Penetration Tester

As a result of growth, we are looking for an experienced Penetration Tester with solid experience of infrastructure and web application testing to deliver testing engagements on a range of key client work. 

This is an excellent opportunity for a highly motivated and determined Penetration Tester to continue their development and work on a range of exciting projects. As well as delivering testing, Bridewell ensures each consultant has access to a dedicated annual team budget for personal development. This gives access to CREST, Cyber Scheme exams, online platforms such as Hack the Box, TSCM and TryHackMe, and many other training courses. There is also dedicated time to carry out research and assist with developing new testing methodologies and techniques.  

• →Deliver and lead high quality offensive security assessments (web application, API and infrastructure), meeting client expectations
• →Get involved in and lead on team assessments as required
• →Produce written and verbal reports to clients to an excellent standard.
• →Support the sales team with pre-sales and assist with technical input into tenders and proposals
• →Carry out research when not on client deliverable work that can be used to enhance our services to clients
• →Work with teams across the business, providing the latest technical knowledge to collaborate on interesting client projects.

• Strong experience in a client-facing role. Customer oriented and able to communicate with all levels of an organisation with appropriate technical content.
• Proficient in performing a variety of penetration tests such as infrastructure, web application API testing and device configuration reviews, etc.
• CREST Registered Tester (CRT) or Cyber Scheme Team Member (CSTM) - mandatory
• NCSC CHECK Team Member (CTM) with at least Practitioner Cyber Security Professional (PraCSP) title  - mandatory.
• Self-motivated and able to work independently and as part of a larger team
• Produce high-quality technical and executive reports tailored to both technical and non-technical audiences.
• Holds or is able to obtain a minimum of SC clearance

• OSCP, OSCE, CRTO,
• Knowledge of cloud security (AWS, Azure, GCP)
• Experience in LLM/AI testing
• Proficiency in coding or scripting (Python, Powershell, Bash)

One of the most exciting prospects in the UK Cyber Security sector today, Bridewell is one of the fastest growing Cyber Security services businesses with a strong track record for delivering complex security projects and providing excellent customer service. Bridewell has an exciting and varied portfolio of clients across Financial Services, Manufacturing, Oil & Gas, Government, Critical National Infrastructure and more. Bridewell holds the Gold level Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly One Team.

Along with our focus on our people, we also have a big focus on sustainability and recognise the role we play in the fight against climate change. Today, Bridewell is proud to be a carbon negative business.