Senior Penetration Tester

Senior Penetration Tester

Full-Time 60000 - 80000 £ / year (est.) Home office (partial)
Bridewell

At a Glance

  • Tasks: Lead high-quality penetration tests and deliver impactful security assessments for diverse clients.
  • Company: Join Bridewell, a fast-growing leader in the UK Cyber Security sector.
  • Benefits: Enjoy competitive salary, flexible working, dedicated training budget, and 25 days holiday.
  • Other info: Be part of a carbon negative business committed to sustainability and inclusivity.
  • Why this job: Make a real difference in cyber security while developing your skills in an exciting environment.
  • Qualifications: Strong experience in penetration testing and client-facing roles; certifications preferred.

The predicted salary is between 60000 - 80000 £ per year.

Description

As a result of growth, we are looking for an experienced Senior Penetration Tester with solid experience of infrastructure and web application testing to deliver testing engagements on a range of key client work.

This is an excellent opportunity for a highly motivated and determined Penetration Tester to continue their development and work on a range of exciting projects.

As well as delivering testing, Bridewell ensures each consultant has access to a dedicated annual team budget for personal development.

This gives access to CREST, Cyber Scheme exams, online platforms such as Hack the Box, TSCM and Try Hack Me, and many other training courses.

There is also dedicated time to carry out research and assist with developing new testing methodologies and techniques.

Requirements

  • Deliver and lead high quality offensive security assessments (web application, API and infrastructure), meeting client expectations
  • Get involved in and lead on team assessments as required
  • Produce written and verbal reports to clients to an excellent standard.
  • Support the sales team with pre-sales and assist with technical input into tenders and proposals
  • Carry out research and service development when not on client deliverable work that can be used to enhance our services to clients
  • Perform report QA.
  • Work with teams across the business, providing the latest technical knowledge to collaborate on interesting client projects.

You will need to have experience in

  • Strong experience in a client-facing role. Customer oriented and able to communicate with all levels of an organisation with appropriate technical content.
  • Highly proficient in performing a variety of penetration tests such as infrastructure, web application API testing and device configuration reviews, etc.
  • CREST Certified Tester (CCT) or Cyber Scheme Team Leader (CSTL) with infrastructure specialism
  • NCSC CHECK Team Leader (CTL) with at least Principal Cyber Security Professional (Pri CSP) title
  • Self-motivated and able to work independently and as part of a larger team
  • Produce high-quality technical and executive reports tailored to both technical and non-technical audiences.
  • Holds or is able to obtain a minimum of SC clearance

Desirable

  • OSCP, OSCE, CRTO
  • Knowledge of cloud security (AWS, Azure, GCP)
  • Experience in LLM/AI testing
  • Experience in Adversary Simulation / Red Teaming
  • Proficiency in coding or scripting (Python, Powershell, Bash)

Benefits

Why Join Us?

Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of

Do the Right Thing, One Team and Above and Beyond emphasises the importance of the part we play in society, and our commitment to our people and clients.

Our story to-date has been phenomenal, but success doesn’t end here and as we continue to grow and scale, we want to keep the same culture, passion and commitment to high quality that has enabled us to get this far.

Bridewell will provide a great career opportunity with continual development as well as the following:

  • Competitive Salary
  • 25 Days Holiday - Plus buy and sell options
  • Flexible Working (around core office hours)
  • Company Pension
  • Employee Shareholder Scheme
  • Dedicated Training Budget
  • Life Assurance
  • Cycle to Work Scheme
  • Electric Vehicle Scheme
  • Private Healthcare (incl. Gym discounts)
  • Vision Care
  • Birthday off (After 1 year)
  • About Bridewell

One of the most exciting prospects in the UK Cyber Security sector today, Bridewell is one of the fastest growing Cyber Security services businesses with a strong track record for delivering complex security projects and providing excellent customer service.

Bridewell has an exciting and varied portfolio of clients across Financial Services, Manufacturing, Oil & Gas, Government, Critical National Infrastructure and more.

Bridewell holds the Gold level Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly One Team.

Along with our focus on our people, we also have a big focus on sustainability and recognise the role we play in the fight against climate change.

Today, Bridewell is proud to be a carbon negative business.

Location: Bridewell operates a hybrid and flexible working policy, however you will be required to travel to different sites on occasion.

Bridewell values diversity in the workplace and is a fair and equal opportunity employer.

We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.

Senior Penetration Tester employer: Bridewell

Bridewell is an exceptional employer that prioritises employee well-being and professional development, offering a hybrid working policy that promotes work-life balance. With a strong focus on performance incentives, private healthcare, and a dedicated training budget, employees are empowered to grow their skills while contributing to meaningful client engagements in the dynamic field of data privacy. Join us in a collaborative culture where your expertise will help shape the future of cyber security compliance.

Bridewell

Contact Details:

Bridewell Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior Penetration Tester

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Bridewell, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Bridewell

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Bridewell. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Senior Penetration Tester

Penetration Testing
Infrastructure Testing
Web Application Testing
API Testing
Device Configuration Reviews
CREST Certified Tester (CCT)
Cyber Scheme Team Leader (CSTL)

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Bridewell insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Bridewell that you’re committed to staying ahead in the game.

How to prepare for a job interview at Bridewell

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Bridewell to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Bridewell.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.