Role Overview
Reporting to the Threat and Vulnerability Management Team Lead, you will deliver continuous, risk‑based penetration testing and proactive threat hunting to identify exploitable weaknesses and emerging attacker tactics, techniques and procedures (TTPs), reducing time‑to‑identify and time‑to‑remediate.
Responsibilities
* Scope, plan and execute targeted penetration tests across applications, infrastructure, cloud and identity; produce clear, actionable reports and remediation guidance.
* Coordinate external testing providers; ensure effective use of budget by insourcing baseline testing and validating third‑party findings.
* Run hypothesis‑driven threat hunts mapped to frameworks such as MITRE ATT&CK; turn findings into detections/playbooks in partnership with SecOps.
* Conduct red‑team adversary emulation and purple‑team exercises to validate control effectiveness and improve detections, including co‑ordination of independent testing teams, internal security and IT teams and the Security Operations Centre.
* Build and maintain a secure lab environment and toolchain for testing and hunt operations; ensure safe handling of exploit code and payloads.
* Track vulnerability closure and control improvements; verify remediation and reduce re‑occurrence through lessons learned.
* Stay current on exploits, techniques and security research; propose improvements to hardening and monitoring.
* Contribute to security awareness by summarising offensive findings for non‑technical stakeholders without exposing sensitive details.
Qualifications
* Hands‑on offensive security expertise across web/app, infrastructure and cloud; strong knowledge of identity and attack paths.
* Experience with common tooling and scripting (vendor‑neutral), plus SIEM query languages for hunt validation.
* Certifications advantageous: OSCP/OSWA/OSWE, CREST CRT/CCT, GIAC (e.g. GPEN/GXPN), or equivalent practical experience.
* Excellent technical writing, communication and stakeholder engagement skills.
* High integrity and safe‑testing discipline; meticulous operational security.
Benefits
* Competitive Salary
* Competitive Bonus Scheme
* Private Medical Cover – Single Cover
* Annual Medical Health Assessment
* 26 days’ holiday (increase by 1 day for every 3 years of continuous service up to 29 days)
* Choice of Flexible Benefits
* Enhanced Family Friendly Policies
#J-18808-Ljbffr