Senior Security Penetration Testing Analyst

Bupa
13 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Senior
Compensation
£ 67K

Job location

Tech stack

Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Burp Suite
Cloud Computing Security
Computer Security
PCI Data Security Standards
Google Cloud Platform
Metasploit
Nessus
Serverless Computing

Job description

At Bupa, we're passionate about technology. With colleagues, customers, patients and residents in mind you'll have the opportunity to work on innovative projects and make a real impact on their lives. Right from the start you'll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.

As a Senior Security Penetration Testing Analyst you'll lead and manage the full penetration testing lifecycle across Bupa's UK business. As a senior member of the CISO function, you'll coordinate end-to-end testing engagements, provide subject matter leadership, and ensure findings are effectively governed and reported. You'll support junior team members, collaborate cross-functionally, and contribute to strategic improvements in penetration testing processes and assurance models.

How you'll help us make health happen:

  • Act as the senior technical lead for the Penetration Testing team, overseeing end-to-end testing processes and ensuring findings are effectively managed and remediated.
  • Collaborate with internal teams and third-party suppliers to drive continuous improvement in penetration testing practices.
  • Serve as the technical SME, validating methodologies and representing the function in governance forums.
  • Build strong relationships across Cyber Security and the wider business to raise awareness and support strategic initiatives.
  • Mentor junior team members and foster a culture of learning and high performance.
  • Ensure alignment with Bupa's enterprise security policies, standards, and tools.
  • Provide consultancy and guidance to ensure compliance with regulations and internal policies.
  • Liaise with external stakeholders, including regulators and partners, on incident response and security matters.

Requirements

  • Degree-level education or equivalent training.
  • Highly desirable: Professional certifications such as OSCP, CISSP, OSEP, CISM, or CRT/CCT.
  • Strong understanding of penetration testing tools, techniques, and frameworks (e.g. Nessus, Metasploit, Burp Suite).
  • Familiarity with Red/Purple Teaming, attack automation, and threat exposure tools.
  • Knowledge of cloud security (Azure, AWS, GCP), Zero Trust, containers, and serverless architectures.
  • Understanding of identity and privileged access management.
  • Awareness of cybersecurity regulations and standards (e.g. NIST, PCI DSS, GDPR, ISO 27001).
  • Excellent analytical and problem-solving skills, with the ability to translate technical issues into actionable insights.
  • Strong communication skills, able to engage with both technical and non-technical stakeholders.
  • Capable of working under pressure, managing priorities, and maintaining confidentiality.
  • Self-motivated with a proactive approach to learning and continuous improvement.
  • Able to influence and collaborate across teams, including external partners and regulators.

Benefits & conditions

Pulled from the full job description

  • Referral programme
  • Employee mentoring programme
  • Employee discount
  • Gym membership
  • Life insurance
  • Company pension
  • On-site gym, Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health - from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.

Joining Bupa in this role you will receive the following benefits and more:

  • 25 days holiday, increasing through length of service, with option to buy or sell
  • Bupa health insurance as a benefit in kind
  • An enhanced pension plan and life insurance
  • Annual performance-based bonus
  • Onsite gyms or local discounts where no onsite gym available
  • Various other benefits and online discounts

Why Bupa?

We're a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose - helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.

We encourage all of our people to "Be you at Bupa", we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That's why we especially encourage applications from people with diverse backgrounds and experiences.

Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We'll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.

Time Type: Full time

Job Area: IT

Locations: Angel Court, London, Bupa Place, Kirkstall Forge, Staines - Willow House Gym membership, Free flu jabs, Cycle to work scheme, Company pension, Health & wellbeing programme, Financial planning services, Employee mentoring programme, Referral programme

Apply for this position