Senior Security Penetration Testing Analyst
- Staines, Surrey
- £53,200-66,500 per year
- Permanent
- Full-time
Right from the start you’ll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.As a Senior Security Penetration Testing Analyst you’ll lead and manage the full penetration testing lifecycle across Bupa’s UK business. As a senior member of the CISO function, you’ll coordinate end-to-end testing engagements, provide subject matter leadership, and ensure findings are effectively governed and reported. You'll support junior team members, collaborate cross-functionally, and contribute to strategic improvements in penetration testing processes and assurance models.How you’ll help us make health happen:Act as the senior technical lead for the Penetration Testing team, overseeing end-to-end testing processes and ensuring findings are effectively managed and remediated.Collaborate with internal teams and third-party suppliers to drive continuous improvement in penetration testing practices.Serve as the technical SME, validating methodologies and representing the function in governance forums.Build strong relationships across Cyber Security and the wider business to raise awareness and support strategic initiatives.Mentor junior team members and foster a culture of learning and high performance.Ensure alignment with Bupa’s enterprise security policies, standards, and tools.Provide consultancy and guidance to ensure compliance with regulations and internal policies.Liaise with external stakeholders, including regulators and partners, on incident response and security matters.Key Skills / Qualifications needed for this role:Degree-level education or equivalent training.Highly desirable: Professional certifications such as OSCP, CISSP, OSEP, CISM, or CRT/CCT.Strong understanding of penetration testing tools, techniques, and frameworks (e.g. Nessus, Metasploit, Burp Suite).Familiarity with Red/Purple Teaming, attack automation, and threat exposure tools.Knowledge of cloud security (Azure, AWS, GCP), Zero Trust, containers, and serverless architectures.Understanding of identity and privileged access management.Awareness of cybersecurity regulations and standards (e.g. NIST, PCI DSS, GDPR, ISO 27001).Excellent analytical and problem-solving skills, with the ability to translate technical issues into actionable insights.Strong communication skills, able to engage with both technical and non-technical stakeholders.Capable of working under pressure, managing priorities, and maintaining confidentiality.Self-motivated with a proactive approach to learning and continuous improvement.Able to influence and collaborate across teams, including external partners and regulators.BenefitsOur benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.Joining Bupa in this role you will receive the following benefits and more:
- 25 days holiday, increasing through length of service, with option to buy or sell
- Bupa health insurance as a benefit in kind
- An enhanced pension plan and life insurance
- Annual performance-based bonus
- Onsite gyms or local discounts where no onsite gym available
- Various other benefits and online discounts