Senior Penetration Tester – Manchester Digital
We are looking for a Senior Penetration Tester to join the Information Security department at Manchester Digital.
The department handles the security of closed‑source, open‑source and proprietary applications, ensuring they are developed and implemented securely and mitigating risks efficiently through penetration testing. Leveraging your knowledge of Secure Development Lifecycles and code assessment, you will collaborate with software development teams to understand and mitigate application‑based vulnerabilities. This role is part of the wider Information Security team, working with engineers and analysts from varied backgrounds to identify threats and safeguard the business.
We employ AI to enhance security processes and practices; you will play a key role in leveraging this technology to strengthen our application security stack.
The role supports the company’s hybrid working‑from‑home policy.
Preferred Skills And Experience
* Excellent understanding and practical experience with manual security testing to find vulnerabilities and logical issues, in either web applications or infrastructure.
* Strong understanding of and demonstrable experience with automated, dynamic and static application security testing tools.
* Knowledge and understanding of the Open Web Application Security Project (OWASP) and its utilisation within threat modelling.
* Experience with software development and programming languages.
* Working knowledge of CI/CD pipelines and associated security tooling.
* Demonstrated experience using structured methodologies for conducting and reporting on web application penetration testing.
* Excellent documentation skills.
* Strong communication skills.
What you will be doing
* Taking a lead role in the project process to ensure that information security aspects are considered up front and throughout the project lifecycle.
* Contributing to and continuously improving our penetration testing and red‑teaming methodologies.
* Performing dynamic and static security testing of our applications and infrastructure.
* Performing security code reviews and providing help with remediation.
* Partnering with software development teams to ensure security is considered throughout the development lifecycle.
* Contributing to and improving the Company’s supply chain assurance processes by identifying flaws and vulnerabilities.
* Performing advanced risk assessments, threat modelling and design reviews to ensure effective security controls are in place.
* Identifying opportunities for converting manual tasks into automated processes and selecting tooling to support such automation.
* Providing support to technical leads and mentoring junior members of the team.
Seniority level
* Mid‑Senior level
Employment type
* Full‑time
Job function
* Information Technology
Industries
* Technology, Information and Internet
Referrals increase your chances of interviewing at Manchester Digital by 2x.
Manchester, England, United Kingdom
#J-18808-Ljbffr