Cyber Threat Specialist; Penetration Tester
Job in
Greater London, London, Greater London, EC1A, England, UK
Listed on 2026-01-13
Listing for:
London Metal Exchange Limited
Full Time, Per diem
position Listed on 2026-01-13
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, IT Consultant, Network Security
Job Description & How to Apply Below
Location: Greater London
Cyber Threat Specialist (Penetration Tester) page is loaded## Cyber Threat Specialist (Penetration Tester) locations:
UK-London time type:
Full time posted on:
Posted Todayjob requisition :
R003436
Cyber Threat Specialist (Penetration Tester)
** Shift Pattern:
** Standard 40 Hour Week (United Kingdom)
** Scheduled Weekly
Hours:
** 40
* * Corporate Grade:
** E - Associate
** Reporting Line:**(UK Division) Information Technology
*
* Location:
** UK-London
** Worker Type:
** Permanent
* * Overall Purpose of Role:
** This role is an entry-level position within the Information Security team at the London Metal Exchange (LME). This role will be a junior member of the penetration testing team to conduct penetration testing of LME systems and applications. Penetration testing will include scoping, performing assessments, identifying vulnerabilities, documenting technical exploitation steps, and providing recommendations and remediations.
The successful candidate will work closely with IT Engineering, Security Operations, and Infrastructure teams to ensure that security controls are effectively implemented and maintained across LME’s platforms.
*
* Key Responsibilities:
**** Penetration Testing & Security Assessments
*** Participate in offensive assessments (red team, penetration testing, breach and attack simulation, bug bounty) and defensive security operations (threat hunting, incident handling, investigation and forensics, detection engineering) for LME systems and infrastructure;
* Support security incidents and act as stretch capacity for incident response and threat handling;
Participate with on-call duties and after-hours support of incident management for incident escalations;
* Participate in Red/Blue Team testing, identify gaps/weaknesses in monitoring capabilities and recommend/implement changes;
* Review intelligence feeds and generate advisories as needed. Stay up-to-date with current and emerging trends that represent a threat to LME;
* Support threat hunting based on the defined threat model and specific attack scenarios. Perform analysis of existing data to discover patterns, and build use cases to detect malicious activity;
* Optimise detection and response rules;
Support the testing and recertify SIEM rules against threat models and detection frameworks;
** Security Engineering & Automation
*** Assist in the deployment and maintenance of security tools and platforms (e.g., E-Mail Security, DLP, SIEM, Endpoint Protection).
* Develop and support the automation of security tools, configuration, and updates using scripting (e.g. Python, Power Shell, Bash, NPM).
* Contribute to Infrastructure as Code (IaC) efforts using Terraform or Ansible.
* Help monitor and maintain secure configurations across Windows, Linux, and Kubernetes environments.
** Operational Support
*** Provide support for incident response and troubleshooting related to security tooling and access controls.
* Provide support for Red/Blue team testing and penetration testing.
* Help maintain documentation, standards, and procedures related to security engineering and platform protection.
* Participate in on-call and weekend support rotations as needed
** Qualifications /
Skills Required:
*** Desirable: A University degree or equivalent qualifications in a STEM subject such as Computer Science, or Engineering and/or Information Systems.
* Desirable:
Entry-level certifications such as CompTIA Security+, Microsoft SC-900, or AWS Cloud Practitioner.
* Activity on Try Hack Me , Hack The Box , and OSCP-related / Red Team training (or some equivalent the named platforms).
* Demonstrable activity on Github showing code, tools development, and/or contributing to projects and repos in the offensive security space.
Required Knowledge and
Experience:
* Up to 2 years of experience in IT, security engineering, or Dev Ops (internships or academic projects included).
* Basic understanding of: + Ethnical Hacking & Penetration Testing
* Networking and security protocols (TCP/IP, HTTPS, DNS, Firewalls, Proxy). + Operating systems (Windows, Linux/Unix, Kubernetes). + Scripting or programming (Python, Bash, Power Shell). + CI/CD tools and cloud platforms (e.g., Ansible Tower, Bitbucket, Hashicorp Vault, Pipelines, AWS, Azure) + Working knowledge of SDLC + Security Tooling (e.g. EDR, SIEM, Antivirus)
Personal Qualities:
* Curiosity about emerging threats and technologies
* Ability to assess and prioritize tasks/risks
* Attention to detail
* Enthusiastic about security engineering and automation.
* Strong analytical and problem-solving skills.
* Effective communicator with good documentation habits.
* Team-oriented, proactive, and adaptable in a fast-paced environment.
* Willingness to learn and grow within a critical infrastructure environment.
* Commitment to continuous learning
* The LME is committed to creating a diverse environment and is proud to be an equal opportunity employer. In recruiting for our teams, we welcome the unique contributions that you can bring in terms of education, ethnicity, race, sex,…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×