At a Glance
- Tasks: Lead web application and API penetration testing while mentoring junior team members.
- Company: A leading enterprise organisation with a strong focus on cyber security.
- Benefits: Competitive salary, bonus, hybrid work, and continuous learning opportunities.
- Other info: Collaborative culture focused on mentoring and professional growth.
- Why this job: Become a trusted security advisor and tackle complex testing challenges.
- Qualifications: Strong experience in penetration testing and relevant industry certifications preferred.
The predicted salary is between 70000 - 85000 £ per year.
A leading enterprise organisation is seeking a Senior Information Security Tester / Senior Penetration Tester to join a growing cyber security function. This is a highly visible, hybrid role combining hands-on penetration testing with strategic input, stakeholder engagement, and mentoring responsibilities. This position is ideal for a well-rounded security professional who can act as a “go-to” resource across the business.
You will deliver a mix of web application and API penetration testing, security assessments, and advisory work - going beyond pure testing to help shape how security engagements are approached, scoped, and executed.
Key Responsibilities- Perform web application, API, and infrastructure penetration testing.
- Lead and contribute to end-to-end security assessments, from scoping through to reporting and remediation advice.
- Act as a subject matter expert, providing guidance to internal teams on testing strategies and best practice.
- Support and mentor junior team members, raising overall security capability.
- Contribute to secure design and vulnerability management discussions across the business.
- Engage with stakeholders to clearly communicate risks and remediation actions.
- Strong experience in web application and API penetration testing (core focus).
- Broad technical capability across multiple domains – a true “jack of all trades” with deep specialism.
- Experience delivering practical security guidance, not just identifying vulnerabilities.
- Understanding of penetration test scoping and methodology design.
- Exposure to malware development and advanced testing techniques.
- Knowledge of PCI-DSS and regulated environments.
- Relevant industry certifications (e.g. OSCP, CREST, GIAC or similar) preferred.
- Strong communication skills, with the ability to influence both technical and non-technical stakeholders.
- Opportunity to operate as a trusted security advisor, not just a tester.
- Hybrid role balancing hands-on technical work with strategic influence.
- Access to complex, large-scale environments and varied testing challenges.
- Collaborative culture with a strong focus on learning, mentoring, and continuous improvement.
This is an excellent opportunity for a senior tester looking to step into a broader, more consultative role while still remaining technically hands-on.
Penetration Tester in Portsmouth employer: Sanderson
Join a leading enterprise organisation that values innovation and collaboration, offering a dynamic work culture where your expertise as a Senior Penetration Tester will be recognised and rewarded. With a strong emphasis on employee growth, you will have the opportunity to mentor junior team members while engaging in complex security challenges that enhance your skills and career trajectory. Enjoy the flexibility of a hybrid role that allows you to balance hands-on technical work with strategic influence, all within a supportive environment that prioritises continuous learning and improvement.
StudySmarter Expert Advice🤫
We think this is how you could land Penetration Tester in Portsmouth
✨Tip Number 1
Network like a pro! Reach out to your connections in the cybersecurity field, attend meetups, and engage in online forums. The more people you know, the better your chances of landing that dream role.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, including any web applications or APIs you've worked on. This will give potential employers a taste of what you can do beyond just a CV.
✨Tip Number 3
Prepare for interviews by brushing up on your communication skills. You’ll need to explain complex security concepts to both technical and non-technical stakeholders, so practice articulating your thoughts clearly and confidently.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for talented individuals like you. Plus, it’s a great way to get noticed by our hiring team directly.
We think you need these skills to ace Penetration Tester in Portsmouth
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the Senior Penetration Tester role. Highlight your web application and API penetration testing experience, and don’t forget to mention any relevant certifications like OSCP or CREST.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this hybrid role. Talk about your hands-on experience and how you can contribute to shaping security engagements while mentoring junior team members.
Showcase Your Communication Skills:Since this role involves engaging with both technical and non-technical stakeholders, make sure to demonstrate your communication skills in your application. Use clear language and examples that show how you’ve influenced others in past roles.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands and shows us you’re serious about joining our collaborative culture at StudySmarter!
How to prepare for a job interview at Sanderson
✨Know Your Stuff
Make sure you brush up on your web application and API penetration testing skills. Be ready to discuss specific methodologies you've used in past projects, as well as any advanced techniques you've employed. This role requires a deep understanding of security assessments, so be prepared to showcase your expertise.
✨Showcase Your Mentoring Skills
Since this position involves mentoring junior team members, think of examples where you've guided others in the past. Highlight your ability to communicate complex security concepts clearly to both technical and non-technical stakeholders. This will demonstrate that you're not just a tester, but also a trusted advisor.
✨Engage with Stakeholders
Prepare to discuss how you've previously engaged with stakeholders to communicate risks and remediation actions. Think about specific instances where your communication made a difference in a project. This shows that you can bridge the gap between technical details and business needs.
✨Stay Current with Industry Standards
Familiarise yourself with relevant industry certifications and standards like PCI-DSS. Be ready to discuss how these frameworks influence your approach to penetration testing and security assessments. Showing that you’re up-to-date with regulations will set you apart as a knowledgeable candidate.
