Digital Safety Penetration Tester in Luton

We are easyJet – a FTSE listed, £multi‑billion low‑cost airline that serves tens of millions of customers every single year. We fly more than 1,207 routes, connecting 38 countries across Europe, and employ more than 18,000 colleagues. We’re on a mission to make low‑cost travel easy – and whatever your role here, you’ll connect millions of people to what they love using Europe’s best airline network, great value fares, and friendly service.

What makes us easyJet?

• Enjoy solving complex security challenges and thinking like an attacker
• Are passionate about improving cyber security services and processes
• Love collaborating with teams across technology and security
• Want to help protect the digital services used by millions of customers across Europe

The Team

The Cyber Test Services team plays a vital role in protecting easyJet’s digital landscape. We provide penetration testing and security assurance across our technology estate, acting as the hands‑on ethical hackers within the wider Digital Safety function. Working closely with Risk & Assurance, Compliance, and Technical Assurance teams, we help identify vulnerabilities, strengthen defences, and support regulatory and security standards across the business.

The Role

As a Digital Safety Penetration Tester, you’ll perform hands‑on ethical hacking engagements across a diverse range of applications, APIs, infrastructure, and cloud environments. You’ll take ownership of penetration testing engagements from planning through to reporting and remediation support, helping us proactively identify and reduce cyber risk.

You’ll be responsible for:

• Planning and executing penetration tests across web and mobile applications, APIs, corporate networks, and cloud platforms including AWS, Azure, and Google Cloud
• Identifying and safely exploiting vulnerabilities using a range of testing tools, techniques, and manual methods
• Producing detailed technical reports and clear executive summaries with practical remediation guidance
• Working closely with developers, product owners, and security teams to support remediation and re‑testing activities
• Supporting security assurance activities linked to audits, compliance requirements, and risk management
• Contributing to process improvements, testing methodologies, automation initiatives, and service enhancements
• Staying up to date with emerging threats, vulnerabilities, and security research, sharing insights with the wider team
• Collaborating with both internal stakeholders and external security testing partners

Requirements of the Role

What we’re looking for:

• Experience or strong practical exposure to penetration testing
• Knowledge of common attack techniques such as SQL injection, cross‑site scripting, and privilege escalation
• Understanding of web technologies, APIs, networking fundamentals, and operating system security basics
• Familiarity with industry‑standard penetration testing tools, frameworks, and methodologies including OWASP Top 10
• The ability to clearly communicate technical findings to both technical and non‑technical audiences
• Strong analytical skills, attention to detail, and a proactive approach to problem solving
• A collaborative mindset with the ability to manage tasks independently and work effectively across teams
• A passion for continuous learning and keeping up to date with the evolving cyber threat landscape

It would be great if you also have:

• Certifications such as CREST CRT, OSCP, eJPT, or similar
• Experience with cloud security, DevOps environments, or CI/CD pipelines
• Scripting or automation skills in Python, PowerShell, or Bash
• Knowledge of security standards or frameworks such as ISO 27001, PCI DSS, or NIST
• Experience contributing to process improvements, tooling enhancements, or service development initiatives

What you’ll get in return:

• Up to 20% bonus
• BAYE, SAYE and performance share schemes
• Life assurance
• Flexible benefits package
• Excellent staff travel benefits

Practicalities

This is a full‑time position. We support hybrid working and spend time together as a team in our Luton HQ offices.

Reasonable Adjustments

At easyJet, we are dedicated to fostering an inclusive workplace that reflects the diverse customers we serve across Europe. We welcome candidates from all backgrounds. If you require specific adjustments or support during the application or recruitment process, such as extra time for assessments or accessible interview locations, please contact us at ma.recruitment@easyjet.com.