About

Cyber Threat Analyst (Penetration Testing) – London – Hybrid A leading financial services client is hiring an entry-level Cyber Threat Analyst to join its Information Security team, with a focus on penetration testing and offensive security. The Role Support penetration testing and offensive security activities, including red teaming, breach and attack simulation (BAS), and bug bounty engagements.Assist with incident response and participate in the on-call rota for major incidents.Contribute to red/blue team exercises, threat hunting, SIEM rule tuning, and detection engineering.Help deploy, maintain, and automate security tooling (email security, DLP, SIEM, endpoint protection) using scripting and Infrastructure as Code (IaC). Required Knowledge and Experience Up to 2 years of experience in IT, security engineering, or DevOps (internships or academic projects welcome).Basic understanding of:Ethical Hacking & Penetration TestingNetworking and security protocols (TCP/IP, HTTPS, DNS, Firewalls, Proxy)Operating systems: Windows, Linux/Unix; Kubernetes desirableScripting or programming languages: Python, Bash, PowerShellCI/CD tools and cloud platforms: e.g. Ansible Tower, Bitbucket, HashiCorp Vault, Pipelines, AWS, AzureSoftware Development Life Cycle (SDLC) principlesSecurity tooling: EDR, SIEM, Antivirus Qualifications / Skills Required Desirable: University degree or equivalent qualification in a STEM subject (Computer Science, Engineering, or Information Systems).Desirable: Entry-level security certifications such as CompTIA Security+, Microsoft SC-900, or AWS Cloud Practitioner.Desirable: Demonstrated activity on TryHackMe, HackTheBox, or OSCP-rela