Senior Security Penetration Testing Analyst
Primary location: Salford (M50 3SP), Staines (TW18 3DZ), London (EC2R 7HJ), Leeds (LS5 3BF)
Flexible / Hybrid working options.
Permanent
Salary: £53,200 - £66,500 (Negotiable - depending on experience & location)
Bonus: 10% + fantastic benefits
Full time 37.5 hours. We consider all types of flexibility, including locations, hours and working patterns.
Job Description
As a Senior Security Penetration Testing Analyst you'll lead and manage the full penetration testing lifecycle across Bupa's UK business. You will coordinate end-to-end testing engagements, provide subject matter leadership, ensure findings are effectively governed and reported, support junior team members, collaborate cross‑functionally, and contribute to strategic improvements in penetration testing processes and assurance models.
How You'll Help Us Make Health Happen
* Act as the senior technical lead for the Penetration Testing team, overseeing end-to-end testing processes and ensuring findings are effectively managed and remediated.
* Collaborate with internal teams and third‑party suppliers to drive continuous improvement in penetration testing practices.
* Serve as the technical SME, validating methodologies and representing the function in governance forums.
* Build strong relationships across Cyber Security and the wider business to raise awareness and support strategic initiatives.
* Mentor junior team members and foster a culture of learning and high performance.
* Ensure alignment with Bupa's enterprise security policies, standards, and tools.
* Provide consultancy and guidance to ensure compliance with regulations and internal policies.
* Liaise with external stakeholders, including regulators and partners, on incident response and security matters.
Key Skills / Qualifications
* Degree‑level education or equivalent training.
* Professional certifications such as OSCP, CISSP, OSEP, CISM, or CRT/CCT are highly desirable.
* Strong understanding of penetration testing tools, techniques, and frameworks (e.g., Nessus, Metasploit, Burp Suite).
* Familiarity with Red/Purple Teaming, attack automation, and threat exposure tools.
* Knowledge of cloud security (Azure, AWS, GCP), Zero Trust, containers, and serverless architectures.
* Understanding of identity and privileged access management.
* Awareness of cybersecurity regulations and standards (e.g., NIST, PCI DSS, GDPR, ISO 27001).
* Excellent analytical and problem‑solving skills, able to translate technical issues into actionable insights.
* Strong communication skills, able to engage with both technical and non‑technical stakeholders.
* Capable of working under pressure, managing priorities, and maintaining confidentiality.
* Self‑motivated with a proactive approach to learning and continuous improvement.
* Ability to influence and collaborate across teams, including external partners and regulators.
Benefits
* 25 days holiday, increasing through length of service, with option to buy or sell.
* Bupa health insurance as a benefit in kind.
* An enhanced pension plan and life insurance.
* Annual performance‑based bonus.
* Onsite gyms or local discounts where no onsite gym is available.
* Various other benefits and online discounts.
* Time Type: Full time
* Job Area: IT
* Locations: Angel Court, London; Bupa Place, Kirkstall Forge; Staines – Willow House
* Seniority level: Mid‑Senior level
* Employment type: Full‑time
* Job function: Quality Assurance
* Industries: Hospitals and Health Care
#J-18808-Ljbffr