Cyber Threat Modeller & Penetration Tester

My Client are looking for a Cyber Threat Modeller & Penetration Tester for an initial contract opportunity to start ASAP.

IR35 Status: Outside IR35
Rate: Negotiable
Location: Hybrid/Remote
Length: Initially until end of 2025 - with scope to extend

Requirements:

• Lead the Threat Modelling process for new and existing products, identifying attack vectors, threat actors, and risk scenarios.
• Perform penetration testing (manual & automated) on applications, APIs, and infrastructure, prioritizing remediation with development teams.
• Define and enforce secure SDLC practices, supporting architecture and product design with security requirements.
• Partner with Delivery & Project Managers to plan and execute security sign-off gates (OWASP, NCA, 3rd party pentests).
• Support and maintain the Cybersecurity Go-Live Tracker, ensuring alignment between security tasks, releases, and backlog priorities.
• Document vulnerabilities, risks, and mitigations in Confluence, Jira, and security reports for stakeholders.
• Act as focal point for security assessments during release management, bug fixing cycles, and major product launches.
• Collaborate with external vendors (3rd party pentesters, compliance auditors) to coordinate IP whitelisting, credentials, and testing scope.

If you are interested, please apply with your most up to date CV.

Lawrence Harvey is acting as an Employment Business in regards to this position.