Salary: £78,000 - 78,000 per year Requirements: Strong knowledge of manual penetration testing techniques Confident with operating systems and tools such as Tenable, Burp Suite, Kalli Linux Exposure to remediating vulnerabilities and patch management in a complex business environment Experience in remediating cyber risks in the digital estate Experience in a penetration testing enterprise environment Ability to prepare detailed reports and present findings to key stakeholders Cyber security industry certification(s) such as CSTM/CRT/OSCP/CTL Understanding of different patching management techniques and approaches for various technology stacks (e.g., SaaS, IaaS, End-User Computing, Server Estate) Knowledge of TVM concepts, technologies, and best practices, including OSINT tools, vulnerability assessment, and threat modelling Responsibilities: Support and develop an internal penetration testing function Conduct network and application penetration testing, code, and security reviews Identify and exploit vulnerabilities through proof-of-concept testing Support vulnerability management across the enterprise with a framework for identification, categorisation, and mitigation Create and support the operating model for vulnerability management across the business Develop and maintain penetration testing documentation, policies, and procedures Integrate cyber security solutions, including vulnerability scanning tools, with existing systems Evaluate and recommend technologies, tools, and vendors to meet business needs Investigate newly identified cyber security vulnerabilities and provide appropriate mitigation actions Liaise with technology and business stakeholders regarding cyber security patching and vulnerability management Maintain a cyber threat assessment methodology aligning with industry standards Support proactive threat hunting for new and emerging cyber threats Develop and maintain dashboards with cyber security threat and vulnerability metrics Ensure compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS, and ISO 27001 Technologies: IaaS Support Linux Network Security More: We are Thames Water, the UKs largest water and wastewater company, serving over 16 million customers daily. Our mission is to build a better future for all, helping our customers, communities, people, and the planet thrive. As a Security Penetration Tester, you will join our hybrid team based in Clearwater Court, Reading, and enjoy a competitive salary of up to £78,000 per annum, along with 26 days of annual leave increasing to 30 with service, a generous pension scheme, and various health and well-being benefits. We are committed to creating a diverse and inclusive workplace, and we welcome applications from everyone. Together, we can make a daily difference for millions while protecting the world of water for future generations. last updated 18 week of 2026