Penetration TesterTandem

Cardiff, United Kingdom 01-05-2023

Job Title: Penetration Tester

Working Pattern: Monday to Friday (09:00-17:00)

Salary: Up to £50k and up to 20% bonus and benefits
Location: Flexible, we could support fully remote or hybrid working from any of our UK offices in London, Cardiff, Durham, or Blackpool

About Tandem

We’re Tandem. The UK’s fairer, greener, digital bank providing hard working people across the UK with greener ways to spend, borrow and save.

With more than 500 people in London, Blackpool, Cardiff, Durham and Manchester, all working together to create a fairer, greener, more accessible bank for people across the UK.

We’re on a mission to proactively help our customers to reduce their carbon footprint and accelerate the UK to net-zero carbon emissions by 2050 and we need more people to help us achieve this goal.

We've taken the beliefs, behaviours, and personality and created four underpinning values. These values demonstrate our guiding principles and behaviours for everyone at Tandem. Our ambition is that these values are ingrained and always front of mind when we're engaging with our stakeholder audiences.  Our values are BRAVE, ENTERPRISING, SIMPLE and TOGETHER.


Penetration Tester 

We’re building an amazing team and we’re looking for a hardworking and driven Penetration Tester to support us on our journey.

Reporting to Security Operations Technical Lead, the Penetration Tester will work very closely with the Security Operations Centre and other departments and will ensure that highly effective security detection and response capability can be provided. Duties include penetrating testing, threat hunting, performing security assessments and implementing defensive mechanisms etc. to defend the company against threats. You would also be working with different departments and external pen-testing service providers to perform Purple Team testing and Red/Blue Team testing, as well as to gather threat intelligence, identify internal and insider threats, in order to translate them into IOCs.

Our Team

Tandem’s Information Security team currently consist of:

  • Head of Information Security
  • Security Operations Lead
  • Information Security Analysts x 2
  • Information Security Cloud Engineer.

What we're looking for:


  • Minimum of 3 years’ relevant experience in penetration testing and offensive/defensive security (application security, infrastructure, mobile security testing etc.)
  • Knowledge in Penetration Testing toolsets, e.g. Kali, Metasploit, Bloodhound, Cobalt Strike, Core Impact, Mimikatz, Burp Suite, Netsparker etc.
  • Knowledge in network and web related protocols such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols etc.
  • Experience in financial services
  • Knowledge in Windows, UNIX, and Linux operating systems and command line tools.
  • Knowledge of Scripting Languages e.g. Python \ Powershell
  • Excellent report writing skills along with communicating security vulnerabilities to both technical and non-technical stakeholders.


  • Ability to translate information security concepts to audiences of different technical levels
  • At least one of the professional qualifications: OSCP, CREST CTT, CREST CCSAS, CISSP, CSSLP, GIAC (GPEN/GXPN/GWAPT/GSEC/GCIH).

Our rewards are getting a big update, with enhancements due to land in early 2023! 

Current Rewards

  • 25 days annual leave plus 8 days bank holiday
  • 1 day off for your birthday
  • Electric Vehicle scheme
  • Free cereal and snacks in the office
  • Cycle to work scheme and a free helmet
  • Perkbox for treats and discounts
  • Pension contribution
  • 2 days per year paid volunteering

Take part in our Green Deal

  • Volunteer 2 days a week for charity > receive an early Friday finish
  • Raise £200 per annum for charity > Tandem provide PR and marketing support
  • Have renewable energy at home > receive an additional 1-day annual leave
  • Drive a lower emissions or hybrid car > free raffle entries with the chance to win a weekend away for 2
  • Drive an electric car > receive £500 towards a home charger

Sourcing Model

Recruitment at Tandem works primarily on a direct sourcing model and does not accept resumes from recruitment agencies which are not on the preferred supplier list. We are not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

You can find our Applicant Privacy Policy on our Careers page.

Tandem is an equal opportunity employer and are committed to meeting our responsibilities under the Equality Act (2010). We respect the diverse experience and talents that every individual brings to our Company, and we are determined to ensure that no applicant or employee receives less favourable treatment on the grounds of gender, age, disability, religion, belief, sexual orientation, marital status, or race, or is disadvantaged by conditions or requirements which cannot be shown to be justifiable.

Please be aware that background checking (including credit and criminal records checks) form part of our recruitment process. We will adhere to our duties under the Rehabilitation of Offenders Act 1974.




Applications are now closed