Senior Penetration Tester

Job Title: Senior Penetration Tester  
Working Pattern: Monday to Friday, 36.25 hours per week
Salary: £80,000-£90,000 + up to 20% bonus
Location: Flexible – Embrace fully remote or hybrid work from any of our vibrant UK offices in London, Cardiff, Durham, Manchester, or Blackpool.

At Tandem, we're not just a bank; we're a movement for positive change. If you're an ambitious and dedicated Senior Penetration Tester ready to make an impact, we've got a space with your name on it!

The primary responsibility of the Senior Penetration Tester is to lead and execute comprehensive penetration testing activities across various digital platforms and environments. This role will encompass testing web applications, APIs, mobile applications, network infrastructure, and cloud platforms (AWS and Azure). Additionally, the role will involve contributing to the overall security strategy, particularly focusing on offensive and defensive security operations, threat intelligence and modelling.

The successful candidate will play a critical role in improving Tandem Bank’s security posture, working collaboratively with Security Operations to identify, mitigate, and remediate vulnerabilities, and assist in refining security protocols and best practices.

Key Responsibilities:

• Conduct penetration tests on web applications, APIs, and mobile applications (Android & iOS).
• Perform infrastructure security assessments of network environments and cloud platforms (AWS & Azure).
• Review Firewall and Switch rules and ACLs
• Lead in Red Team exercises to assess defensive measures and identify security weaknesses.
• Execute social engineering campaigns, including complex phishing simulations and physical security tests.
• Collaborate with internal teams to define remediation strategies for identified vulnerabilities.
• Support forensic investigations and contribute to incident response activities.
• Stay updated on the latest security trends, vulnerabilities, and penetration testing methodologies.
• Contribute to the development of security processes, procedures, and best practices to strengthen the security posture of Tandem Bank.
• Prepare detailed reports for both technical teams and executive stakeholders, articulating vulnerabilities, and recommended remediation.

Required Experience:

Extensive experience in penetration testing across:

• Web Application & API Testing
• Mobile Application Security Testing (Android & iOS)
• Network Infrastructure Testing
• Cloud Security Testing (AWS & Azure)
• Proven track record in leading Red Team engagements.
• Strong knowledge of social engineering tactics and experience in executing complex phishing and physical assessments.
• Experience with Digital Forensics and Threat Intelligence integration.
• Ability to collaborate effectively with cross-functional teams and stakeholders.
…