Security tester

Role: Security tester (manual)
Rate: Outside IR35
Location: Remote with occasional travel to Croydon
Duration: 6 months initially
SC clearance or eligible

• Conduct Security Testing using SAST and DAST tools
• Collaborate with Cyber Security Managers and Governance teams to ensure alignment with organisational security policies and standards
• Mentor and upskill team testers in application security testing and automation
• Track and report on security metrics and KPIs, including vulnerability trends and remediation outcomes
• Integrate security testing into CI/CD pipelines, supporting shift‑left strategies and DevSecOps practices

• Strong understanding of security standards including OWASP, NIST SP 800‑53, ISO 27001, and CIS Benchmarks
• Experience with SAST/DAST tools and Cloud Security platforms (AWS, Azure)
• Familiarity with Secure‑by‑Design principles and organisational security policies
• Experience with penetration testing, risk assessment, and compliance testing
• Proficiency in tools such as JIRA, SharePoint, and vulnerability management platforms

• Ability to interpret and apply OWASP and NIST security principles across diverse project environments
• Strong stakeholder engagement and communication skills
• Experience in developing deployment checklists and decision trees for secure tool usage
• Certifications such as CREST CRT, OSCP, CEH, or SANS are highly desirable

Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Successful applicants will be required to be security‑cleared prior to appointment, which can take up to a minimum of 10 weeks.