Skip to main content

Penetration Tester (12MFTC)

Req ID:
Information Technology
Bromley; Leeds; Bristol

About Us

We are Direct Line Group – home to some of the country's best-known brands including Direct Line, Churchill, Privilege, Greenflag and NIG. Our vision is to create a world where insurance is personal, inclusive, and a force for good, and our purpose is to help people carry on with their lives, giving them peace of mind now and in the future.

The Role

This is an exciting time to join the Penetration Testing team at Direct Line Group with the function having recently moved towards a more agile way of working. Do you have a holistic view towards security testing and are you happy to challenge the status-quo where required? Do you have experience developing and delivering high-quality penetration tests and custom attack simulations within a fast-paced and outcomes-based environment?

We would love to hear from you if you answer is a resounding yes as we're looking for a  PenetrationTester to join us for a period of 12 months to support with project work. Our Head Office is based in London but we offer a hybrid model (flexible working is encouraged with testers presently working in a hybrid model that sees predominant homeworking with the expectation to visit the office at least once a month).

Whilst certain qualifications are sought consideration will always be given to candidates with relevant experience within the field, particularly those from a strong traditional penetration testing background.

Who you'll be working with:

The role sits within a lean, UK based, Security Testing team and reports directly to the Security Test Manager. Besides being a technical authority, providing assurance that security is built in by design, your work will also involve engagement across the business to support infrastructure and web application testing, code reviews, and intelligence led penetration test activity.

At Direct Line Group, we're shaping the future. With a mission to make insurance easier and better value for our customers, we embrace change in all its richness and variety. It's not just what we do; it's how we do it!

What you'll be doing:

  • Scoping and execution of penetration tests against a variety of technologies including infrastructure, web & mobile applications, and code review
  • Document technical issues identified during security assessments, completion of concise written reports that articulate vulnerabilities, and provision of suggested remediation actions specifically tailored around the risks to the business
  • Remediation management and retesting of vulnerabilities post-mitigation, providing SME advice to developers and project leads
  • Research and development of custom exploits/malware/tooling to support penetration testing and red team engagements
  • Develop test plans that clearly articulate risk management strategies and communication planning
  • Identification and maintenance of standards and procedures around the use of tools for approved internal security testing purposes
  • Assist Red Team activities including scoping and executing bespoke intelligence led attack scenarios in line with a custom-tailored red team strategy
  • Work with Red Team Lead, blue teams and security stakeholders to improve DLG's detect and response capabilities and operational resilience based on Red Team engagement outcomes
  • Collaboration with internal Cyber Threat Intelligence team to help develop effective attack scenarios

What you'll need:

  • Strong experience of running pen testing from E2E including; scoping of what needs testing, the technology, through to the testing itself - all whilst understanding risks & the best techniques to use
  • Experience of cloud testing in both AWS & Azure
  • Experience in infrastructure & web application penetration testing, and code reviews
  • Ability to communication and report to various levels of technical and non technical stakeholders



Ways of Working

Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. How much you'll be in the office depends on your role, and we'll consider the flexible working options that work best for you.

Read our flexible working approach here.


We recognise we wouldn't be where we are today without our colleagues, that's why we offer excellent benefits designed to suit your lifestyle:

  • 9% employer contributed pension
  • 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover
  • Additional optional Health and Dental insurance
  • Up to 10% bonus
  • EV car scheme allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way.
  • Generous holidays
  • Buy as you earn share scheme
  • Employee discounts and cashback
  • Plus many more

Being yourself

Direct Line Group is an equal opportunity employer, and we think diversity of background and thinking is a big strength in our people. We're delighted to feature as one of the UK's Top 50 Inclusive Employers and are committed to making our business an inclusive place to work, where everyone can be themselves and succeed in their careers.

We know you're more than a CV, and the things that make you, you, are what bring potential to our business. We recognise and embrace people that work in different ways so if you need any adjustments to our recruitment process, please speak to the recruitment team who will be happy to support you.

Be the first to know

Sign up for job alerts

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Bromley, England, United KingdomRemove
  • Information Technology, Leeds, England, United KingdomRemove
  • Information Technology, Bristol, England, United KingdomRemove

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.