Penetration Tester

Penetration Tester

Posted 2 days ago by Synapri

Apply
Negotiable
Inside
Hybrid
London Area, United Kingdom
Apply
Amazon Web Services (AWS) Application Programming Interface (API) Application Security Automation Bash (Scripting Language) Burp Suite Cloud Computing Cloud Infrastructure Cloud Technology Cyber Security DevSecOps Ethical Hacking Financial Information eXchange (FIX) Protocol Github Infrastructure as Code (IaC) Metasploit Microsoft Azure Nikto Web Scanner Nmap Open Web Application Security Project (OWASP) Penetration Testing Python (Programming Language) Scheme (Programming Language) Secure Coding Software Coding Stakeholder Communications Stakeholder Management VeraCode Vulnerability Vulnerability Assessments Web Applications

Summary: The role of Cyber Security Engineer (Penetration Tester) involves conducting penetration tests and vulnerability assessments on web applications, APIs, and cloud infrastructure. The position requires collaboration with developers to enhance security practices and compliance with security standards. The role is based in London with a hybrid working arrangement and is classified as inside IR35. The contract duration is initially set for three months.

Key Responsibilities:

  • Conduct penetration tests and vulnerability assessments on web apps, APIs, and cloud infrastructure (AWS & Azure).
  • Improve security automation tooling (CI/CD, SAST, DAST, IaC scans).
  • Collaborate with developers to fix vulnerabilities and promote secure coding.
  • Support compliance with NCSC and wider security standards.

Key Skills:

  • Proven experience in ethical hacking / penetration testing.
  • Strong with tools like Burp Suite, Metasploit, OWASP ZAP, Nmap, Nikto.
  • Familiarity with DevSecOps tools (GitHub Advanced Security, Veracode, IaC scanning).
  • Cloud security knowledge (AWS, Azure).
  • Scripting: Python, Bash.
  • Certifications: OSCP, CREST, or TIGER Scheme.
  • Excellent stakeholder communication skills.

Salary (Rate): undetermined

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Cyber Security Engineer (Penetration Tester) London Hybrid (2–3 days onsite) Competitive rate Inside IR35 Contract 3mths (initial) SC Cleared

Are you a qualified Penetration Tester or Cyber Security Engineer with expertise in application security , cloud platforms , and DevSecOps ? Join a high-impact Application Security team working on security automation and vulnerability testing across mission-critical digital services

What You’ll Do

  • Conduct penetration tests and vulnerability assessments on web apps, APIs, and cloud infra (AWS & Azure)
  • Improve security automation tooling (CI/CD, SAST, DAST, IaC scans)
  • Collaborate with developers to fix vulnerabilities and promote secure coding
  • Support compliance with NCSC and wider security standards

What You’ll Need

  • Proven experience in ethical hacking / pen testing
  • Strong with tools like Burp Suite, Metasploit, OWASP ZAP, Nmap, Nikto
  • Familiarity with DevSecOps tools (GitHub Advanced Security, Veracode, IaC scanning)
  • Cloud security knowledge (AWS, Azure)
  • Scripting: Python , Bash
  • Certifications: OSCP , CREST , or TIGER Scheme
  • Excellent stakeholder communication skills

Desirable

  • CHECK Team Member/Leader experience
  • Familiarity with NCSC guidelines , Cyber Essentials Plus
  • Threat modelling and secure architecture skills

If you're a qualified Penetration Tester ready to make an impact in UK Gov cybersecurity, apply now or reach out for a confidential chat.

Apply
Similar Jobs
Loading data...