Digital Safety Penetration Tester in Luton

About easyJet: easyJet is a FTSE-listed, multi‑billion‑pound low‑cost airline that serves tens of millions of customers each year and operates a network of over 1,200 routes across 38 European countries.

Role Overview: As a Digital Safety Penetration Tester you will perform hands‑on ethical hacking engagements across a diverse range of applications, APIs, infrastructure, and cloud environments, from planning through to reporting and remediation support.

Key Responsibilities:

• Plan and execute penetration tests for web and mobile applications, APIs, corporate networks, and cloud platforms including AWS, Azure, and Google Cloud.
• Identify and safely exploit vulnerabilities using a range of testing tools, techniques, and manual methods.
• Produce detailed technical reports and clear executive summaries with practical remediation guidance.
• Work closely with developers, product owners, and security teams to support remediation and re‑testing activities.
• Support security assurance activities linked to audits, compliance requirements, and risk management.
• Contribute to process improvements, testing methodologies, automation initiatives, and service enhancements.
• Stay up to date with emerging threats, vulnerabilities, and security research and share insights with the wider team.
• Collaborate with internal stakeholders and external security testing partners.

Required Qualifications:

• Experience or strong practical exposure to penetration testing.
• Knowledge of common attack techniques such as SQL injection, cross‑site scripting, and privilege escalation.
• Understanding of web technologies, APIs, networking fundamentals, and operating system security basics.
• Familiarity with industry‑standard penetration testing tools, frameworks, and methodologies including OWASP Top 10.
• Ability to clearly communicate technical findings to both technical and non‑technical audiences.
• Strong analytical skills, attention to detail, and a proactive approach to problem solving.
• Collaboration mindset with the ability to manage tasks independently and work effectively across teams.
• Passion for continuous learning and keeping up to date with the evolving cyber threat landscape.

Nice to Have:

• Certifications such as CREST CRT, OSCP, eJPT, or similar.
• Experience with cloud security, DevOps environments, or CI/CD pipelines.
• Scripting or automation skills in Python, PowerShell, or Bash.
• Knowledge of security standards or frameworks such as ISO 27001, PCI DSS, or NIST.
• Experience contributing to process improvements, tooling enhancements, or service development initiatives.

Benefits:

• Competitive base salary.
• Up to 20% bonus.
• 25 days holiday plus bank holidays.
• BAYE, SAYE and performance share schemes.
• 7% pension contribution.
• Life assurance.
• Flexible benefits package.
• Excellent staff travel benefits.

Practicalities:

This is a full‑time position with support for hybrid working and on‑site time at our Luton HQ.

Reasonable Adjustments: We are committed to providing reasonable adjustments throughout the recruitment process to ensure accessibility and accommodation. If you require specific adjustments or support, please contact.