase.Key ResponsibilitiesNetwork Security Integration & HardeningAssess, analyse, and map the acquired company's network and security...

Learn more

Network Security Engineer

Added 12/05/2026

Network Security Engineer gezocht - Utrecht12 maanden contract (Detachering)€65.000 - €70.000Hybride - 2 dagen p/w op kantoor28 vakantiedagen7 officiële feestdagen (Bevrijdingsdag jaarlijks van toepassing)8% vakantiegeld8,33% eindejaarsuitkeringPensioencompensatieWat je gaat doen:Uitvoeren van changes op firewalls, routers, switches en infrastructuurapparatuurAfhandelen van incidenten en uitvoeren van diepgaande onderzoekenToezicht houden op installaties (remote of onsite)Opstellen van HLD's/LLD's + scherp implementatieadvies leverenOntwerpen, configureren & implementeren van routing/switching, firewalls, load balancers, proxies, telefonieBeheren van CMDB-updates, IPAM, netwerkdiagrammen en instructiesOntwikkelen van scripts + het aanjagen van netwerkautomatiseringBeheren van monitoringsystemen, compliance, capaciteit & changesWat jij meebrengt:10+ jaar ervaring met Check Point & Cisco5+ jaar ervaring als Security Specialist binnen...

Learn more

Apply for...

Added
COMPETITIVE SALARY

Your file must be a doc, docx or pdf. No larger than 5MB.
New cv path

Please refer to our Privacy Policy for details on how we use your data

No saved jobs available

All your saved jobs are no longer available or you've already applied.

At least 8 characters, 1 uppercase, 1 lowercase and 1 special character or number
Your file must be a doc, docx or pdf. No larger than 5MB.

Let us know you agree to cookies

We use cookies to provide you with the best possible browsing experience on our website. You can find out more here.