Cyber Threat Analyst (Penetration Testing)

Cyber Threat Analyst (Penetration Testing) - London - Hybrid

A leading financial services client is hiring an entry-level Cyber Threat Analyst to join its Information Security team, with a focus on penetration testing and offensive security.

The Role

• Support penetration testing and offensive security activities, including red teaming, breach and attack simulation (BAS), and bug bounty engagements.
• Assist with incident response and participate in the on-call rota for major incidents.
• Contribute to red/blue team exercises, threat hunting, SIEM rule tuning, and detection engineering.
• Help deploy, maintain, and automate security tooling (email security, DLP, SIEM, endpoint protection) using Scripting and Infrastructure as Code (IaC).

Required Knowledge and Experience

• Up to 2 years of experience in IT, security engineering, or DevOps (internships or academic projects welcome).

• Basic understanding of:

• Ethical Hacking & Penetration Testing

• Networking and security protocols (TCP/IP, HTTPS, DNS, Firewalls, Proxy)

• Operating systems: Windows, Linux/Unix; Kubernetes desirable

• Scripting or programming languages: Python, Bash, PowerShell

• CI/CD tools and cloud platforms: eg Ansible Tower, Bitbucket, HashiCorp Vault, Pipelines, AWS, Azure

• Software Development Life Cycle (SDLC) principles

• Security tooling: EDR, SIEM, Antivirus

Qualifications/Skills Required

• Desirable: University degree or equivalent qualification in a STEM subject (Computer Science, Engineering, or Information Systems).
• Desirable: Entry-level security certifications such as CompTIA Security+, Microsoft SC-900, or AWS Cloud Practitioner.
• Desirable: Demonstrated activity on TryHackMe, HackTheBox, or OSCP-related/Red Team training platforms (or equivalent).
• Desirable: Evidence of contributions on GitHub, showing code samples, tool development, or participation in offensive security projects and repositories.

If you're keen to kickstart your career in penetration testing and threat analysis within a leading financial services environment, please apply with your CV.

• Up to 2 years of experience in IT, security engineering, or DevOps (internships or academic projects welcome).

• Basic understanding of:

• Ethical Hacking & Penetration Testing

• Networking and security protocols (TCP/IP, HTTPS, DNS, Firewalls, Proxy)

• Operating systems: Windows, Linux/Unix; Kubernetes desirable

• Scripting or programming languages: Python, Bash, PowerShell

• CI/CD tools and cloud platforms: eg Ansible Tower, Bitbucket, HashiCorp Vault, Pipelines, AWS, Azure

• Software Development Life Cycle (SDLC) principles

• Security tooling: EDR, SIEM, Antivirus, * Desirable: University degree or equivalent qualification in a STEM subject (Computer Science, Engineering, or Information Systems).

• Desirable: Entry-level security certifications such as CompTIA Security+, Microsoft SC-900, or AWS Cloud Practitioner.

• Desirable: Demonstrated activity on TryHackMe, HackTheBox, or OSCP-related/Red Team training platforms (or equivalent).

• Desirable: Evidence of contributions on GitHub, showing code samples, tool development, or participation in offensive security projects and repositories.

If you're keen to kickstart your career in penetration testing and threat analysis within a leading financial services environment, please apply with your CV.