Job Description

Role: Security Tester

Location: Leeds/hybrid, working 2-3 days per week in the office

Salary: DOE plus extensive benefits

Contract type: Permanent

Employment type: Full time

Working hours: 37.5 hours per week, Mon-Fri

Do you want to work for the nation's largest online pharmacy ensuring excellence for all our patients? We're a market leader in the pharmacy world, with 25 years' experience, helping over 1.4 million patients in England manage their NHS prescriptions from request through to delivery. We are Great Place to Work certified as we consider colleague experience a top priority every day. Our people are fundamental to our success and ensuring we achieve our vision to be a world leading, patient-centric digital healthcare provider. We are committed to continuing to develop a positive, open and honest working environment for all.


We an exciting new opportunity available for a skilled Security Tester with strong experience in data security, privacy, and integrity testing. This role involves identifying vulnerabilities in systems, applications, and data pipelines, and ensuring that sensitive data is protected against unauthorised access, leakage, and corruption.


The successful candidate will have a solid understanding of both offensive and defensive security techniques, as well as hands-on experience with data governance and compliance frameworks. If you have strong experience in automation testing and tools used to mature the wider QA framework, then we would be keen to hear from you!

What's in it for you?

Occupational sick pay


Enhanced maternity and paternity pay


Contributory pension


Discounted insurance (Aviva)


Employee discount site


Discounted gyms (via our blue light card and benefits schemes)


Employee assistance programme


In-house mental health support


Free onsite parking


Health and wellbeing initiatives


Social events throughout the year


Cycle to work scheme


Green car scheme*(subject to minimum earnings)


Registration fees paid (GPhC, NMC, CIPD etc)


Long service bonus


Refer a friend bonus


Blue light card


Hybrid working


Commitment to CPD/training


25 days annual leave increasing with service


Annual leave buy and sell scheme


Discounts & Exclusive offers at The Springs, Leeds


25% Discount & health & beauty purchases


25% Discount on Pharmacy2U Private Online Doctor Services

What you'll be doing?

Conduct penetration testing, vulnerability assessments, and security audits across applications, networks, and data environments. Test and validate data encryption, access controls, and data masking mechanisms. Collaborate with data engineering and analytics teams to ensure secure data pipelines and storage solutions. Simulate attacks to identify weaknesses in data handling and transmission. Review and test data governance policies for compliance with GDPR, and other relevant regulations. Develop and maintain automated security testing scripts and tools. Document findings and provide actionable recommendations to development and infrastructure teams. Stay up-to-date with emerging threats, vulnerabilities, and mitigation strategies.

Who are we looking for?

Solid understanding of Agile principles and Scrum methodology. Proven ability to define, prioritise, and deliver high-quality software features. Strong communication, organisational, and interpersonal skills. Ability to manage multiple priorities in a fast-paced environment. Experience with SQL, NoSQL, and big data platforms (e.g., Hadoop, Spark). Knowledge of cloud security (AWS, Azure, GCP) and data access controls. Proficiency in scripting languages (e.g., Python, Bash) for automation. Certifications such as OSCP, CEH, CISSP, or GIAC are a plus. Experience with product management tools (e.g., Jira, Confluence, Azure DevOps). Background in SaaS, FinTech, HealthTech, or eCommerce (customize based on your industry). Familiarity with UX/UI principles and user-centric design. Working knowledge of data privacy laws and compliance standards. Experience with DevSecOps and integrating security into CI/CD pipelines. Exposure to machine learning models and their security implications.

What happens next?

Please click apply and if we think you are a good match, we will be in touch to arrange an interview.


Applicants must prove they have the right to live in the UK.


All successful applicants will be required to undergo a DBS check.


Unsolicited agency applications will be treated as a gift.