Senior Penetration Tester

APPLY NOW! Intact Insurance is the new name for RSA in the UK, Ireland, and across Europe. It's a new name and a new way to do business. Backed by global expertise and a commitment to service that feels different, we're focused on making insurance simpler, faster, and more responsive.

We're leading a transformation in insurance helping people, businesses and society prosper in good times and be resilient in bad times. When you join us, you're not just taking a job, you're stepping into a career where you can make a real difference.

We're customer-driven, community-focused, and committed to helping our people grow. Whether you're early in your journey or bringing years of experience, we'll support you with the tools, flexibility, and opportunities to thrive.

The Senior Penetration Tester plays a critical role in safeguarding Intact's assets by leading the scoping, planning, and execution of complex penetration tests across a diverse range of technologies, environments, and business functions, including network, application and cloud. This position requires a deep technical understanding of offensive security methodologies, strong communication skills, and the ability to translate business requirements into actionable testing strategies.

As part of the role, the Senior Penetration Tester will actively contribute to purple team / threat simulation testing, working in close collaboration with defensive security teams to enhance detection and response capabilities. This involves simulating advanced attack scenarios, validating security controls, and leveraging frameworks such as MITRE ATT&CK to ensure comprehensive coverage of adversarial TTPs (Tactics, Techniques and Procedures).

The successful candidate will play a key role in translating offensive insights into actionable defensive improvements, fostering a culture of continuous learning and resilience against evolving threats.

• Lead the scoping, planning, and delivery of complex penetration tests across networks, applications, cloud environments, and emerging technologies.
• Conduct advanced offensive security assessments to identify and exploit vulnerabilities, providing clear and actionable remediation guidance.
• Collaborate with defensive teams to help design and execute purple team exercises, improving detection and response capabilities.
• Produce high-quality reports and communicate findings effectively to technical and non-technical stakeholders.
• Assist the Cyber Defence team with vulnerability validation, and technical support during incident response.
• Mentor junior team members, sharing knowledge and best practices to develop overall team capability.
• Peer‑review methodologies and reports to ensure repeatability and quality.
• Stay current with evolving threats, tools, and techniques, contributing to continuous improvement of testing methodologies and security posture.
• Maintain and champion the security testing elements of the SDLC

• Experience of leading network, web, cloud, internal and red / purple team penetration tests
• Excellent knowledge of penetration testing approaches, tools and techniques
• Excellent knowledge of MITRE ATT&CK framework and TTPs
• Strong capability in identifying, validating, and clearly articulating vulnerabilities
• Experience writing high-quality reports with clear risk statements and remediation guidance
• Ability to perform threat modelling and attack surface analysis.
• Excellent knowledge and understanding of Open Web Application Security Project (OWASP)
• Demonstrable experience with automated, dynamic and static application security testing tools
• Experience in managing third party suppliers
• Relevant technical security qualifications or experience, for example OSCP, SANS, CREST, CRTO, or equivalent level

• Annual discretionary bonus
• Up to 11% pension contributions
• Hybrid working + flexible hours
• 25 days annual leave + bank holidays + buy/sell options
• Health & wellbeing + virtual GP
• Career development and mentoring
• Inclusive culture + employee networks
• Share investment options

We celebrate individuality and believe our differences make us stronger. We're proud to foster a culture where everyone feels respected, valued, and empowered to thrive.

As an Equal Opportunity and Disability Confident Employer, we ensure fair consideration for all applicants and offer interviews to all disabled candidates who meet the essential criteria.

We understand that everyone's circumstances are different and are happy to explore flexible working options such as reduced hours or job shares to support work‑life balance.

If you meet the core criteria but not every requirement, we'd still love to hear from you. Let's explore how this role could support your next career step. If you need adjustments during the recruitment process, just let us know we're here to support you.