Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Secure IoT and SaaS ecosystems through penetration testing and vulnerability management.
- Company: Global tech leader focused on innovative solutions across various industries.
- Benefits: Competitive salary, flexible working, and opportunities for professional growth.
- Why this job: Join a dynamic team and make a real impact in cybersecurity.
- Qualifications: 4+ years in security roles with expertise in IoT and SaaS testing.
- Other info: Collaborative culture that values innovation and continuous learning.
The predicted salary is between 55000 - 70000 £ per year.
Camlin is a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and also has interests in a number of R&D projects in a variety of scientific sectors. At Camlin we believe in high quality engineering and design, allowing us to develop market leading products and services. In short, we love creating value for our customers by solving difficult problems. As of now, Camlin operates in over 20 countries worldwide.
As a Penetration Tester (SaaS and IoT) at Camlin, you will be a key person in the defence of our IoT and SaaS ecosystem. This is a hybrid offensive and defensive role where you will secure everything from "IoT to Cloud." You will partner with Engineering, QA, and DevSecOps to validate security is built into the release process. We are looking for a technical expert who is pro-active in identifying exploitable vulnerabilities with the ability to collaborate and communicate with stakeholders to provide a satisfactory resolution.
Key Responsibilities- SaaS Security Testing
- Web & API Penetration Testing: Conduct manual and automated testing of SaaS platforms and backend APIs against the OWASP Top 10 and API Security Top 10.
- Cloud Infrastructure Review: Assess AWS/Azure environments for misconfigurations, IAM over-privileging, and container security vulnerabilities.
- Vulnerability Management: Simulate real-world cyberattacks to identify weaknesses in SaaS infrastructures before exploitation.
- Advanced IoT & Device Security Testing
- Platform Level – Embedded Web-applications Device Interface Testing: USB, Ethernet, Serial (UART/RS232/RS485).
- Radio Frequency (RF) & Wireless Security: Standard Comms Protocols e.g. WiFi, Bluetooth.
- Cryptographic Verification: Ensuring latest cryptographic protocols and secure configuration.
- Compliance Alignment: Validate products against international standards including IEC 62443-4-1/4-2, the EU Cyber Resiliency Act (CRA), and the Radio Equipment Directive (RED).
- Secure SDLC Integration & Red Teaming
- Design & Architecture: Collaborate with Product and Engineering teams to embed security controls during the design phase, providing expert guidance on secure architecture.
- Automated Testing: Collaborate on SAST, DAST, and SCA tools (e.g., Snyk, Checkmarx, Burp Suite) within CI/CD pipelines.
- Remediation Support: Document findings in clear technical reports and provide developers with actionable code-level recommendations.
- Documentation & Reporting
- Create, update, and maintain tickets related to security findings and testing outcomes.
- Produce clear technical documentation, including assessment reports, remediation guidance, and architectural security recommendations.
4+ years in a technical security role (Penetration Tester, AppSec Engineer, or Security-focused Developer). Proven expertise in testing both hardware/firmware (IoT) and web-based platforms (SaaS). Scripting Proficiency: Ability to automate tasks using Python, Bash, or similar. Tooling Mastery: Expertise with Burp Suite, Metasploit, Nmap, and hardware-specific tools (Ghidra, Frida, Objection). Certifications: OSCP, CREST (CRT/CCT), or GPEN (highly regarded).
Nice to have but not essential
- Deep understanding of Linux (Yocto)/Windows internals and modern application architectures.
- Experience with peripheral standards (I2C, SPI, PCI, PCIe, RS422, RS485, RS232, SATA, PATA, MMC).
- Familiarity with Agile methodologies and DevSecOps practices.
- Working knowledge of security standards (OWASP, NIST, ISO 27001).
- AWS Security Toolchain.
Our Values
- We work together
- We believe in people
- We won't accept the 'way it has always been done'
- We listen to learn
- We're trying to do the right thing
Equal Employment Opportunity Statement: Individuals seeking employment at Camlin are considered without regards to race, colour, religion, national origin, age, sex, marital states, ancestry, physical or mental disability, gender identity or sexual orientation.
Penetration Tester in England employer: Camlin
Contact Detail:
Camlin Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Penetration Tester in England
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that Penetration Tester role.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, whether they’re personal or professional. We love seeing real-world applications of your expertise, so make sure to highlight your best work.
✨Tip Number 3
Prepare for the interview like it’s a security breach! Research Camlin and understand their products and values. We want to see that you’re genuinely interested in the company and how you can contribute to their mission.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always looking for passionate individuals who align with our values, so don’t hesitate!
We think you need these skills to ace Penetration Tester in England
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Penetration Tester role. Highlight your experience with SaaS and IoT security, and don’t forget to mention any relevant certifications like OSCP or CREST. We want to see how your skills align with what we’re looking for!
Showcase Your Skills: In your application, be sure to showcase your technical skills, especially in areas like web and API penetration testing. Mention your proficiency with tools like Burp Suite and Metasploit, as these are key to the role. Let us know how you’ve used these tools in real-world scenarios!
Be Clear and Concise: When writing your cover letter, keep it clear and concise. We appreciate straightforward communication, so get to the point about why you’re a great fit for the role. Use bullet points if necessary to make your achievements stand out!
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at Camlin!
How to prepare for a job interview at Camlin
✨Know Your Stuff
Make sure you brush up on your technical skills, especially around penetration testing tools like Burp Suite and Metasploit. Be ready to discuss your experience with both IoT and SaaS platforms, as well as any relevant certifications you hold.
✨Show Your Problem-Solving Skills
Camlin loves solving difficult problems, so be prepared to share examples of how you've identified and resolved vulnerabilities in past roles. Think about specific scenarios where your proactive approach made a difference.
✨Collaborate Like a Pro
Since this role involves working closely with Engineering, QA, and DevSecOps teams, highlight your collaboration skills. Share experiences where you successfully communicated security needs and worked with others to implement solutions.
✨Stay Current with Trends
The tech landscape is always changing, especially in security. Show that you're up-to-date with the latest trends in IoT and cloud security, and be ready to discuss how these might impact Camlin's products and services.