Enable job alerts via email!
Security Risk Analyst (Application Security & Pen Testing)
Auxo Talent
Ipswich
Hybrid
GBP 60,000 - 80,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A global financial services provider is seeking an experienced Security Risk Analyst to assess the security posture of enterprise applications in Ipswich. The role involves performing security diagnostics, conducting penetration testing, and reporting risks to senior leadership. Ideal candidates will have a strong background in application security, familiarity with various security tools, and relevant certifications. This position offers a contract rate between £500-£550 Inside IR35, with a duration of 12 months, balancing three days in-office and two remote each week.
Qualifications
- Strong background in security risk analysis or application security.
- Hands-on experience in penetration testing.
- Familiarity with security tools and risk assessment methodologies.
Responsibilities
- Perform security diagnostics and vulnerability assessments.
- Conduct penetration testing for security gaps.
- Deliver detailed risk reports to stakeholders.
- Support GRC initiatives and compliance reviews.
Skills
Education
Tools
Rate : £500-£550 Inside IR35 (negotiable)
Duration : 12 months initially
Location : Ipswich 3 days per week, 2 days remote
Industry : Global Financial Services
We are looking for an experienced Security Risk Analyst with strong expertise in application security, vulnerability management, and penetration testing. In this role, you will assess the security posture of enterprise applications, uncover risks, and deliver clear, actionable reports to senior leadership and the CISO. This is an analysis-focused position — no remediation required — ideal for someone with a hands-on security background who has transitioned into risk evaluation.
- Perform security diagnostics and vulnerability assessments across enterprise applications.
- Conduct penetration testing to identify weaknesses and security gaps.
- Deliver detailed risk reports, including impact and likelihood, to senior stakeholders and the CISO.
- Align risk assessments with standards such as NIST, ISO 27001, and CIS Controls.
- Support GRC initiatives, audits, and compliance reviews.
- Leverage experience in pen testing, vulnerability management, or incident response to contextualize threats.
- Collaborate with cross-functional teams while maintaining independent risk judgement.
- Strong background in security risk analysis, application security, or vulnerability management.
- Hands-on experience in penetration testing.
- Familiarity with tools such as Qualys, Tenable, Nexpose, Burp Suite, etc.
- Understanding of risk assessment methodologies and ability to communicate risk clearly.
- Experience working with CISOs or senior security leadership.
- Relevant certifications such as OSCP, CISSP, CISM, CRISC, CEH are highly valued.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
