Senior Security Penetration Testing Analyst

Job Description:

Senior Security Penetration Testing Analyst

Primary location: Salford (M50 3SP), Staines (TW18 3DZ), London (EC2R 7HJ), Leeds (LS5 3BF)

Flexible / Hybrid working options.

Permanent

Salary from £53,200 - £66,500 (Negotiable - depending on exp. & location)

10% Bonus+ fantastic benefits

Full time 37.5 hours

We consider all types of flexibility, including locations, hours and working patterns.

We make health happen

At Bupa, we're passionate about technology. With colleagues, customers, patients and residents in mind you'll have the opportunity to work on innovative projects and make a real impact on their lives.
Right from the start you'll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.

As a Senior Security Penetration Testing Analyst you'll lead and manage the full penetration testing lifecycle across Bupa's UK business. As a senior member of the CISO function, you'll coordinate end-to-end testing engagements, provide subject matter leadership, and ensure findings are effectively governed and reported. You'll support junior team members, collaborate cross-functionally, and contribute to strategic improvements in penetration testing processes and assurance models.

How you'll help us make health happen:

• Act as the senior technical lead for the Penetration Testing team, overseeing end-to-end testing processes and ensuring findings are effectively managed and remediated.

• Collaborate with internal teams and third-party suppliers to drive continuous improvement in penetration testing practices.

• Serve as the technical SME, validating methodologies and representing the function in governance forums.

• Build strong relationships across Cyber Security and the wider business to raise awareness and support strategic initiatives.

• Mentor junior team members and foster a culture of learning and high performance.

• Ensure alignment with Bupa's enterprise security policies, standards, and tools.

• Provide consultancy and guidance to ensure compliance with regulations and internal policies.

• Liaise with external stakeholders, including regulators and partners, on incident response and security matters.

Key Skills / Qualifications needed for this role:

• Degree-level education or equivalent training.

• Highly desirable: Professional certifications such as OSCP, CISSP, OSEP, CISM, or CRT/CCT.

• Strong understanding of penetration testing tools, techniques, and frameworks (e.g. Nessus, Metasploit, Burp Suite).

• Familiarity with Red/Purple Teaming, attack automation, and threat exposure tools.

• Knowledge of cloud security (Azure, AWS, GCP), Zero Trust, containers, and serverless architectures.

• Understanding of identity and privileged access management.

• Awareness of cybersecurity regulations and standards (e.g. NIST, PCI DSS, GDPR, ISO 27001).

• Excellent analytical and problem-solving skills, with the ability to translate technical issues into actionable insights.

• Strong communication skills, able to engage with both technical and non-technical stakeholders.

• Capable of working under pressure, managing priorities, and maintaining confidentiality.

• Self-motivated with a proactive approach to learning and continuous improvement.

• Able to influence and collaborate across teams, including external partners and regulators.

Benefits

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health - from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.

Joining Bupa in this role you will receive the following benefits and more:

• 25 days holiday, increasing through length of service, with option to buy or sell

• Bupa health insurance as a benefit in kind

• An enhanced pension plan and life insurance

• Annual performance-based bonus

• Onsite gyms or local discounts where no onsite gym available

• Various other benefits and online discounts

Why Bupa?

We're a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose - helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.

We encourage all of our people to "Be you at Bupa", we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That's why we especially encourage applications from people with diverse backgrounds and experiences.

Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We'll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.

Time Type:

Full time

Job Area:

IT

Locations:

Angel Court, London, Bupa Place, Kirkstall Forge, Staines - Willow House