Senior Test Engineer (Security) - Companies House - HEO

Base salary is £40,398pa with an additional DDaT allowance of £4,350 - £11,000 available.

Published on 3 July 2025. Deadline 20 July 2025.

Remote working (anywhere in the UK)

This is an exciting opportunity in the Digital Services team! You’ll be joining during a time of transformation and will help shape the future of our department. We use Agile methodologies and promote a culture of continuous improvement.

We are seeking an enthusiastic Senior Test Engineer (Non-Functional Security) with strong technical skills to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will guide other testers on security testing best practices.

You will be part of our non-functional testing specialist team, collaborating closely with your team and overseeing the testing process. This role offers the chance to explore new tools and approaches to improve service delivery.

Companies House offers a flexible, welcoming culture that promotes work-life balance and wellbeing. Benefits include flexible working with no core hours, 30 days annual leave, 8 bank holidays, 1 privilege day, and enrollment in the Civil Service Pension scheme with an average contribution rate of 28%.

We consider both full-time and part-time working patterns, with part-time roles requiring a minimum of 30 hours per week over 4 or 5 days.

Please note: Companies House cannot offer Visa sponsorship. A Security Check (SC) is required, with at least 3 out of the last 5 years in the UK.

• Coordinate and execute security testing within the software development lifecycle, including vulnerability scans using tools like Burp Suite, and testing security issues.
• Support the wider testing team by sharing knowledge on security testing approaches and tools.
• Attend meetings and update stakeholders.
• Design and implement automated security testing pipelines and reporting.

We are looking for candidates with:

• Experience in security testing.
• Relevant certification in ethical hacking or penetration testing (e.g., 7Safe CSTA, GIAC Penetration Testing) or working towards it, or proven experience.
• Knowledge of at least 5 of the following security tools and technologies:
• Burp Suite, OWASP ZAP, Postman or SOAP UI, OAuth2/OpenID Connect, Jenkins or Concourse, Unix/Linux systems, AWS or similar cloud providers, SQL/MongoDB/Oracle, Karate DSL or Rest Assured, Git, SAST/DAST tools, IaC scanning tools, threat modelling, OWASP Top 10 testing approaches.

Assessment will include:

• Making Effective Decisions
• Managing a Quality Service
• Working Together
• Seeing the Big Picture

Further technical skills will be assessed during the selection process.