Cyber Security Testing Lead - £70k
Hybrid (up to 2 days per week in the office) | Permanent | Bonus Scheme
Shape the Future of Security Testing
Are you an experienced cyber security professional who enjoys the technical side of penetration testing and vulnerability management, but wants to move beyond purely hands-on testing?
This is an opportunity to lead and mature a security testing capability across a complex and business-critical technology estate. You'll work at the intersection of security testing, vulnerability management, stakeholder engagement and governance—helping ensure that testing programmes are effective, scalable and aligned to evolving business risk.
Rather than spending your days conducting penetration tests yourself, you'll be the person defining what needs testing, engaging specialist testing providers, validating findings, driving remediation and helping embed security into projects and technology change initiatives.
This role would particularly suit someone coming from a Senior Penetration Tester, Security Testing, Application Security, Security Engineering or Vulnerability Management background who wants broader ownership and influence.
What You'll Be Doing
* Own and evolve the organisation's security testing programme.
* Scope, coordinate and oversee penetration testing across applications, infrastructure and cloud environments.
* Manage relationships with specialist third-party penetration testing providers.
* Review findings and work with technical teams to ensure effective remediation.
* Validate remediation activities and provide technical challenge where required.
* Help integrate security testing into the Secure Software Development Lifecycle (SSDLC).
* Provide oversight of vulnerability assessment activities and scanning programmes.
* Work closely with infrastructure, engineering, development and project teams.
* Identify opportunities to expand and improve testing coverage across critical systems.
* Mentor colleagues and help improve technical security understanding within the wider security function.
What We're Looking For
You'll bring a blend of technical credibility and stakeholder management capability.
Essential Experience
* Strong cyber security experience within testing, security engineering, application security or vulnerability management.
* Experience managing or coordinating penetration testing activities.
* Ability to understand, interpret and challenge penetration testing findings.
* Experience driving remediation activities across technical teams.
* Strong understanding of vulnerability management processes.
* Ability to communicate complex technical risks to non-technical audiences.
* Experience working with multiple stakeholders across technology functions.
Desirable Experience
* Cloud security testing exposure (particularly Azure).
* Vulnerability management tooling such as Tenable, Pentera or similar.
* Experience with SSDLC, SAST and DAST processes.
* Threat modelling experience.
* Security certifications such as OSCP, CEH, CISSP, CREST or equivalent technical certifications. Equivalent certifications will be considered.
Why This Role Is Different
This isn't a traditional penetration testing role.
All formal penetration testing is delivered by accredited third-party providers, giving you the opportunity to focus on:
* Security testing strategy
* Programme ownership
* Stakeholder engagement
* Vendor management
* Vulnerability governance
* Security improvement initiatives
You'll help shape the future direction of the security testing capability while maintaining enough technical involvement to stay close to the detail.
What's In It For You?
* UP TO £70,000 Basic Salary
* Hybrid working (up to 2 days per week in the office)
* No on-call requirement
* Exposure to large-scale transformation programmes
* Opportunity to build and mature security testing capabilities
* Support for professional development and certification maintenance
* Opportunity to attend industry events and professional communities
* Annual bonus scheme
* Exposure across Security Engineering, Security Operations, Security Architecture and GRC disciplines, creating multiple future career pathways.
For immediate consideration, apply today