At a Glance
- Tasks: Conduct exciting penetration tests and mentor junior testers in a dynamic environment.
- Company: Join OnSecurity, a fast-growing cybersecurity scale-up redefining pentesting with AI.
- Benefits: Enjoy 30 days paid leave, private health insurance, and a competitive salary.
- Other info: Collaborative culture with regular socials and a focus on work-life balance.
- Why this job: Make a real impact in cybersecurity while enjoying flexibility and growth opportunities.
- Qualifications: 2+ years of pentesting experience and strong communication skills required.
The predicted salary is between 28000 - 48000 £ per year.
AI-Augmented Pentesting: Human Expertise Where It Matters Most. At OnSecurity, we’re redefining cybersecurity through AI-augmented penetration testing — the perfect blend of AI efficiency and human ingenuity. We deliver comprehensive, CREST-approved testing that saves time and money without compromising quality. Our all-in-one platform combines AI-driven automation with expert human insight to provide faster, more accurate results. The outcome? Streamlined testing, actionable intelligence, and security at scale. We’re revolutionising how organisations protect their digital assets helping businesses stay secure, resilient, and one step ahead of threats.
Working Hours and Location
We are based in the UK with employees working remotely. Some roles may have hybrid preference depending on the team. You can ask us about the best working hours and work setup in the recruitment process if there’s something that’s important to you. We try to be as flexible as possible. All we ask is that everyone is online between our core hours of 10:00-16:00 (UK time) so that everyone overlaps for the majority of the day. It’s up to you and your manager to find the right schedule that works for you and your team.
Role Purpose
As a Penetration Tester, you’ll play a central role in delivering high-quality, manual security testing to OnSecurity clients across a variety of sectors. You’ll take ownership of full test cycles; scoping, delivery, reporting, and client communication while helping to mentor junior testers and enhance OnSecurity’s technical capabilities. This role blends autonomy, technical depth, and real impact.
Role Importance, Responsibilities and Impact
What you will be doing:
- Delivering web, API, mobile, and infrastructure penetration tests remotely.
- Identifying, analysing, and exploiting vulnerabilities beyond automated tools.
- Producing detailed, high-quality reports for developers and security teams.
- Collaborating with internal testers to refine methodologies and tooling.
- Contributing to TestNet and methodology development.
- Mentoring Junior testers.
What you won’t be doing:
- Following rigid scripts, you’ll be encouraged to think critically and creatively.
- Getting lost in bureaucracy, we empower our testers to deliver results via our intuitive portal.
Timeline for Role Expectations
- Within 1 month: Become familiar with our testing platform and delivery process.
- Within 3 months: Lead your own engagements end-to-end and produce client-ready reports.
- Within 6 months: Contribute to internal tooling, mentor junior testers, and help shape new methodologies.
About You
This role is a great fit if you…
- Minimum 2 years’ experience delivering penetration tests in one or more disciplines.
- Strong knowledge of OWASP Top 10 and common vulnerability classes.
- Excellent written and verbal communication skills.
- Enthusiastic team player who values collaboration and quality delivery.
Compensation
What you will get for your hard work…. A competitive compensation package. The salary range for this role is roughly £35k – £60k annually, depending on experience. Work at one of the fastest-growing Cyber Security Scale-Ups revolutionising pentesting. A clear progression plan. We want you to keep growing. That means trying new things, leading others, challenging the status quo and owning your impact, always with our complete support. Flexibility: We promote life-work balance at OnSecurity. We encourage everyone on our team to enjoy their life and ensure they have the balance they need to reach their full potential. Work where you work best. We’re a distributed team. If you live in Bristol, we have a hybrid approach, if this is something that fits for your team. Otherwise, we are remote, and so we build our ways of working around this.
Other benefits
- 30 days of paid annual leave, plus bank holidays.
- Company Pension Scheme.
- Private Health Insurance with Vitality.
- Employee Assistance Program (EAP).
- Group Life Assurance (x4 salary).
- Enhanced Maternity, Paternity, and Adoption Leave.
- Paid study leave for employees to level up their skills.
- Mentorship and Coaching.
- Annual Performance reviews and recognition for high performance.
- Regular socials and activities, online and in-person.
Penetration Tester in Bristol employer: Onsecurity
At OnSecurity, we pride ourselves on being an exceptional employer that champions flexibility and work-life balance, allowing our Penetration Testers to thrive in a supportive environment. With a commitment to employee growth through mentorship, competitive compensation, and a clear progression plan, we empower our team to innovate and make a real impact in the cybersecurity landscape. Our hybrid working model, especially for those based in Bristol, ensures that you can work where you feel most productive while enjoying a comprehensive benefits package that includes private health insurance and generous leave policies.
StudySmarter Expert Advice🤫
We think this is how you could land Penetration Tester in Bristol
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Onsecurity, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Onsecurity
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Onsecurity. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Penetration Tester in Bristol
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Onsecurity insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Onsecurity that you’re committed to staying ahead in the game.
How to prepare for a job interview at Onsecurity
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Onsecurity to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Onsecurity.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
