Salary: £39,000 - 79,000 per year Requirements: 4 years in a technical security role (Penetration Tester, AppSec Engineer, or Security-focused Developer) Proven expertise in testing both hardware/firmware (IoT) and web-based platforms (SaaS) Scripting proficiency: Ability to automate tasks using Python, Bash, or similar Tooling mastery: Expertise with Burp Suite, Metasploit, Nmap, and hardware-specific tools (Ghidra, Frida, Objection) Certifications: OSCP, CREST (CRT/CCT), or GPEN (highly regarded) Nice to have: Deep understanding of Linux (Yocto)/Windows internals and modern application architectures Experience with peripheral standards (I2C, SPI, PCI, PCIe, RS422, RS485, RS232, SATA, PATA, MMC) Familiarity with Agile methodologies and DevSecOps practices Working knowledge of security standards (OWASP, NIST, ISO 27001) AWS Security Toolchain Responsibilities: Conduct manual and automated security testing of SaaS platforms and backend APIs against OWASP Top 10 and API Security Top 10 Assess AWS/Azure environments for misconfigurations, IAM over-privileging, and container security vulnerabilities Simulate real-world cyberattacks to identify weaknesses in SaaS infrastructures before exploitation Validate Linux OS setups against CIS benchmarks Test embedded web-applications and device interfaces via USB, Ethernet, Serial (UART/RS232/RS485) Ensure security of communication protocols like WiFi and Bluetooth through RF testing Validate cryptographic protocols and secure configurations Align products with international standards including IEC, the EU Cyber Resiliency Act (CRA), and the Radio Equipment Directive (RED) Collaborate with Product and Engineering teams to embed security controls during design phases Work on SAST, DAST, and SCA tools within CI/CD pipelines Document findings and provide actionable code-level recommendations Create and maintain tickets related to security findings and testing outcomes Produce clear technical documentation, assessment reports, and remediation guidance Technologies: API AWS Azure Backend Bash Bluetooth CI/CD DevSecOps Embedded Ethernet Firmware Hardware IAM IoT Linux OWASP PCIe Python Security Web Windows Cloud Support More: At Camlin, we are a global technology leader dedicated to delivering innovative products across various industries, including power and rail. We pride ourselves on high-quality engineering and design, building market-leading products and services that solve complex problems. We operate in over 20 countries and offer a hybrid work environment that encourages collaboration and communication among our teams. We are committed to fostering a culture of inclusivity and continuous improvement. Join us in our mission to bring revolutionary solutions to life. last updated 13 week of 2026