Senior Security Penetration Testing Analyst
Primary location: Salford (M50 3SP), Staines (TW18 3DZ), London (EC2R 7HJ), Leeds (LS5 3BF)
Flexible / Hybrid working options. Permanent. Full time 37.5 hours. Salary from £53,200 – £66,500 (negotiable).
10% bonus and fantastic benefits. We consider all types of flexibility, including locations, hours, and working patterns.
About the Role
As a Senior Security Penetration Testing Analyst, you will lead and manage the full penetration testing lifecycle across Bupa's UK business. You will coordinate end‑to‑end testing engagements, provide subject‑matter leadership, ensure findings are effectively governed and reported, support junior team members, collaborate cross‑functionally, and contribute to strategic improvements in penetration testing processes and assurance models.
How You'll Help Us Make Health Happen
* Act as the senior technical lead, overseeing end‑to‑end testing processes and ensuring findings are effectively managed and remediated.
* Collaborate with internal teams and third‑party suppliers to drive continuous improvement in penetration testing practices.
* Serve as the technical SME, validating methodologies and representing the function in governance forums.
* Build strong relationships across Cyber Security and the wider business to raise awareness and support strategic initiatives.
* Mentor junior team members and foster a culture of learning and high performance.
* Ensure alignment with Bupa's enterprise security policies, standards, and tools.
* Provide consultancy and guidance to ensure compliance with regulations and internal policies.
* Liaise with external stakeholders, including regulators and partners, on incident response and security matters.
Key Skills & Qualifications
* Degree‑level education or equivalent training.
* Professional certifications (OSCP, CISSP, OSEP, CISM, CRT/CCT) highly desirable.
* Strong understanding of penetration testing tools, techniques, and frameworks (e.g., Nessus, Metasploit, Burp Suite).
* Familiarity with Red/Purple Teaming, attack automation, and threat exposure tools.
* Knowledge of cloud security (Azure, AWS, GCP), Zero Trust, containers, and serverless architectures.
* Understanding of identity and privileged access management.
* Awareness of cybersecurity regulations and standards (NIST, PCI DSS, GDPR, ISO 27001).
* Excellent analytical and problem‑solving skills, translating technical issues into actionable insights.
* Strong communication skills, engaging both technical and non‑technical stakeholders.
* Capability to work under pressure, manage priorities, and maintain confidentiality.
* Self‑motivated, proactive, and committed to continuous learning and improvement.
* Ability to influence and collaborate across teams, including external partners and regulators.
Benefits
* 25 days holiday (increasing with length of service), with option to buy or sell.
* Bupa health insurance as a benefit in kind.
* Enhanced pension plan and life insurance.
* Annual performance‑based bonus.
* On‑site gyms or local discounts where no on‑site gym available.
* Various other benefits and online discounts.
EEO & Diversity
Bupa is a Level 2 Disability Confident Employer and is committed to providing reasonable adjustments to disabled applicants throughout the recruitment process. We encourage applications from people with diverse backgrounds and experiences and champion diversity in all aspects of our workforce.
Contact & Application
Join Bupa and help shape the future of health security. Apply now to become part of our digital & data strategy.
#J-18808-Ljbffr