Offensive Security and Threat Intelligence Specialist
Join to apply for the Offensive Security and Threat Intelligence Specialist role at UK Research and Innovation.
Salary: £45,272 to £56,844 per annum (dependent on skills and experience)
Band: UKRI Band E
Contract Type: Open Ended – Permanent (Compressed hours & flexible working patterns available)
Hours: Full-time (flexible working available)
Location: Keyworth, Nottingham or Polaris House, Swindon - Hybrid working available
Closing Date: Sunday 4th January 2026
Security: As a minimum, due to the nature of this role, candidates must be eligible for clearance in line with UK National vetting guidelines and willing to undertake the process. Candidates not meeting this level of clearance will not be considered. To qualify, applicants must have spent at least three of the last five years in the UK, with the two most recent years being consecutive and directly before submitting their application.
The level of clearance required is security check.
About the role
The UKRI CIO Group leads critical enterprise technical services that underpin UKRI’s business capabilities. As part of this group, you will lead the Red Team of penetration testers, identify real-world risks across diverse technical landscapes, actively exploit findings, assess additional impacts through post-exploitation, and provide proactive advice to teams on remediation strategies. The role includes full scope penetration testing, closed-box network assessments, insider threat evaluations, credentialed application exploitation, and human and physical security controls testing across the UKRI estate. You will also manage the external penetration testing call‑off contract to ensure UKRI receives high‑quality, tailored assessments.
Your responsibilities
* Implement targeted penetration tests and red team exercises to identify exploitable vulnerabilities.
* Develop and maintain offensive tooling to simulate adversary tactics and techniques.
* Monitor and analyse threat intelligence feeds to identify emerging threats and relevant TTPs.
* Produce technical threat reports and briefings to inform security posture and decision‑making.
* Conduct proactive threat hunting based on intelligence‑led hypotheses and anomaly detection.
* Support risk assessments with insights from offensive operations and threat landscape analysis.
About you
* Degree in a related subject or relevant comparable education.
* Have two or more professional qualifications. These include: CREST Registered Penetration Tester (CRT), Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) certification, Company certification schemes from major vendors and equipment providers like Microsoft (MCP, MCSE) or Cisco (CCNA Security), CPSA, CREST Practitioner Security Analyst (or above), CISMP and/or CISSP, CompTIA Security+.
* Extensive professional and practical experience in penetration testing.
* Comprehensive technical expertise in mixed‑technology environments covering various operating systems, core computer fundamentals, networking, authentication, and cloud platforms like AWS and Azure.
* Proficient with open‑source penetration testing and assessment tools such as Metasploit, Burp Suite, Nmap, and solid understanding of networking configurations and products.
* Ability to quickly adapt to emerging technologies, vulnerabilities, and new penetration testing tools.
* Skilled in drafting detailed reports that summarize system analysis findings and provide actionable recommendations, demonstrating good communication skills for technical and non‑technical audiences.
* Creative and strategic problem‑solver with in‑depth knowledge of security issues, including system hardening, management, and ethical penetration of security systems.
Benefits
* 30 days’ annual leave in addition to 10.5 public and privilege days (full time equivalent).
* Employee discounts and offers on retail and leisure activities.
* Employee assistance programme, providing confidential help and advice.
* Flexible working options.
Other important information
Please apply online. If you experience any issue applying, please contact Recruitment@ukri.org.
For more information on sponsorship, visit https://www.gov.uk/skilled-worker-visa/how-much-it-costs or contact Recruitment@ukri.org.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
Research Services
#J-18808-Ljbffr