At a Glance
- Tasks: Perform hands-on ethical hacking to protect easyJet's digital services.
- Company: Join easyJet, Europe's iconic low-cost airline with a collaborative culture.
- Benefits: Enjoy competitive salary, bonuses, flexible benefits, and excellent staff travel perks.
- Other info: Hybrid working environment with opportunities for continuous learning and career growth.
- Why this job: Make a real impact on cyber security for millions of customers across Europe.
- Qualifications: Experience in penetration testing and knowledge of common attack techniques required.
The predicted salary is between 68205 - 80000 £ per year.
We are easyJet - a FTSE listed, £multi-billion low‑cost airline that serves tens of millions of customers every single year. We fly more than 1,207 routes, connecting 38 countries across Europe, and employ more than 18,000 colleagues. We’re on a mission to make low-cost travel easy.
What makes us easyJet? Our Promise Behaviours - we are Safe, Bold, Welcoming and Challenging. Four Behaviours. One Spirit. One easyJet.
Read on if you:
- Have hands‑on penetration testing experience
- Enjoy solving complex security challenges and thinking like an attacker
- Are passionate about improving cyber security services and processes
- Love collaborating with teams across technology and security
- Want to help protect the digital services used by millions of customers across Europe
THE TEAM
The Cyber Test Services team plays a vital role in protecting easyJet’s digital landscape. We provide penetration testing and security assurance across our technology estate, acting as the hands‑on ethical hackers within the wider Digital Safety function. Working closely with Risk & Assurance, Compliance, and Technical Assurance teams, we help identify vulnerabilities, strengthen defences, and support regulatory and security standards across the business.
THE ROLE
As a Digital Safety Penetration Tester, you’ll perform hands‑on ethical hacking engagements across a diverse range of applications, APIs, infrastructure, and cloud environments. You’ll take ownership of penetration testing engagements from planning through to reporting and remediation support, helping us proactively identify and reduce cyber risk.
Key Responsibilities:
- Planning and executing penetration tests across web and mobile applications, APIs, corporate networks, and cloud platforms including AWS, Azure, and Google Cloud
- Identifying and safely exploiting vulnerabilities using a range of testing tools, techniques, and manual methods
- Producing detailed technical reports and clear executive summaries with practical remediation guidance
- Working closely with developers, product owners, and security teams to support remediation and re‑testing activities
- Supporting security assurance activities linked to audits, compliance requirements, and risk management
- Contributing to process improvements, testing methodologies, automation initiatives, and service enhancements
- Staying up to date with emerging threats, vulnerabilities, and security research, sharing insights with the wider team
- Collaborating with both internal stakeholders and external security testing partners
Requirements of the Role:
- Experience or strong practical exposure to penetration testing
- Knowledge of common attack techniques such as SQL injection, cross‑site scripting, and privilege escalation
- Understanding of web technologies, APIs, networking fundamentals, and operating system security basics
- Familiarity with industry‑standard penetration testing tools, frameworks, and methodologies including OWASP Top 10
- The ability to clearly communicate technical findings to both technical and non‑technical audiences
- Strong analytical skills, attention to detail, and a proactive approach to problem solving
- A collaborative mindset with the ability to manage tasks independently and work effectively across teams
- A passion for continuous learning and keeping up to date with the evolving cyber threat landscape
It would be great if you also have:
- Certifications such as CREST CRT, OSCP, eJPT, or similar
- Experience with cloud security, DevOps environments, or CI/CD pipelines
- Scripting or automation skills in Python, PowerShell, or Bash
- Knowledge of security standards or frameworks such as ISO 27001, PCI DSS, or NIST
- Experience contributing to process improvements, tooling enhancements, or service development initiatives
WHAT YOU'LL GET IN RETURN:
- Competitive base salary
- Up to 20% bonus
- 25 days holiday plus bank holidays
- BAYE, SAYE and performance share schemes
- 7% pension contribution
- Life assurance
- Flexible benefits package
- Excellent staff travel benefits
PRACTICALITIES:
This is a full‑time position. We support hybrid working and spend time together as a team in our Luton HQ offices.
REASONABLE ADJUSTMENTS:
At easyJet, we are dedicated to fostering an inclusive workplace that reflects the diverse customers we serve across Europe. We welcome candidates from all backgrounds. If you require specific adjustments or support during the application or recruitment process, please contact us at ma.recruitment@easyjet.com.
Digital Safety Penetration Tester employer: Easyjet
At easyJet, we pride ourselves on being a dynamic and inclusive employer that values collaboration and innovation. As a Digital Safety Penetration Tester, you'll thrive in a fast-paced environment where your expertise will directly contribute to safeguarding millions of customers across Europe. With competitive salaries, generous holiday allowances, and a commitment to employee growth through continuous learning opportunities, easyJet is not just a workplace; it's a community dedicated to making low-cost travel easy and secure.
StudySmarter Expert Advice🤫
We think this is how you could land Digital Safety Penetration Tester
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Easyjet, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Easyjet
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Easyjet. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Digital Safety Penetration Tester
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Easyjet insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Easyjet that you’re committed to staying ahead in the game.
How to prepare for a job interview at Easyjet
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Easyjet to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Easyjet.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
