Save time and effort sourcing top tech talent
hackajob is partnering with Bupa to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.
Senior Security Penetration Testing Analyst
Primary location: Salford (M50 3SP), Staines (TW18 3DZ), London (EC2R 7HJ), Leeds (LS5 3BF)
Flexible / Hybrid working options
Permanent
Salary: Negotiable – depending on experience & location
Bonus: 10% + fantastic benefits
Hours: Full time, 37.5 hours
At Bupa, we’re passionate about technology. With colleagues, customers, patients, and residents in mind, you’ll have the opportunity to work on innovative projects and make a real impact on their lives. Right from the start, you’ll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.
As a Senior Security Penetration Testing Analyst, you’ll lead and manage the full penetration testing lifecycle across Bupa’s UK business. As a senior member of the CISO function, you’ll coordinate end-to-end testing engagements, provide subject matter leadership, and ensure findings are effectively governed and reported. You’ll support junior team members, collaborate cross-functionally, and contribute to strategic improvements in penetration testing processes and assurance models.
Act as the senior technical lead for the Penetration Testing team, overseeing end-to-end testing processes and ensuring findings are effectively managed and remediated.
Collaborate with internal teams and third-party suppliers to drive continuous improvement in penetration testing practices.
Serve as the technical SME, validating methodologies and representing the function in governance forums.
Build strong relationships across Cyber Security and the wider business to raise awareness and support strategic initiatives.
Mentor junior team members and foster a culture of learning and high performance.
Ensure alignment with Bupa’s enterprise security policies, standards, and tools.
Provide consultancy and guidance to ensure compliance with regulations and internal policies.
Liaise with external stakeholders, including regulators and partners, on incident response and security matters.
Degree-level education or equivalent training.
Highly desirable: Professional certifications such as OSCP, CISSP, OSEP, CISM, or CRT/CCT.
Strong understanding of penetration testing tools, techniques, and frameworks (e.g., Nessus, Metasploit, Burp Suite).
Familiarity with Red/Purple Teaming, attack automation, and threat exposure tools.
Knowledge of cloud security (Azure, AWS, GCP), Zero Trust, containers, and serverless architectures.
Understanding of identity and privileged access management.
Awareness of cybersecurity regulations and standards (e.g., NIST, PCI DSS, GDPR, ISO 27001).
Excellent analytical and problem-solving skills, with the ability to translate technical issues into actionable insights.
Strong communication skills, able to engage with both technical and non-technical stakeholders.
Capable of working under pressure, managing priorities, and maintaining confidentiality.
Self-motivated with a proactive approach to learning and continuous improvement.
Able to influence and collaborate across teams, including external partners and regulators.
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social, and environmental wellbeing. We support flexible working and have a range of family-friendly benefits.
Joining Bupa in this role you will receive the following benefits and more:
25 days holiday, increasing through length of service, with option to buy or sell
Bupa health insurance as a benefit in kind
An enhanced pension plan and life insurance
Annual performance-based bonus
Onsite gyms or local discounts where no onsite gym available
Various other benefits and online discounts
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world.
We make health happen by being brave, caring, and responsible in everything we do. We encourage all of our people to “Be you at Bupa”, champion diversity, and represent the communities and customers we serve. We especially encourage applications from people with diverse backgrounds and experiences.
Bupa is a Level 2 Disability Confident Employer, which means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone who needs them.
hackajob is partnering with Bupa to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.