Rate: outside IR35
Location: Travel to London/ Croydon 1-2 week
Duration: 6 months initially
SC clearance or Eligible
Must have CCT CTL, ITHC, CRT
Key Responsibilities
* Conduct internal penetration testing across applications, infrastructure, and end user devices (EUDs).
* Perform scenario‑based testing aligned with SbD principles and DSA security non‑functional requirements.
* Collaborate with development teams to integrate findings into JIRA workflows for rapid remediation.
* Support the HOST testing pipeline, including planning, execution, and reporting of penetration tests.
* Maintain compliance with NCSC guidance and security standards.
Essential Skills & Experience
* Hands‑on experience with penetration testing tools.
* Strong understanding of OWASP, NIST SP 800-53, ISO 27001, and CIS Benchmarks.
* Familiarity with Secure‑by‑Design principles and CI/CD pipeline integration.
* Experience testing EUDs under operational constraints (e.g. no destructive tools, CSOC coordination).
* Ability to interpret and apply security NFRs across diverse environments.
* Proficiency in JIRA, SharePoint, and vulnerability management platforms.
LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
#J-18808-Ljbffr