×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Data Security

Senior Offensive Security Engineer

Job in Nottingham, Nottinghamshire, NG1, England, UK
Listing for: Experian
Full Time position
Listed on 2026-02-17
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Data Security
Job Description & How to Apply Below

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at

Internal Grade D/EB8

Job Description

Experian's Offensive Security team charges itself with improving the organisation's security posture through clarifying risk and verifying the efficacy of our technical, people, physical and process controls from an attacker perspective. The team performs regular Adversary Simulation (Red Team) testing and a range of Ad‑Hoc and Tactical Assessments based on changes to the threat landscape and organisational needs.

To succeed in this role, you have breadth and depth of security knowledge, including operating systems, networking and protocols, firewalls, databases, and middleware applications. Additionally, you will have expertise in forensics, scripting and programming, vulnerabilities, and the usage of GenAI / social engineering techniques.

This is a fully remote, UK‑based position reporting to the Head of Offensive Security.

Responsibilities
  • Collaborate with other teams within the Cyber Fusion Centre and the wider organisation to understand and articulate cyber risks in a threat‑informed manner, contributing to the successful defense of the organisation.
  • Support Offensive Security’s engagement at multiple organisational levels, from senior leaders to technical analysts, to improve risk understanding and verify the efficacy of remediation/mitigative actions.
  • Participate in performing physical exploitation, network exploitation and social engineering assessments against authorised targets.
  • Use Cyber Threat Intelligence, Offensive Security Research, previous Adversary Simulation (Red Team) findings and internal risk intelligence to develop test cases demonstrating TTP effectiveness against Experian’s control environment.
  • Research and stay up to date with the latest cyber threats, attack vectors and attacker methodologies.
  • Develop scripts, tools and methodologies to increase Offensive Security’s capabilities and educate other team members around automation and AI.
  • Use MITRE ATT&CK Framework and other structured attack analysis tools to describe and classify attacker methodology and significance.
Qualifications What your core background is
  • Background in offensive security and adversary simulation.
  • Detailed knowledge of global cyber threats and the procedures used by cyber adversaries.
  • Two or more of the following skills:
    • Network penetration testing and manipulation of network infrastructure
    • Web application penetration testing assessments
    • Email, phone, or physical social‑engineering assessments
    • Development, extension, or modification of exploits, shellcode or exploit tools
    • Covert physical intrusion
    • Cloud security or penetration testing (any major provider)
    • AI Red Teaming/Testing and usage of Agentic AI for automation.
  • Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN or equivalent experience.
Specialist Skills
  • Proficient in attacker tooling, including post‑exploitation frameworks and tooling.
  • Proficient in any of the following programming languages (C, C++, C#, Python, Power Shell, Bash, or Ruby).
  • Proficient in Social Engineering techniques across OSINT, phishing, vishing and impersonation.
  • Knowledge of current cloud attack methodologies and mitigations.
  • Experience with Windows Operating System architecture and internals and use thereof in an enterprise environment.
  • Core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, relational databases, data…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search