Role: Security Tester
Location: We work on a core hours principle. Our core hours are 09:30 - 16:00; you can work around these to suit you
Salary: DOE plus extensive benefits
Contract type: Permanent
Employment type: Full time
Working hours: We operate a hybrid schedule, meaning 2-3 days a week in the office based at Thorpe Park, Leeds.
Do you want to work for the nation's largest online pharmacy ensuring excellence for all our patients? We're a market leader in the pharmacy world, with 25 years' experience, helping over 1.4 million patients in England manage their NHS prescriptions from request through to delivery. We are Great Place to Work certified as we consider colleague experience a top priority every day. Our people are fundamental to our success and ensuring we achieve our vision to be a world leading, patient-centric digital healthcare provider. We are committed to continuing to develop a positive, open and honest working environment for all.
We an exciting new opportunity available for a skilled Security Tester with strong experience in data security, privacy, and integrity testing. This role involves identifying vulnerabilities in systems, applications, and data pipelines, and ensuring that sensitive data is protected against unauthorised access, leakage, and corruption.
The successful candidate will have a solid understanding of both offensive and defensive security techniques, as well as hands-on experience with data governance and compliance frameworks. If you have strong experience in automation testing and tools used to mature the wider QA framework, then we would be keen to hear from you
What's in it for you?
Occupational sick pay
Enhanced maternity and paternity pay
Contributory pension
Discounted insurance (Aviva
Employee discount site
Discounted gyms (via our blue light card and benefits schemes)
Employee assistance programme
In-house mental health support
Free onsite parking
Health and wellbeing initiatives
Social events throughout the year
Cycle to work scheme
Green car scheme*(subject to minimum earnings
Registration fees paid (GPhC, NMC, CIPD etc
Long service bonus
Refer a friend bonus
Blue light card
Hybrid working
Commitment to CPD/training
25 days annual leave increasing with service
Annual leave buy and sell scheme
Discounts & Exclusive offers at The Springs, Leeds
25% Discount & health & beauty purchases
25% Discount on Pharmacy2U Private Online Doctor Services
What you'll be doing?
* Conduct penetration testing, vulnerability assessments, and security audits across applications, networks, and data environments.
* Test and validate data encryption, access controls, and data masking mechanisms.
* Collaborate with data engineering and analytics teams to ensure secure data pipelines and storage solutions.
* Simulate attacks to identify weaknesses in data handling and transmission.
* Review and test data governance policies for compliance with GDPR, and other relevant regulations.
* Develop and maintain automated security testing scripts and tools.
* Document findings and provide actionable recommendations to development and infrastructure teams.
* Stay up-to-date with emerging threats, vulnerabilities, and mitigation strategies.
Who are we looking for?
* Solid understanding of Agile principles and Scrum methodology.
* Proven ability to define, prioritise, and deliver high-quality software features.
* Strong communication, organisational, and interpersonal skills.
* Ability to manage multiple priorities in a fast-paced environment.
* Experience with SQL, NoSQL, and big data platforms (e.g., Hadoop, Spark).
* Knowledge of cloud security (AWS, Azure, GCP) and data access controls.
* Proficiency in scripting languages (e.g., Python, Bash) for automation.
* Certifications such as OSCP, CEH, CISSP, or GIAC are a plus.
* Experience with product management tools (e.g., Jira, Confluence, Azure DevOps).
* Background in SaaS, FinTech, HealthTech, or eCommerce (customize based on your industry).
* Familiarity with UX/UI principles and user-centric design.
* Working knowledge of data privacy laws and compliance standards.
* Experience with DevSecOps and integrating security into CI/CD pipelines.
* Exposure to machine learning models and their security implications.
What happens next?
Please click apply and if we think you are a good match, we will be in touch to arrange an interview.
Applicants must prove they have the right to live in the UK.
All successful applicants will be required to undergo a DBS check.
Unsolicited agency applications will be treated as a gift.