Security Assurance Penetration Tester
Join to apply for the Security Assurance Penetration Tester role at Elsevier
Are you ready to leverage your expertise in security and software development to make a significant impact?
We are seeking a Penetration Tester to help strengthen our web and cloud security. In this role, you will perform thorough penetration testing, identify vulnerabilities, and recommend effective solutions. You will collaborate with teams across the organisation to improve our overall security posture.
Responsibilities
* Conduct manual and automated penetration testing across web and cloud environments, including SAST, DAST, configuration reviews, and code analysis.
* Document findings and produce detailed technical security assessment reports.
* Identify, assess, and prioritise vulnerabilities and exploitation risks; recommend mitigation and detection strategies.
* Validate security fixes, ensuring remediation efforts are correctly implemented.
* Analyze recurring security issues to identify root causes and propose permanent solutions.
* Recommend improvements to tools, processes, and applications to strengthen security posture.
* Develop and maintain scripts to automate security testing and cybersecurity processes.
* Support continuous enhancement of security practices, standards, and policies.
* Perform advanced security testing of Identity and Access Management (IAM) solutions.
Requirements
* Good years of security experience and IT experience in software development or DevOps
* BS in Engineering, Information Technology, Computer Science, or equivalent (advanced degree preferred)
* At least one relevant offensive-security certification (e.g., OSCP, OSWE, OSEP, GPEN, GXPN, CEH, or equivalent penetration testing/red teaming certification).
* Strong understanding of cloud services, networking, web application architecture, content delivery, and operating system security.
* Ability to scope, execute, and report on penetration tests (manual and automated).
* Proficiency with industry security testing tools (open-source and commercial).
* Expert‑level knowledge of secure coding principles, SAST, DAST, API security testing, and vulnerability analysis.
* Strong scripting and automation skills (Python, Bash, etc.).
* Ability to assess emerging threats and perform risk evaluations using threat intelligence tools.
* Excellent problem‑solving and communication skills, including working effectively with global teams and presenting to senior stakeholders.
Working for you
We promote a healthy work/life balance across the organisation. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long‑term goals.
Benefits
* Generous holiday allowance with the option to buy additional days
* Health screening, eye care vouchers and private medical benefits
* Access to a competitive contributory pension scheme
* Save As You Earn share option scheme
* Travel Season ticket loan
* Electric Vehicle Scheme
* Maternity, paternity and shared parental leave
* Employee Assistance Programme
* Access to emergency care for both the elderly and children
* RECARES days, giving you time to support the charities and causes that matter to you
* Access to employee resource groups with dedicated time to volunteer
* Access to extensive learning and development resources
* Access to employee discounts scheme via Perks at Work
About the business
A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. What you do every day will help advance science and healthcare to advance human progress.
#J-18808-Ljbffr