Veracode

About the Company

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform offers adaptive software security and is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, Malicious Package Detection, and Penetration Testing.

Listed Jobs

Company Name

Veracode

Job Title

Senior Penetration Tester

Job Description

**Job Title** Senior Penetration Tester **Role Summary** Senior Penetration Tester designs, executes, and leads advanced security assessments for cloud and application environments. The role ensures delivery success, customer satisfaction, and continuous improvement of testing tools and processes. **Expectations** - Achieve utilization targets through billable engagements and internal projects. - Deliver actionable, measurable audit results aligned with departmental strategy. - Maintain and enhance best‑practice documentation for use by technical and non‑technical stakeholders. - Mentor junior team members and collaborate cross‑functionally with Customer Success, Sales, Engineering, and Product teams. **Key Responsibilities** - Plan and conduct comprehensive penetration tests on web, mobile, cloud, and network targets using industry frameworks (OWASP, NIST, CVSS). - Identify, exploit, and validate vulnerabilities, including AI‑specific attack vectors (prompt injection, data poisoning, model inversion). - Provide detailed findings, risk assessments, and remediation guidance to clients and internal stakeholders. - Develop and maintain automation scripts and tooling to increase testing efficiency and reproducibility. - Escalate complex issues to senior leadership while resolving day‑to‑day technical challenges. - Create and refine security testing policies, procedures, and standard operating practices. - Contribute to internal knowledge sharing and client-facing best‑practice materials. **Required Skills** - 4+ years of hands‑on penetration testing experience. - Proficiency with Burp Suite, Nmap, Metasploit, Kali Linux, and related toolchains. - Strong scripting in Python, Bash, or PowerShell for automation and tool development. - Deep understanding of cloud security for AWS, Azure, and GCP environments. - Expertise in application, web service, and network security concepts. - Excellent verbal, written, and presentation communication skills. - Ability to work collaboratively under pressure and manage detailed technical documentation. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent). - Professional certifications: CREST, OSCP, OSCE, OSEP, GWAPT, GXPN, or similar. ---

London, United kingdom

Hybrid

Senior

17-12-2025