Penetration Tester

We are Bugcrowd. Since 2012, we’ve been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Security Knowledge Platform™. Our network of hackers brings diverse expertise to uncover hidden weaknesses, adapting swiftly to evolving threats, even against zero‑day exploits.

With unmatched scalability and adaptability, our data and AI‑driven CrowdMatch™ technology in our platform finds the perfect talent for your unique fight. We aim to create a new era of modern crowdsourced security that outpaces threat actors.

Role Responsibilities

• Conduct Structured Testing to Identify Security Vulnerabilities: Demonstrate a functional understanding of modern attack vectors and penetration testing software as well as be technically capable of using them in the identification of security vulnerabilities in Web applications, APIs and network infrastructure. Consistently complete assigned penetration tests within allocated timeframes, and in accordance with our methodologies.
• Continuous Learning: Actively engage in keeping up to date with fundamental security concepts and core testing tools, applying newly acquired knowledge under instruction and supervision.
• Problem Identification & Escalation: Promptly identify and effectively communicate technical blockers or concerns to mentors or Technical Pentest Managers as needed, actively seeking clarification and guidance to avoid missteps.
• Team Support & Documentation: Assist in test retrospectives, documentation of processes, and provide support to more senior team members as directed by the team lead or manager.
• Working Hours: Be able to execute testing within UK core business hours (09:00 - 17:30 GMT). Some tests may fall outside of these hours, but the majority of tests will need to be completed within this timeframe.

Desired Skills & Experience

• Experience: 6+ months as a penetration tester (or equivalent demonstrable experience) with a foundational understanding of wider cybersecurity concepts and best practices.
• Technical Skills: Familiarity with commonly used security testing tools (e.g. BurpSuite, Nmap) and approach to penetration testing activities.
• Soft Skills: Strong desire to learn, good communication skills for peer and mentor interactions, and the ability to follow instructions. Strong written and spoken business English (C1+ or native fluency).
• Certifications: Certifications such as CEH (Certified Ethical Hacker), OSCP+ (Offensive Security Certified Professional), CPSA (CREST Practitioner Security Analyst) are considered a plus.

Working Conditions and Physical Requirements

• The ideal candidate must be able to complete all physical requirements of the job with or without reasonable accommodation. Sitting and/or standing – Must be able to remain in a stationary position 50% of the time.
• Carrying and/or lifting – Must be able to carry/move laptop as needed throughout the work day.
• Environment – remote, work‑from‑home 100% of the time.

Disclaimer

This position has access to highly confidential, sensitive information relating to the technologies of Bugcrowd. It is essential that the applicant possess the requisite integrity to maintain the information in the strictest confidence. The company is authorized to obtain background checks for employment purposes under state and federal law. Background checks will be conducted for positions that involve access to confidential or proprietary information (including trade secrets). Background checks may include Social Security verification, prior employment verification, personal and professional references, educational verification, and criminal history. Applicants with conviction histories will not be excluded from consideration to the extent required by law.

Equal Employment Opportunity

Bugcrowd is EOE, Disability/Age Employer. Individuals seeking employment at Bugcrowd are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. Bugcrowd is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Bugcrowd will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact HR at ADA at bugcrowd.com.

Apply at: https://www.bugcrowd.com/about/careers/