Find your next tech and IT Job or contract role.

This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Lead Test Engineer (Security) with great technical skills able to coach and mentor other testers and lead the non-functional testing workstream focused on Security testing. You will be part of our lead tester group, working collaboratively with your team and overseeing the testing journey with management responsibilities. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House. Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%. We're able to consider both full-time and part-time working patterns for this opportunity. For part-time, this must be a minimum of 30 hours per week, over 4 or 5 days. Please note - Companies House cannot offer Visa sponsorship to candidates through this campaign. Additionally, a Security Check (SC) is an essential requirement for this role (at least 3 out of the last 5 years in the UK). Please see 'Things you need to know' section below for more information. Job description As a Lead Test Engineer focusing on security, you will: Take ownership of security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, and testing security-related issues. As a manager, you will provide advice, coaching and mentoring to testers on non-functional testing subjects such as security testing. Attend meetings and provide stakeholders with updates. Design and execute manual and automated security test cases using standard testing techniques. Design and implement pipeline solutions to support automated security testing and reporting. For more information on the Test Engineering profession and skills expected of a Lead, head over to the . Person specification We are looking for the following experience, which will be assessed at sift and at interview. Proven experience of coaching and mentoring direct reports. A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, or evidence that you are working towards this or have proven working experience. Experience of non-functional testing practices with a strong focus on Security Testing. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2 / OpenID Connect - for testing secure authentication and access control scenarios. Jenkins or Concourse - for integrating security testing into CI/CD pipelines. Unix/Linux-based systems - for using command-line tools, scripting, and log analysis. AWS (or similar cloud provider) - with a focus on IAM, S3 access controls, and common misconfiguration risks. SQL / MongoDB / Oracle - for testing injection flaws, access controls, and data sanitisation. Karate DSL or Rest Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each category. Benefits Alongside your salary of £41,571, Companies House contributes £12,043 towards you being a member of the Civil Service Defined Benefit Pension scheme. We offer an excellent benefits package that includes: a generous 30 days annual leave plus 8 bank holidays and 1 privilege day enrolment into the Civil Service Pension Scheme with a contribution rate of averaging 28% a range of recognition schemes including instant awards to thank and recognise each others efforts and contributions strong ethos of equality, diversity and inclusion great work life balance with flexible and mobile working available for many roles a pro-active approach to employee wellbeing that allows our employees to flourish and be their best at work and has enabled us to become an Investors In People platinum accredited employer online financial support and advice seasonal flu jabs generous maternity, paternity, adoption and shared parental leave allowances a focus on career development and progression a number of inclusive network groups to support our colleagues and a great sports and social society cycle to work scheme staff discount scheme holiday play scheme for children 3 days paid volunteering leave Next Steps Click 'Apply Now' to be taken to our main advert Civil Service Jobs where you can see more details regarding the role, the incredible benefits we have to offer and what it's like to work in Companies House. If you have any questions about the role or process, please reach out to . This role closes on 20 July 2025.

Location Remote working (anywhere in the UK) About the job Job summary This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Lead Test Engineer (Security) with great technical skills able to coach and mentor other testers and lead the non-functional testing workstream focused on Security testing. You will be part of our lead tester group, working collaboratively with your team and overseeing the testing journey with management responsibilities. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House. Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%. We're able to consider both full-time and part-time working patterns for this opportunity. For part-time, this must be a minimum of 30 hours per week, over 4 or 5 days. Please note - Companies House cannot offer Visa sponsorship to candidates through this campaign. Additionally, a Security Check (SC) is an essential requirement for this role (at least 3 out of the last 5 years in the UK). Please see 'Things you need to know' section below for more information. Job description As a Lead Test Engineer focusing on security, you will: Take ownership of security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, and testing security-related issues. As a manager, you will provide advice, coaching and mentoring to testers on non-functional testing subjects such as security testing. Attend meetings and provide stakeholders with updates. Design and execute manual and automated security test cases using standard testing techniques. Design and implement pipeline solutions to support automated security testing and reporting. For more information on the Test Engineering profession and skills expected of a Lead, head over to the . Person specification We are looking for the following experience, which will be assessed at sift and at interview. Proven experience of coaching and mentoring direct reports. A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, or evidence that you are working towards this or have proven working experience. Experience of non-functional testing practices with a strong focus on Security Testing. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2 / OpenID Connect - for testing secure authentication and access control scenarios. Jenkins or Concourse - for integrating security testing into CI/CD pipelines. Unix/Linux-based systems - for using command-line tools, scripting, and log analysis. AWS (or similar cloud provider) - with a focus on IAM, S3 access controls, and common misconfiguration risks. SQL / MongoDB / Oracle - for testing injection flaws, access controls, and data sanitisation. Karate DSL or Rest Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each category. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Leadership We only ask for evidence of these behaviours on your application form: Leadership Technical skills We'll assess you against these technical skills during the selection process: Penetration testing / ethical hacking

Job Title: Lead Test & Commissioning Engineer Location: Barrow-In-Furness, Frimley, Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £53,000 What you’ll be doing: Ensuring that the AVC System Functional Design effectively captures T&C requirements Providing support with the AVC Subsystem’s Designs incorporate provisions for T&C across all scenarios Making sure that Test Objectives are fully aligned with the AVC Delivery Strategy and the T&C programme by integrating key milestones, performance criteria and V&V processes Contributing to a robust verification framework that enhances system integrity, minimises risks and ensures successful implementation of AVC capabilities Checking that all AVC Off Boat capabilities designed to support non-installed testing are fit for purpose Incorporating lessons learned from Off Boat testing activities to refine future testing cycles and feed in to T&C to help with On Boat Verification Your skills and experiences: Essential: Demonstrable understanding of the Validation and Verification Lifecycle Previous experience working within a testing/field engineering position Detailed knowledge of safety controls & procedures in a high-risk environment Desirable: Experience commissioning Electrical, Electronic and complex software intensive systems Working understanding of complex software intensive systems Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The AVC (Active Vehicle Control) team: You will be part of a team that is responsible for the design, build, commissioning and operation of multiple testing capabilities and facilities. These capabilities will prove the operation and performance of the AVC systems that control submarine platform manoeuvrability. We offer relocation support packages across all Submarines roles, subject to meeting eligibility criteria. Why BAE Systems? This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 11th July 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-AG1 #LI-Hybrid