Senior Penetration Testing Engineer


Time Type

Full time


Competitive Salary


Amazing Benefits

Close Date


Area of Business

IT, Cyber Security


Reading - Green Park, Brook Drive

Job ID 00023401

About the role

Our team is responsible for the security, resilience, reliability, observability, and operability of our platforms.

Our offensive security and penetration testing engineers are leaders in their field. They are able to influence management practices and help shape the direction of Virgin Media O2 engineering and application security, in addition to helping develop better software engineers

So that's what you'll get up to, but what about us?

Well, we're super proud of our history, helping communities to stay connected with oodles of top-notch products and services. We offer the full works – Broadband, TV, mobile and landline – equipping our customers out with the very latest tech.

But it's not just what we do, but why we do it that really matters.

Our mission is to become the most recommended brand, by our people and our customers. A massive part of that journey is about how we ensure that our brilliant people have a working environment in which they can truly belong and thrive. For us, it's absolutely critical that every single person can bring, and be, their whole selves at work and we're working hard every day to achieve this.

Tell me more, tell me more…

The role holder owns the manual assessment of all digital products, services and software released. The role holder specialises in digging deep to find security issues that static analysis tools or automated pen testing can’t and write the tooling to help with these goals.

The Virgin Media O2 digital attack surface area is large and diverse, and we use results found in manual analysis to help improve our enterprise-wide automation to proactively spot and fix potential security issues to protect customers.

The must haves

  • Clear and demonstrable understanding of penetration testing and red teaming including NCSC and CREST accredited schemes, Ethical Hacking or SANS certifications
  • Working experience of successfully delivering web/mobile application security-testing, cloud testing, cloud technology security testing (compute, storage, functions, K8s, KMS, IAM, etc.), database, and web server design and implementation, cloud vulnerability assessments, web application security testing, network penetration testing, or red teaming
  • Experience with manually auditing source code or scripting and editing existing code and programming (using one or more of the following: Perl, Python, Ruby, bash, C/C++, C#, or Java) to find security issues
  • Professional experience with security engineering practices such as in web application security, network security, authentication and authorisation protocols, cryptography, automation, and other software security disciplines
  • Experience with using, administering, and troubleshooting at least two major flavours of Linux or Ubuntu, as well as experience with security assessment tools (Nessus, Metasploit, Burp Suite Pro, etc.), as well as open security testing standards and projects (OWASP, CWE and Mitre ATT&CK)

Other stuff we’re looking for

  • Experience with manually auditing source code or scripting and editing existing code and programming (using one or more of the following: Perl, Python, Ruby, bash, C/C++, C#, or Java) to find security issues

What’s in it for you?

We know that benefits mean so much more than the 'stuff' we can give you, so we offer a wide range of support, rewards and tools - all focused on helping you to prioritise what really matters.

All work and no play just isn't our style! We're already planning our future ways of working, for when life becomes a little more normal again. We're constantly evolving our approach to enable you to find a great work life balance.

We're also open to chatting about part time or adjusted working (so don't be worried to ask the question).

If you go on to be successful in your application, some of the many benefits you'll get are:

25 days annual leave, plus UK Bank Holidays.

A defined contribution pension scheme, run by Fidelity, matched up to 10%.

An annual bonus of up to 15%, based on company performance.

Access to wellbeing benefits such as the Unmind App, personal medical cover (which you can opt to upgrade to cover loved ones) and critical illness cover.

Your birthday off every year, to treat yourself.

The option to buy and sell up to 5 days annual leave, to suit your personal needs.

Next Steps

If you think you've got some amazing skills to offer us, and Virgin Media feels like a place where you can belong, we'd love to learn more about you. Once you've submitted an application the next steps of the process, if successful, are likely to include a call from the recruiter.

When you apply, you'll be asked about any adjustments you might need to support the recruitment process. Let us know and we'll be sure to discuss it with you.

Thanks for your patience in the meantime and for showing an interest in joining the Virgin Media family.

Job Location

Explore more

Connect to better