Job Description

Eligibility: Candidates must reside in the UK and have lived in the UK for at least the past 5 years. We are unable to consider applicants who do not meet this criteria.

Due to continued growth, we are looking for new team members to join our web application team who are skilled in at least one programming language and have a clear, demonstrable passion for security.

We're keen to hear from skilled individuals with strong development experience and a solid understanding of offensive security. This is a hands-on role suited to someone curious, adaptable and confident writing secure code. You should enjoy solving challenging problems and have a genuine interest in security. We are looking for someone who wants to grow with the business and take full advantage of learning and development opportunities.

Our team includes both fully remote and hybrid consultants. This role is fully remote with very occasional team meetups. Applicants who live within commuting distance of Northallerton, North Yorkshire also have the option to work from the office.

The Role

In this role you'll work on a variety of tools, both open and closed source, collaborating with a team of experienced engineers to develop, maintain, and enhance our tooling.

You'll be hands-on with cutting-edge DevSecOps technologies, working alongside senior engineers on diverse client projects that span development and operations, all with a specific focus on security.

Progression within this role includes web application penetration testing, with each test including source code review. This progression will be supported through peer mentoring within the team and opportunities to support on penetration tests through to potentially progressing to certifications such as OSWE.

This is a security-focused role that is well-suited to developers who want to begin a career in cyber and are looking for a varied, hands-on and engaging position with a company that takes pride in providing services of the highest quality, value and integrity.

Key Responsibilities

Develop, maintain, and enhance security-focused applications and tooling. Collaborate with engineers to troubleshoot, debug, and write clean, scalable code. Implement development, testing and automation tools, as well as infrastructure. Continuously improve CI/CD pipelines and DevSecOps processes. Work across multiple projects, including client-facing engagements. Create and review high quality reports which provide accurate, detailed information for clients with a broad range of technical capabilities. Provide innovative and robust solutions to complex, cutting-edge challenges. Support with web application penetration testing alongside senior engineers.

Required Skills & Experience

Strong development skills in

at least one programming language

(e.g. Python, JavaScript, Java, C#, Go) Solid understanding of

cloud security principles and architecture

(e.g. AWS well-architected framework) Knowledge of modern

programming frameworks

(e.g. React, Node.js, .NET, Django, etc.) Experience with

containerisation technologies

(Docker, Kubernetes, etc.) A

keen eye for detail

and high standards for code quality and security Excellent

written and verbal communication skills

, particularly with clients Demonstrated

passion for security

and development Ability to self-manage and motivate in a remote role Must have resided in the UK for at least the past 5 years and willing to undergo security clearance Authorisation to work in the UK. We are unable to offer visa sponsorship for this role

Desirable Qualifications (Not Essential)

Relevant industry certifications (e.g. Offsec OSWE) Experience integrating security into CI/CD workflows Security clearance Commercial penetration testing experience, ideally with web and API testing focus

What We Offer

Work with a passionate, supportive, and security-driven team Flexible working options (remote-first with occasional team meetups) Option for office working for applicants in commutable distance to Northallerton Challenging, varied projects across industries and technologies Opportunity to grow your role in line with the team's rapid expansion Industry certifications Opportunities for travel (examples of previous events include GISEC Dubai, conferences across the UK, BlackHat USA) Performance bonus opportunities Regular pay reviews Private health cover following successful passing of probation (including dependents up to age 18)

Punk Security is an equal opportunities employer

At Punk Security, we are committed to creating an inclusive, diverse, and respectful workplace where everyone has the opportunity to thrive. We welcome applications from people of all backgrounds and believe diverse perspectives help us deliver better outcomes for our clients, our team, and our industry. If you're passionate about cyber security, believe you meet the needs of the role and want to be part of a supportive, forward-thinking team, we encourage you to apply.

Punk Security is also a proud Silver Award holder of the Armed Forces Covenant. We recognise the valuable skills and qualities ex-forces personnel bring to cyber security and actively encourage applications from veterans, reservists, and service leavers.

Job Types: Full-time, Permanent

Pay: 30,000.00-40,000.00 per year

Benefits:

Casual dress Company events Work from home
Experience:

Back-end development: 2 years (required)
Licence/Certification:

OSWE (preferred)
Work authorisation:

United Kingdom (required)
Location:

United Kingdom (required)
Work Location: Remote