Role & seniority

Cyber Threat Analyst (Penetration Tester), entry-level

Stack/tools

Security: SIEM, EDR, DLP, email security; threat intel feeds

OS/Cloud: Windows, Linux, cloud (AWS/Azure), Kubernetes

Automation/Scripting: Python, PowerShell, Bash

CI/CD/DevOps: Terraform, Ansible (desirable)

Top 3 responsibilities

Assist with penetration testing and threat operations; support incident response, threat hunting, and detection engineering
Identify vulnerabilities and document exploitation paths with remediation guidance; review threat intel and contribute to advisories
Support SIEM rule optimization, detection use cases, and deployment/automation of security tooling

Must-have skills

Up to 2 years in IT, Security Engineering, DevOps, or related field
Understanding of penetration testing and ethical hacking
Networking fundamentals (TCP/IP, DNS, HTTPS, firewalls); familiarity with Windows and Linux
Programming: Python, Bash, or PowerShell
Exposure to cloud or CI/CD environments (AWS, Azure, Terraform, Ansible desirable)

Nice-to-haves

Hands-on platforms/training: TryHackMe, HackTheBox, OSCP-related or Red Team training

Relevant certifications (advantageous but not essential): Security+, SC-900, AWS Cloud Practitioner

Location & work type

London, hybrid work arrangement
Permanent role

Full Description

We are partnering with a trading company based in London that is seeking a Cyber Threat Analyst (Penetration Tester) to join their Information Security team on a permanent, hybrid basis. This is an entry-level opportunity offering hands-on experience in penetration testing and security engineering within a globally significant financial market infrastructure environment. The Role You will support the penetration testing and threat operations function.

Key responsibilities include

Assisting with penetration testing
Supporting incident response, threat hunting, and detection engineering
Identifying vulnerabilities and documenting exploitation paths, with clear remediation guidance
Reviewing threat intelligence feeds and contributing to security advisories
Supporting SIEM rule optimisation and detection use cases
Assisting in the deployment and automation of security tooling (SIEM, EDR, DLP, email security)
Contributing to scripting and automation initiatives (Python, PowerShell, Bash)
Supporting secure configurations across Windows, Linux, cloud, and Kubernetes environments
About you
Up to 2 years’ experience in IT, Security Engineering, DevOps, or a similar field (including internships or academic projects)
Understanding of penetration testing and ethical hacking
Knowledge of networking fundamentals (TCP/IP, DNS, HTTPS, firewalls)
Familiarity with Windows and Linux systems
Programming (Python, Bash, or PowerShell)
Exposure to cloud or CI/CD environments (AWS, Azure, Terraform, Ansible desirable)
Activity on TryHackMe, HackTheBox, and OSCP-related / Red Team training (or some equivalent the named platforms).
Relevant certifications such as Security+, SC-900, or AWS Cloud Practitioner are advantageous but not essential.